by Matt Johannessen

Edge compute capabilities are central to many of our customers’ missions, and are only growing in importance. For complex workloads like field forensics or digital media triage, we are seeing an increasing need to use machine learning models to process data where it is being collected.

Novetta is pairing our advanced analytics, machine learning, and IoT capabilities with Enveil’s ZeroReveal™ technology through a strategic alliance. Using homomorphic encryption, Enveil’s technology allows sensitive information to be securely processed in unsecure environments, allowing data to be searched or analyzed while it is still encrypted. The data security startup’s core technology was developed inside the National Security Agency and built out in the private sector by a team of experts with backgrounds in mathematics, algorithmics, and machine learning.

Novetta and Enveil have brought this capability to the edge by deploying it to the Snowball Edge Compute Optimized from AWS. The AWS Snowball Edge brings the power of the cloud to disconnected environments, making the full suite of AWS analytical capabilities available to those operating on the front lines.

One high-priority edge use case is the need to compare information observed in the field against a watchlist without revealing the sensitive contents of that watchlist to users or adversaries in the field.

Novetta and Enveil created an interactive prototype that illustrates the secure, end-to-end workflow of edge-based data extraction, data processing, and communication of matches (hits) to a dashboard hosted on a different network. The prototype workflow is as follows:

1. Collect Data at the Edge Using IoT Device

• For the prototype, we considered a license plate to be a good representation of information observed in the field. We simulated “license plates” by generating random text strings and printing them on cards that the participant holds in front of a Raspberry Pi camera. Images are transmitted to the AWS Snowball Edge.

2. Process Image Using Custom Object Detection Models

• Once the image is received, a custom ML model running on the AWS Snowball Edge determines if the participant is holding a “license plate.” The model was trained to identify text on cards in a conference environment.  

3. Extract Text Using Amazon Rekognition

• When the custom ML model assesses with high probability that a “license plate” has been presented in front of the camera, the AWS Snowball Edge sends the image to Amazon Rekognition to attempt text extraction. Rekognition is shown to be effective at this type of machine learning task and is a cost-effective alternative to developing custom text extraction models.

4. Check Watchlist through ZeroReveal running on Amazon Snowball

• Extracted text is returned to the Enveil ZeroReveal Server application running on the Snowball. The Enveil ZeroReveal Server app is responsible for processing the encrypted operations over the data without ever decrypting anything. Enveil compares the data input to the “secure watchlist” – a list of mission–sensitive “license plates” – and processes the information without exposing the contents of the watchlist in the untrusted environment.

5. Communicate and Display Results to Analyst in Sensitive Environment

• Like any cross-domain solution, information needs to flow to a more sensitive environment. The results are communicated back via the Enveil ZeroReveal Client application, which lives within the Enterprise’s trusted environment and is responsible for encrypting the operations/searches and decrypting the associated results. Results are visible on the analyst’s dashboard so the information can immediately be put to use, mimicking a basic tipping/queuing operation.  

This prototype exemplifies solutions enabled by Novetta’s partnership with Enveil and AWS, providing for secure deployment of cross-domain and machine learning capabilities at the edge. Using machine learning, we significantly reduce the amount of raw data transferred to sensitive networks by doing the analysis at the edge. Our ability to quickly train and deploy new machine learning models for unique mission challenges provides powerful edge capabilities for mission sets that require tailored analytics in a disconnected environment.

To get an inside look at how we set up our machine learning prototype, running on a Raspberry Pi and AWS Snowball Edge, that securely searched an encrypted watchlist without ever decrypting the data at AWS Public Sector Summit, read our follow-up blog.