Abstract
AbstractTypically, data cannot be shared among competing organizations due to confidentiality or regulatory restrictions. We present several technological alternatives to solve the problem: secure multi-party computation (MPC), trusted execution environments (TEE) and multi-key fully homomorphic encryption (MKFHE). We compare these privacy-enhancing technologies from deployment and performance point of view and explain how we selected technology and machine learning methods. We introduce a demonstrator built in the DataBio project for securely combining private and public data for planning of fisheries. The secure machine learning of best catch locations is a web solution utilizing Intel® Software Guard Extensions (Intel® SGX)-based TEE and built with the Sharemind HI (Hardware Isolation) development tools. Knowing where to go fishing is a competitive advantage that a fishery is not interested to share with competitors. Therefore, joint intelligence from public and private sector data while protecting secrets of each contributing organization is an important enabler. Finally, we discuss the wider business impact of secure machine learning in situations where data confidentiality is a concern.
Highlights
12.2.1 Secure Multi-Party ComputationSecure multi-party computation (MPC) is a cryptographic technique for processing private data while preserving privacy
Well-known data analysis and machine learning tools and frameworks can be used when the data originates from public sources such as Copernicus satellite images or from private sources when an agricultural business collects their own data
It was decided that multi-party computation (MPC) and trusted execution environments would be feasible for the project
Summary
Secure multi-party computation (MPC) is a cryptographic technique for processing private data while preserving privacy. Computation parties who perform operations on the secret data without learning the input values or the results. Sharemind MPC uses an approach for MPC called additive secret sharing where private values are split into random values before being imported into an MPC system This means that given a private 32-bit value x, two random values x1,x2 are generated and x3 is computed so that x ≡ x1 + x2 + x3 mod232. Since the three server hosts must be independent, the organizations using MPC must decide on three parties who will be managing the servers This involves more contracts between parties participating in the process when compared to a single organization providing an analysis service, but data will be protected technically, not just by the contracts as with usual data analysis tools
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
