IST'2009

Sharemind: Well-Kept Secrets in Your Business Applications

Abstract

Data protection in information systems is regulated by directives, laws and somewhat even by the possible wrath of the users. However, with all this regulation, there are still almost daily occurrences of loss of personal data (http://datalossdb.org/). We believe that this is a fault of both technology and procedures.

We have taken secure computation techniques that cryptographers have known for quite a while and packaged them into a practical privacy-preserving database system called Sharemind. We can prove that given three organizations that do not share their database contents with each other we can build a system that computes statistics and mines data without seeing any individual values. Additionally, that Sharemind can be used to gather data so that nobody but the data source will see the values in the dataset.

In this talk we describe how to construct applications that respect the confidentiality of data. We show how the presented technique can be applied to various business scenarios.

Speaker

Dan Bogdanov is a researcher at the Institute of Information Security of Cybernetica. The focus of his research is currently on creating provably secure methods for processing private data. He is the creator of Sharemind - a novel distributed database system with provable security guarantees. His other interests include secure virtual worlds and computer games. He is determined to complete his PhD studies in the University of Tartu in a year or so.

IST'2009