What is a “trusted middleware”?

Photo by novia wu on Unsplash

It’s a concept!

The “trusted middleware” is not a specific location, neither physical nor logical. It’s a metaphorical “place” where data and algorithms are handled so that the parties involved in the data processing can work together to create value without disclosing data or or intellectual property (this is the case for algorithms). Practically everything can act as a trusted middleware, provided that it can provide storage, computational and networking capabilities to a sandboxed environment running a specific protocol (agreed between the parties).

How it works?

I take a simple example here below to describe what is the purpose of a trusted middleware in the context of an “elabo-relation”, i.e. a relation taking place in the digital space and whose purpose is to create value through data processing.


Before putting the “trusted middleware” at work, let’s have a look to a couple of possible options describing what could happen:

OPTION 1 - Traditional and typical deployment for the example, w/o trusted middleware.

…and the corresponding alternative, which is far less frequent today:

OPTION 2 - Traditional but atypical deployment for the example, w/o trusted middleware.

Now, the problem is clear: in both the options described above, each party has complete trust over the other, but what happens when John wants to protect his own interest beyond any eventual malicious behaviour of XYZ (or viceversa)? What happens when they do not trust each other? Do they have to give up on the opportunity to exchange value?

This problem is -at least theoretically and passing through many simplifications- non so different than the one digital currencies had to resolve to avoid double spending: when parties cannot trust each other, either because they don't want to or simply because they can't, the relation cannot be based on trust over the counter part.

Instead, trust needs to be built on a common ground and should be independent from the parties themselves. One mean of trust can be a protocol, executed in a neutral environment. The neutrality of the environment could be guaranteed by the cooperation of multiple parties in a network under the rules defined in the protocol and this more or less what happens with BitCoin.

The additional complexity BitCoin had to address is the size of the network of trust, because of course a global digital currency needs to work at scale with potentially millions of parties. In the simples case of two parties, like John and XYZ, complexity can be handled in other ways. Before homomorphic computing will be a sustainable option, this is an example of an OPTION 3 for the example above, implementing a trusted middleware:

OPTION 3 - Alternative deployment with trusted middleware.

☞ The example and the OPTION 3 show that operating a digital service without compromising privacy or assets between untrusted parties is possible.

The trusted middleware, in this case an open-source software in which both parties rely, running on the consumer’s mobile device, has made it possible to handle the process. But the trusted middleware could even run in the cloud or in the service provider’s servers.

As you can see, implementing a trusted middleware is essentially a design challenge, not a technological one.

Digital Platforms @ Beretta | PhD student in Statistics & Data Science @ AEM, UNIBS | Engineer | Only personal opinions here | Code is Law (cit.)

Love podcasts or audiobooks? Learn on the go with our new app.