Leveraging Secure Multiparty Computation in the Internet of Things

Centralized systems in the Internet of Things---be it local middleware or cloud-based services---fail to fundamentally address privacy of the collected data. We propose an architecture featuring secure multiparty computation at its core in order to realize data processing systems which already incorporate support for privacy protection in the architecture

A Management Framework for Secure Multiparty Computation in Dynamic Environments

Secure multiparty computation (SMC) is a promising technology for privacy-preserving collaborative computation. In the last years several feasibility studies have shown its practical applicability in different fields. However, it is recognized that administration and management overhead of SMC solutions are still a problem. A vital next step is the incorporation of SMC in the emerging fields of the Internet of Things and (smart) dynamic environments. In these settings, the properties of these contexts make utilization of SMC even more challenging since some of its vital premises regarding environmental stability and preliminary configuration are not initially fulfilled. We bridge this gap by providing FlexSMC, a management and orchestration framework for SMC which supports the discovery of nodes, supports a trust establishment between them and realizes robustness of SMC session by handling nodes failures and communication interruptions. The practical evaluation of FlexSMC shows that it enables the application of SMC in dynamic environments with reasonable performance penalties and computation durations allowing soft real-time and interactive use cases

Secure Multiparty Computation in Clinical Research and Digital Health

The free flow of information is the lifeblood of the digital economy. In research, the exchange of data is a prime requisite for the generation of new knowledge. In practice, however, there are many barriers to data sharing. Collaborators are reluctant to reveal their proprietary knowledge, consumers are wary of large scale data collection and profiling, regulation restricts what personal information can and cannot be shared across institutional borders. In clinical research and digital health, there are particulary strict data protection rules in force. Here, we are motivated to seek new methods for knowledge generation, without the problematic exchange of actual patient data. In fact, there is a technology, secure multiparty computation, which allows a number of collaborators to jointly compute about any function, without revealing their private inputs. The method relies entirely on calculations over an encrypted network, without the need for a trusted third party, a central data repository, or even trust between the collaborators. In a pilot experiment, we demonstrate joint survival analysis based on two separate data bases at LMU Munich and Charité Berlin. Using secure multiparty computation, we are able to identify confounding factors for the survival of patients with glioblastoma. We obtain the same sensitivity as one would achieve by completely pooling the two data bases, and yet we do not actually need to exchange any patient data to perform the calculation. Going forward, we hope to assemble a collection of libraries for secure multiparty computation in clinical research and digital health. By providing turn-key solutions to the most often used calculations, we hope to reduce barriers to entry for interested researchers and developers. We also hope to create a scientific network of interested institutions and individuals

Privacy Preserving Energy Management

Abstract. The improvement of energy efficiency is an important target on all levels of society. It is best achieved on the basis of locally and tem-porally fine-grained measurement data for identifying unnecessary use of energy. However, at the same time such fine-grained measurements allow deriving information about the persons using the energy. In this paper we describe our work towards a privacy preserving system for energy man-agement. Our solution follows the privacy by design paradigm and uses attribute-based cryptography and virtualization to increase security.