Business Challenge

The challenges here are twofold.  The analytics team wants to do basic statistics and train their supervised learning models with sensitive customer data on their network (or cloud provider), but they don't have security permissions to read the data.  Secondly, the business unit would like to monetize this data through an API without exposing PII or relying on a third party broker. Attempts to anonymize the data removes valuable features in their model, and it is well-known that this information can be trivially re-identified.  Other solutions such as differential privacy require a tradeoff between privacy and accuracy without providing robust cryptographic security.  They need a way to evaluate functions on this customer data at a granular level with arithmetic accuracy, such as specific columns and entries within the database, without seeing the individual data points.

Solution

Secret Computing™ can operate at many levels: across organizations and governments, between departments and jurisdictions within an organization, and at the granular level of segmented customer data within networks and databases. The data science team runs statistical analysis and regression models using XOR, without having direct read permissions on the customer data, thus complying with internal corporate privacy and SOC 2 requirements. The IT Administrator is able to keep all existing security protocols in place, including at-rest and in-transit encryption protocols.

For more detail on the levels at which data can be secretly computed, please reference this infographic.