With more and more user-generated information going online along with passively generated information from the Internet of Things, personal privacy concerns are high. Regularly, seemingly innocuous pieces of data are put together from varied sources by nefarious persons to gain rich and highly personal information on individuals.
To combat this, data security professionals profess a principle of least privilege access in which sensitive information should only be released if absolutely necessary to accomplish the desired task. In many situations, what is needed is not the most personal or sensitive data, but a function of that data such as a number. In the example of data gathered from a smart grid, perhaps only a real-time sum or standard deviation of energy usage in the neighborhood is needed and not the data detailing which appliances are running in a specific house – an indication of someone being home. While seemingly obvious and straightforward, addressing this issue in large networks is very difficult.
Air Force researchers are tackling this concern with a new approach termed transferable multiparty computation (T-MPC). A previous approach – secure multiparty computation (MPC) offered a capability to compute any function while mitigating privacy risks but was inflexible and did not scale well. T-MPC is a privacy-preserving computer model that allows the parties involved in the computation to change over time. It allows for the enhanced practice of the principle of least privilege – that a node (a person, sensor, computer) should be given access to only the minimal amount of information necessary. Initial applications are in smart-metering and in protecting identities in online referral systems for example purchase recommendations based on others experiences with a brand, product, or company.
- Software and protocols deliver only the necessary data for accomplishment of a given task
- Software makes it more difficult for criminals to piece together disparate pieces of data into a positive identification
- US patent 9,813,234 available for license
- Potential for collaboration with Air Force scientists and engineers