Secure Statistics

Your data stays encrypted at all time

Having and sharing confidential data currently requires great care and is normally conducted through a trusted third party such as a consultancy house or a public organisation, which is costly both in time and money.

Partisia’s solution for confidential data analysis provides a trustworthy alternative that do not rely on trust in any single organisation or person. The data is encrypted – sealed – before it enter into a distributed database and used encrypted in the computations. Even the results of these computations arrive in encrypted form to the client.

This means that the original data is no longer available anywhere in the system, which greatly simplifies data collaborations.

Partisia has been involved in developing Secure Statistics based on secure multiparty computation (SMC) in different projects. As part of the Danish research center CFEM and the EU project PRACTICE, Partisia has collaborated with the Alexandra Institute among others, in developing a prototype that makes senstitive data available for Danish banks with the purpose of supplementary credit evaluation. This work is the starting point of a new project called Big Data by Security founded by the Danish Industry foundation. This project will extent this work by focusing on two cases where SMC is used to merge confidential data from various sources to form a better data foundation for respectively credit rating and benchmarking.
The first prototype system has been tested in a real life setup and more development and testing and final deployment are planned for 2017.

secure-stats

In the data modules, data is provided from independent data sources, each of these data providers can import data into the data structures. The data is encrypted when it leaves the data provider’s computer and remains strongly encrypted at all time. All conflicts involved in merging data from different sources are solved without decrypting the data.

The collected, encrypted data can be used in concrete applications tailored and designed for the relevant end users. The application defines in advance a set of reports or results for the end users.

The raw data remains strongly encrypted at all time and only the pre-approved results are sent back to the end user and decrypted on the end user’s computer.

The applications include various encrypted computations such as averages, correlations and solving linear programming. The data provider knows the intended analyses in advance and accepts the use when entering data through the data module.

The security is based on Secure Multiparty Computation and the type of encryption is called secret sharing and has even stronger properties than traditional encryption.

The system is based on several, independent servers that jointly compute the results without sharing data. This architecture prevents leaks of confidential information by any of the servers involved. Unauthorized access to the encrypted data requires hacking multiple servers controlled by independent organisations – there is simply no confidential data on any of the servers and no single point of failure!