Enabling Global Data Communication

Hello from

Meet Eliza & Marvin


Security of the Past: Limitations

only protection of bilateral IP connections


not protecting different data objects, but apis


unsuited for rapid change of data owners / new data channels

Security of the Past: Limitations

Security of the Past: Limitations

static design: build once, run forever


new requirements vs. security design


introduce security exceptions on change

Security of the Future: ZeroTrust

trust perimeter has changed


fragmented information (flows) need protection


authn/authz must be possible everywhere


data objects governed by external/internal access policies (AP)

Security of the Future: ZeroTrust

Security of the Future: ZeroTrust

defines trust levels for data objects / smaller groups


fine grained access to objects possible


more insights means minimizing risk


Never trust, always verify

Security for complex Ecosystems:

Zero Trust / IDSA / AccessPolicies

data object interactions main driver for future IT architecture


devices produce and consume data at the same time


respect different data owners per device


if one fails, all suffer!

Security of Ecosystems:

Zero Trust / IDSA / AccessPolicies

Security of Ecosystems:

Zero Trust / IDSA / AccessPolicies

business agility: enables your company to adapt and survive


switch to a different service provider is easy


change policies in days (rather than months)


enables data reduction and data economy






Our Approach

The first decentralized


messaging protocol

with security and privacy

by design


messaging & security protocol for ecosystems


benefit for easy data sharing with full control over data flows


open source development to establish trust


apply end-to-end principle for data objects


development started in 2014


2016: first exhibition @FROSCON


2019: NGI Zero / EU funded


2020: market-ready HMI 2020

             IDSA certification & looking for partners

Security First:

digital identities

dual encryption layer

attribute based access control

decentralized access delegation


... and more

Privacy First:

stacked identities (realm / audience)

addressing hash based

DHT to protect metadata discovery



... and more

Easy to use

installed as a OS library

connect once, communicate globally

python / lua binding available

identity / data based routing



... and more

no more gateways

P2P networks

P2P networks

Trusted B2B mesh network


stay secure behind closed firewalls


standardized security measures


limit packet size / throughput


"blind broker" nodes

Trusted B2B mesh network


connects everything:


devices, edge, processes,

applications, users, enterprises


neuropil & IDSA

why we joined:


rules to enforce data ownership / sovereignty


increase data quality and transparency


building european-wide ecosystems

neuropil & IDSA



decentralized (meta-data) broker


each application/device is a connector


decentralized MQTT

neuropil & IDSA

how to contribute to IDSA:


identity federation




high availability


e2e encrypted pub/sub streams

neuropil & IDSA

what's going on:


data models / participation in plugfest


governance model ( ?) / IDS ready certification


mutual ongoing development / collaboration

Use Cases

Use Case:

Distributed Search Engine

Neuropil is a project that wants to turn the tables on online search and discovery: instead of search solutions calling the shots, data owners decide what content is publicly searchable in the first place.

They can do this through a new messaging layer that is private and secure by design. Data owners can send cryptographic and unique so-called intent messages that state what specific information can be found where.

The access to the actual information or content is also controlled by data owners, for instance to provide either paid or public free content.

Use Case:

On the horizon

"Boring Paper Work"


"Traveling around the world"


"Healthy Healthcare"



By Stephan Schwichtenberg


a short introduction to the neuropil messaging layer

  • 26

More from Stephan Schwichtenberg