Cloud-Based Secure Data Exchange Detailed by Microsoft Research
Microsoft researchers have discovered a way to let parties share encrypted data using the cloud to transact secure trades of data, while giving users of the information exchanged complete control over specific datasets actually shared.
Using a cloud-based exchange and a concept the researchers call "secure multiparty computation," owners of data can encrypt and store it online with the ability to process and share pieces of information among specific parties earmarked specific to them. This is done without compromising the security and privacy of other information of the larger dataset, according to Ran Gilad-Bachrach, a researcher in Microsoft's Cryptography Research and coauthor of a paper published in June.
Microsoft revealed the researchers' work in a blog post this week and suggested the technology might be available soon. The idea behind "secure multiparty computation" is that it allows an individual holder of data to share it with multiple parties in a group, but ensures no one sees information about other members of that transaction.
For example, if a group of employees wanted to determine how their salaries rank among each other without actually telling everyone how much they earn, they'd have to find one trusted leader to disclose their information to, who would then compute the information and share the results. Using this cloud-based secure multiparty exchange, users could create this data without needing to share their salaries with that trusted colleague, according to another coauthor of the paper, Peter Rindal, a Microsoft intern and PhD candidate at Oregon State University with expertise secure multiparty computation.
An exchange like this could be useful among those who want to share expensive medical research at a lower cost, while ensuring privacy of certain information. Those who own any kind of data could encrypt hundreds or even thousands of components and issue a key specific to a buyer and its data for them to decrypt, according to the report. Because keys are stored in the cloud, the Microsoft researchers noted that security and privacy of data would be compromised if shared directly.
"Instead, we want to use the keys to decrypt the data inside a multiparty computation," Kim Laine, a post-doctoral researcher, coauthor of the paper and also a member of Microsoft's Cryptography Research team, explained in Microsoft's post. Laine is studying how to compute on encrypted data.
Microsoft said that while it's a research project now, "the team aims to publicly release the library, or tools, needed to implement the secure data exchange in the near future."
Posted by Jeffrey Schwartz on 08/10/2016 at 12:39 PM