As part of the EU project PRACTICE, Partisia has developed a MPC based secure survey system together with the Estonian R&D company Cybernetica. The secure survey system is based on secure multiparty computation and ensures that all individual answers are kept confidential by encrypting them on submission keeping them encrypted at all times. Only the aggregated statistics are decrypted and revealed.
Survey systems are used intensively to capture stated preferences from customers, employees, companies etc. In general, the revealed/public result from a survey is various statistics pointing at patterns or trends while individual answers are kept confidential. Traditionally, this level of confidentiality is ensured by consultants paid to take the role as trustee. There are also cloud based survey systems such as ”Survey Monkey” that allows users to conduct their own survey, though without any enforcements against leakages of confidential information.
Secure multiparty computation add values in two ways: First, the survey system is a distributed cloud computing system that does not provide the individual cloud services to access confidential information at any time (it is kept encrypted). Second, the control of the individual cloud computing instances (hosted by independent cloud service providers), are distributed among independent ”trustees”, each knowing no more than the individual cloud service provider. In this way we add value to existing cloud based surveys by a secure approach to cloud computing and by a built-in trustee function. For the traditional consultant, we add value by opening up for secure use of cloud computing and by the possibility of outsourcing the trustee role.
The secure survey web service is furthermore designed to run on two different secure multiparty computation engines: Sharemind (offered by Cybernetica) and Fresco/SPDZ (offered by Partisia). The two secure multiparty computation engines differ in terms of number of servers used and security level. Sharemind runs on three servers and Fresco/SPDZ runs on two servers and provides a higher level of security. The survey system was used for the first time for real-life surveys in the summer 2015.
SECATA (a spinout from Partisia) is developing a number of commercial solution within privacy-preserving statistics include survey system such as the insights.network solution Read more >>