DetaBord Platform is the actual DetaBord data quarantine instance that forms the secure enclave around your sensitive data and provides the software to securely compute analytics jobs and machine learning models on that data. This manual describes the installation procedure of DetaBord Platform.
The DetaBord Platform ships pre-built as a binary executable for the following platforms:
- Linux (tested on CentOS 7)
- Mac OS, Version 10.15 or higher
- Windows 10
It is recommended to use a Linux host for DetaBord platform.
Installation of Runtime Environment (Linux)
To provide a runtime environment go through the following steps for local execution mode:
- Do not run dq0 as root or admin, create a new user if neccessary
- Download miniconda:
- Install miniconda:
- Create new conda environment:
conda create -n dq0 python=3.7
- Activate environment:
conda activate dq0
For quick setup the docker compose installation is recommended: Docker Installation
After everything has been unpacked, the installation process can be started.
- Ensure your are
user, in conda environment
dq0and in user’s home directory
- Install dq0-sdk:
pip install dq0sdk-0.1-py3-none-any.whl
- Set environment variable DQ0SDK_PATH:
cd $CONDA_PREFIX mkdir -p ./etc/conda/activate.d mkdir -p ./etc/conda/deactivate.d touch ./etc/conda/activate.d/env_vars.sh touch ./etc/conda/deactivate.d/env_vars.sh
- Edit environment files: edit
./etc/conda/activate.d/env_vars.shas follows: #!/bin/bash export DQ0SDK_PATH=/home/user/miniconda3/envs/dq0/lib/python3.7/site-packages/dq0sdk
./etc/conda/deactivate.d/env_vars.shas follows: #!/bin/bash unset DQ0SDK_PATH
- Set the correct proxy domain name or ip address in pullURL and pushURL
- other values can be kept unchanged
Generate public key pair
Since dq0 is encrypted end-to-end, we have to generate a public key pair and share the public key with that of the proxy instance. Generate pair (public_key.pem and private_key.pem) and move to config folder:
./dq0-main --create-pk && mv *.pem config`
“public_key.pem” can be now shared with the proxy.
The database is created locally and uses sqlite3. Create the database with the following command:
./dq0-main db create
Add roles and users
Now we can add new roles and users. To create a new role use the following command:
./dq0-main role add
You will be prompted for the name for the role (enter for example “admin”).
Create users with this command:
./dq0-main user add
Enter the username and password as requested.
Run as Service (Linux Cent OS example)
As root user we need to create a new file:
vi /etc/systemd/system/dq0-main.service and add following content:
Description=dq0 main service
systemctl start dq0-main
and enable at system startup:
systemctl enable dq0-main
As the data quarantine seeks to provide a secure enclave for your private data it is very important to install DetaBord Main only in a network environment with the highest level of network protection and firewall settings enabled.
- Make sure that only the DetaBord Proxy port (default is 8000) is open for public communication via TCP. All other ports shall be closed.
- Set file level or database permissions so that only the DetaBord Main user can read the data source directories. Nobody should have write access to the data sources.