What is Blind Insight?¶
Warning
This document is a work-in-progress. Please pardon our dust!
Blind Insight provides a set of APIs with a supporting SDK and a graphical user interface that gives users a low-code tool to run queries on data while it's still encrypted. With a recent flux of privacy and compliance concerns surrounding data protection, a great need has arisen for tools that adequately protect data while still allowing it to be utilized in beneficial ways.
Data Model¶
The Blind Insight application is comprised of the following objects.
Datasets¶
Data in Blind Insight is grouped by Datasets. A dataset might be analogous to a database. A dataset may contain one or more “schemas”, which are used to define the shape of your data.
A dataset is pretty simple in that it’s really just a name used to categorize your data.
Dataset Object Definition¶
| Name | Description | Type |
|---|---|---|
| name | A human-readable name | string |
| description | A human-readable description | string |
| slug | A unique, auto-generated slug | string |
| organization | The organization this dataset belongs to | string($uri) |
Example Dataset Payload¶
Below is an example Dataset object that you would create using the API:
{
"url": "https://localhost:8081/api/datasets/FWaw3Gr7Gmv8xg8mpuabn7/",
"organization": "https://localhost:8081/api/organizations/jSzAcLbFkDSCtFipdmLM3S/",
"name": "Business Data",
"slug": "business-data",
"description": "The Business Data"
}
Schemas¶
Schemas in Blind Insight define the shape of your data. You can think of a schema like a table in a database.
Schemas are declared using the JSON Schema specification. Only object types are supported which contain of field properties of string or number types.
Important
Only string and number field types are supported at this time. Support for more types will be added in a future release.
Each number type field must include values for its minimum and maximum bounds.
Schema Object Definition¶
| Name | Description | Type |
|---|---|---|
| name | A human-readable name | string |
| description | A human-readable description | string |
| slug | A unique, autogenerated slug | string |
| dataset | The dataset this schema belongs to | string(uri) |
| schema | A JSON schema defining the fields in the schema. This can be a file or raw JSON | object |
Example JSON Schema¶
A complete JSON schema for a "Person" object that has both "name" and "age" fields would look like this:
{
"type": "object",
"properties": {
"name": {
"type": "string"
},
"age": {
"type": "number",
"minimum": 1,
"maximum": 100
}
},
"required": ["name", "age"]
}
Example Schema Payload¶
Given the example JSON schem above, creating a Schema object might look like this:
{
"dataset": "https://localhost:8081/api/datasets/2rLuXFQwGKfj2TKFoEVPaQ/",
"name": "Person",
"slug": "person",
"description": "Person Schema",
"schema": {
"properties": {
"age": {
"maximum": 100,
"minimum": 1,
"type": "number"
},
"name": {
"type": "string"
}
},
"required": ["name", "age"],
"type": "object"
}
}
Records¶
Records in Blind Insight represent data that conform to a schema. You can think of records as rows in a database table. Each record field is encrypted using a unique key generated from the schema derived from keys in your keyring.
Record Object Definition¶
| Name | Description | Type |
|---|---|---|
| schema | The dataset this schema belongs to | string(uri) |
| data | A record in JSON format. Must conform to the schema it's being inserted into. | object |
Example Record Payloads¶
For example, if you were to upload two records at once using the Blind Proxy:
[
{
"data": {
"name": "Alice",
"age": 17
}
"schema": "https://localhost:8080/api/schemas/iKi3YbiG7Ax9cEZ7YPVNgw/"
},
{
"data": {
"name": "Bob",
"age": 69
},
"schema": "https://localhost:8080/api/schemas/iKi3YbiG7Ax9cEZ7YPVNgw/"
}
]
Warning
The REST API endpoint requires more advanced payloads including encrypted data. This is not currently included in this guide because the Blind Proxy encrypts your date and handles this for you automatically. This will be documented in more detail in a future release.
Users¶
Users are required to access Blind Insight. An email address is required to register a new user account.
Every user must also be a member of at least one Organization.
Organizations¶
Organizations represent a distinct account and isolated datasets. All objects are owned by an Organization. Every Organization has a single owner, and can have multiple admins or users. Users may be defined specialized roles. Blind Insight users may be members of multiple Organizations.
Note
Support for administering Organizations is not yet implemented and will be available in a future release. For now, each new user will be prompted to create their own Organization.
Organization Users¶
A Organization User is a member of an Organization. A user must be invited to join an Organization. Upon being invited to an Organization by email, if an account does not already exist, one must be created. Otherwise if a Blind Insight account already exists for that email, the user is automatically added to the Organization.
Organization Admins¶
An Organization Admin is a member of an Organization who has administrative privileges. By default this user has full read/write permissions to all objects owned by the Organization.
Organization Admins may also invite new users to the Organization. Only an Organization Owner may grant admin privileges to an Organization User. A user must be either be a member of the Organization before they may be granted admin rights, or the owner may issue admin privileges to a new user upon inviting them to the Organization.
Organization Owners¶
Each Organization has exactly one Organization Owner. Upon creating a new Organization, the creator becomes the owner. Ownership may be transferred by the Organization Owner to another Organization User at any time.
Concepts¶
Blind Insight REST API¶
The Blind Insight application is API-first. The REST API provides all functionality for integrating with the service. Please see the Blind Insight API Reference for details on how to use the REST API.
Blind Proxy¶
The Blind Proxy is a proxy server that brokers communication with the REST API. It holds the keys to your data and all encrypt/decrypt/search functionality is performed locally in the Proxy.
When uploading new data, the Proxy first uses your keys to encrypt the data before sending it to the REST API. When decrypting existing data, the Proxy receives the records from the REST API and decrypts them. When searching data, the Proxy encrypts your queries before sending them to the REST API.
Please see the guide on Using the Blind Proxy more information.
Blind Insight Keyring¶
The Blind Insight Keyring is managed by your Blind Proxy. It is compromised of a cryptographically strong 24-word (256-bit) seed phrase that is used to automatically generate cryptographic keys. These keys are mapped to your schema fields for the data you are uploading. Each distinct field in a schema is mapped to a unique 256-bit symmetric cryptography key. We will cover this in more detail as the documentation evolves.
Please see the section on Creating your Keyring for more information.
Data Owners¶
A Data Owner may perform encrypted searches and may also fully encrypt and ingest new records, as well as decrypt existing records.
A user is automatically a Data Owner for any datasets they create.
Data Requesters¶
A Data Requester may perform encrypted searches and view encrypted results but cannot upload, edit, or decrypt records.
Data Owners may selectively grant access to Data Requesters to decrypt or upload records for certain schemas, but by default, Data Requesters have read-only permissions.