This image shows a secure collaboration between five parties. Three parties provide encrypted data, which is then analyzed by a fourth party. A fifth party connects the different parties' systems together, and provisions necessary compute resources.

The image shows a single region, a single availability domain with 3 fault domains, and a virtual cloud network (VCN). The region provides identity and access management.

The virtual cloud network (VCN) includes and internet gateway for communication with external users over a virtual private network (VPN). The VCN includes 4 subnets:

• Public subnet:

  Analyzing Party Organization 1: Located in fault domain 1, the subnet includes an AMD virtual machine (VM) with the VM.Standard.E4.Flex shape. It accepts encrypted user input through the internet gateway and communicates with the hub and compute resources in fault domain 2.

  Hub and Compute Organization 2: Located in fault domain 2, the subnet includes an AMD virtual machine (VM) with the VM.Standard.E4.Flex shape. It connects the different parties' systems together, and provisions necessary compute resources.

• Private subnets-Data Owner Organization 3 through 5: Each subnet has similar resources and security. Located in its own fault domain, the subnet uses API services to communicate with hub and compute resources. The subnet includes a database system and a bare metal (BM) compute instance with Intel Ice Lake CPU and the BM.Optimized.36 shape to help process vectorized instruction sets, which support Duality's resource-intensive homomorphic encryption computations. Data owners securely access their data in the private subnet using a security list and route table for the subnet.