Abstract: Embodiments are directed to techniques for chaining, triggering, and/or enforcing entitlements in a constrained environment. A constrained environment may be provided within with shielded assets are required to exist or execute. An entitlement may be granted on a variety of shielded assets, including datasets, computations scripts, data privacy pipelines, and intermediate datasets generated by an intermediate step of a data privacy pipeline. Thus, a beneficiary may use a granted entitlement as an input into other data privacy pipelines, without the need for the grantor to approve each specific downstream operation. The constrained environment may enforce an entitlement by fulfilling applicable constraints upon accessing the entitlement, restricting the output of the entitlement to the constrained environment, and fulfilling applicable policies when executing downstream operations.

Abstract: Embodiments are directed to techniques for enforcing entitlements used by data privacy pipelines. When a data consumer requests to trigger a pipeline that relies on an entitlement, an enforcement mechanism may operate to verify the data consumer's triggering of the pipeline will satisfy the entitlements. A rules engine may access all root entities of the pipeline that require an entitlement, load all contracts and/or corresponding pipelines that reference one of the root entities, and search for one valid access path through the loaded contracts/pipelines. If multiple contracts and/or multiple access paths allow access to a particular root entity, various conflict rules may be configured to choose which contract and access path to use. If all root entities have a valid access path, the constrained environment may execute the requested pipeline using the identified access path for each root entity.

Abstract: Embodiments are directed to techniques for enforcing entitlements used by data privacy pipelines. When a data consumer requests to trigger a pipeline that relies on an entitlement, an enforcement mechanism may operate to verify the data consumer's triggering of the pipeline will satisfy the entitlements. A rules engine may access all root entities of the pipeline that require an entitlement, load all contracts and/or corresponding pipelines that reference one of the root entities, and search for one valid access path through the loaded contracts/pipelines. If multiple contracts and/or multiple access paths allow access to a particular root entity, various conflict rules may be configured to choose which contract and access path to use. If all root entities have a valid access path, the constrained environment may execute the requested pipeline using the identified access path for each root entity.

Abstract: Embodiments of the present disclosure are directed to techniques for deriving collaborative intelligence based on constraint computing or constraint querying. At a high level, a data trustee can operate a trustee environment that derives collaborative intelligence subject to configurable constraints, without sharing raw data. The trustee environment can include a data privacy pipeline through which data can be ingested, fused, derived, and sanitized to generate collaborative data without compromising data privacy. The collaborative data can be stored and queried to provide collaborative intelligence subject to the configurable constraints. In some embodiments, the data privacy pipeline is provided as a cloud service implemented in the trustee environment and can be spun up and spun down as needed.

Abstract: Embodiments of the present disclosure are directed to techniques for deriving collaborative intelligence based on constraint computing or constraint querying. At a high level, a data trustee can operate a trustee environment that derives collaborative intelligence subject to configurable constraints, without sharing raw data. The trustee environment can include a data privacy pipeline through which data can be ingested, fused, derived, and sanitized to generate collaborative data without compromising data privacy. The collaborative data can be stored and queried to provide collaborative intelligence subject to the configurable constraints. In some embodiments, the data privacy pipeline is provided as a cloud service implemented in the trustee environment and can be spun up and spun down as needed.

Abstract: Embodiments are directed to techniques for chaining, triggering, and/or enforcing entitlements in a constrained environment. A constrained environment may be provided within with shielded assets are required to exist or execute. An entitlement may be granted on a variety of shielded assets, including datasets, computations scripts, data privacy pipelines, and intermediate datasets generated by an intermediate step of a data privacy pipeline. Thus, a beneficiary may use a granted entitlement as an input into other data privacy pipelines, without the need for the grantor to approve each specific downstream operation. The constrained environment may enforce an entitlement by fulfilling applicable constraints upon accessing the entitlement, restricting the output of the entitlement to the constrained environment, and fulfilling applicable policies when executing downstream operations.

Abstract: Embodiments of the present disclosure are directed to techniques for constraint querying that allow data consumers to query collaborative data in a trustee environment, subject to configurable constraints, to derive collaborative intelligence without exposing underlying raw data provided by the tenants or collaborative data shielded by the trustee environment. Constraints can be applied in response to a query in multiple ways, including reformatting a query prior to execution, applying constraints after executing a query, constraining eligible queries for execution, applying access constraints prior to execution, and others. To reformat a query subject to constraints, the query can be parsed into an execution tree, which can be reformatted into a constrained execution tree by replacing executable units of logic inconsistent with a particular constraint with custom executable units of logic consistent with the constraint.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for monitoring and orchestrating the use and generation of collaborative data in a trustee environment subject to configurable constraints. A user interface can be provided to enable tenants to specify desired computations and constraints on the use and access to their data. A constraint manager can communicate with various components in the trustee environment to implement the constraints. For example, requests to execute an executable unit of logic such as a command or function call may be issued to the constraint manager, which can grant or deny permission. Permission may be granted subject to one or more conditions that implement the constraints, such as requiring the replacement of a particular executable unit of logic with a constrained executable unit of logic. As constraints are applied, any combination of schema, constraints, and/or attribution metadata can be associated with the data.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments are directed to techniques for chaining, triggering, and/or enforcing entitlements in a constrained environment. A constrained environment may be provided within with shielded assets are required to exist or execute. An entitlement may be granted on a variety of shielded assets, including datasets, computations scripts, data privacy pipelines, and intermediate datasets generated by an intermediate step of a data privacy pipeline. Thus, a beneficiary may use a granted entitlement as an input into other data privacy pipelines, without the need for the grantor to approve each specific downstream operation. The constrained environment may enforce an entitlement by fulfilling applicable constraints upon accessing the entitlement, restricting the output of the entitlement to the constrained environment, and fulfilling applicable policies when executing downstream operations.

Abstract: Embodiments are directed to techniques for constructing, configuring, triggering, and executing various types of multi-party pipelines that access and/or use a shielded asset required to exist or execute within a data trustee environment. Generally, authorized participants can build upon template data privacy pipelines and other shielded assets to create other pipelines. Building blocks such as entitlements, cross-environment pipelines, and/or shielded assets governed by various collaborative intelligence contracts can be used to construct more complicated pipelines that may include any number of data privacy pipelines, cross-environment pipelines, input datasets, computational steps, output datasets, permissible queries, participants, and/or governing collaborative intelligence contracts.

Abstract: Embodiments are directed to techniques for constructing, configuring, triggering, and executing various types of multi-party pipelines that access and/or use a shielded asset required to exist or execute within a data trustee environment. Generally, authorized participants can build upon template data privacy pipelines and other shielded assets to create other pipelines. Building blocks such as entitlements, cross-environment pipelines, and/or shielded assets governed by various collaborative intelligence contracts can be used to construct more complicated pipelines that may include any number of data privacy pipelines, cross-environment pipelines, input datasets, computational steps, output datasets, permissible queries, participants, and/or governing collaborative intelligence contracts.

Abstract: Embodiments are directed to techniques for chaining, triggering, and/or enforcing entitlements in a constrained environment. A constrained environment may be provided within with shielded assets are required to exist or execute. An entitlement may be granted on a variety of shielded assets, including datasets, computations scripts, data privacy pipelines, and intermediate datasets generated by an intermediate step of a data privacy pipeline. Thus, a beneficiary may use a granted entitlement as an input into other data privacy pipelines, without the need for the grantor to approve each specific downstream operation. The constrained environment may enforce an entitlement by fulfilling applicable constraints upon accessing the entitlement, restricting the output of the entitlement to the constrained environment, and fulfilling applicable policies when executing downstream operations.