NU 2016-153
Inventors
Jennie Duggan*
Abel Kho
Short Description
A database technology that provides secure data sharing for mutually distrusting parties
Background
In many settings, such as medicine, data markets, banking, online advertising, and human rights work, individuals or companies that do not trust one another want to pool their data for analysis. These are known as private data networks (PDN), wherein databases from mutually distrustful sources are combined to appear as a single engine for analysis. Traditionally, individuals and companies in a PDN share their data by uploading it to a neutral, third-party surrogate or honest broker. This solution is problematic because the third-party surrogate can be compromised.
Abstract
Northwestern inventors have developed a secure data sharing network for mutually distrusting parties to pool together their data for analysis without disclosing private information called SMCQL. This technology provides a secure platform for companies concerned with privacy and regulatory compliance issues, which is particularly relevant in collaborations involving scientific, business and data-intensive projects. Traditionally, PDN members either upload their data to a trusted intermediary or use one-off privacy-preserving algorithms to mine the data. Either situation can result in data being exposed to unauthorized parties. The secure database framework developed at Northwestern, SMCQL, translates SQL queries into secure multiparty computation (SMC) by extracting data from multiple databases without revealing sensitive information to a third-party broker. This method keeps data in the hands of its originators and removes the need for any trusted intermediaries beyond a lightweight honest broker for coordinating query evaluation. It is also the first PDN method that does not require users to be trained in SMC programming. As such, this system enables users to take advantage of SMC without needing to know the underlying security properties. This technology is superior to current PDN sharing methods as it is designed to enable non-security experts to share and query valuable information from a grouped database without having to disclose sensitive information.
Applications
Advantages
Publications
Bater J, Elliott G, Eggen C, Goel S, Kho A and Rogers J (2016) SMCQL: secure querying for federated databases. Proceedings of the VLDB Endowment. 10: 673-684.
IP Status
US patent application has been filed.