Sharemind: Well-Kept Secrets in Your Business Applications
Data protection in information systems is regulated by directives, laws and somewhat even by the possible wrath of the users. However, with all this regulation, there are still almost daily occurrences of loss of personal data (http://datalossdb.org/). We believe that this is a fault of both technology and procedures.
We have taken secure computation techniques that cryptographers have known for quite a while and packaged them into a practical privacy-preserving database system called Sharemind. We can prove that given three organizations that do not share their database contents with each other we can build a system that computes statistics and mines data without seeing any individual values. Additionally, that Sharemind can be used to gather data so that nobody but the data source will see the values in the dataset.
In this talk we describe how to construct applications that respect the confidentiality of data. We show how the presented technique can be applied to various business scenarios.