{"id":270618,"date":"2016-08-09T09:00:56","date_gmt":"2016-08-09T16:00:56","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/?p=270618"},"modified":"2017-05-08T17:59:03","modified_gmt":"2017-05-09T00:59:03","slug":"microsoft-researchers-enable-secure-data-exchange-cloud","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/research\/blog\/microsoft-researchers-enable-secure-data-exchange-cloud\/","title":{"rendered":"Microsoft researchers enable secure data exchange in the cloud"},"content":{"rendered":"

By John Roach, Writer, Microsoft Research<\/em><\/p>\n

In the future, machine learning algorithms may examine our genomes to determine our susceptibility to maladies such as heart disease and cancer. Between now and then, computer scientists need to train the algorithms on genetic data, bundles of which are increasingly stored encrypted and secure in the cloud along with financial records, vacation photos and other bits and bytes of digitized information.<\/p>\n

And there the data sits, full of potential but ultimately of little use to anyone but its owner.<\/p>\n

That\u2019s because encrypted data must first be decrypted before it can be used. But decrypted data is vulnerable to malicious attacks, which creates a tradeoff between data usability and security.<\/p>\n

New research from Microsoft aims to unlock the full value of encrypted data by using the cloud itself to perform secure data trades between multiple willing parties in a way that provides users full control over how much information the exchange reveals.<\/p>\n

\"Ran

Ran Gilad-Bachrach \/ Photography by Scott Eklund\/Red Box Pictures<\/p><\/div>\n

\u201cWhat we are trying to do is keep the data private and, at the same time, get the value out of it,\u201d says Ran Gilad-Bachrach<\/a>, a researcher in the Cryptography Research group within Microsoft\u2019s research organization and co-author of a paper<\/a> released in June that describes the protocol, or set of rules, for this system to securely exchange data.<\/p>\n

Multiparty computation<\/h2>\n

The exchange is based on the idea of a secure multiparty computation, where two or more parties agree to evaluate their data in a way that one or more of the parties gets a result but none of the parties learns anything about the others\u2019 data, except for what can be inferred from the result.<\/p>\n

The multiparty computation is akin to a group of employees who want to know where their individual salary ranks in relation to the group as a whole, but none of them wants to reveal their pay to the group.<\/p>\n

One way to solve this problem is for each individual to tell their salary in confidence to a trusted colleague. This colleague calculates the average salary and shares the result with the group. Each employee can determine where their pay falls without learning what any individual is paid. The trusted colleague conveniently forgets everything.<\/p>\n

\u201cThis secure data exchange emulates that, but without the need for the trusted colleague,\u201d says paper co-author Peter Rindal (opens in new tab)<\/span><\/a>, a PhD candidate at Oregon State University who is in his second internship at Microsoft and an expert on secure multiparty computation.<\/p>\n

The cloud, according to the researchers, is a key feature of the exchange. It transforms a computation technique used to resolve water cooler disputes over pay to a secure system to train algorithms, perform market research, conduct auctions and enable new business opportunities.<\/p>\n

Exchange in action<\/h2>\n

Here\u2019s how it works:<\/p>\n

Data owners \u2013 hundreds, thousands of them \u2013 encrypt their data and send it to the cloud for storage. Think of them as relatively passive sellers in the exchange. When an active buyer \u2013 usually one entity \u2013 comes along and wants to make a transaction with some of the sellers, those sellers approve the transaction by sending the buyer keys to the data.<\/p>\n

But since those keys can decrypt the data stored in the cloud, the cloud can\u2019t directly share the stored data with the buyer, otherwise security and privacy would be compromised.\"Kim<\/p>\n

\u201cInstead, we want to use the keys to decrypt the data inside a multiparty computation,\u201d says paper co-author Kim Laine<\/a>, a post-doctoral researcher also in the Cryptography Research group who studies how to compute on encrypted data. Doing so unencrypts the data for a computation \u201cwithout actually revealing anything to anyone except the result\u201d of the computation.<\/p>\n

All of the computation is performed in the cloud, and the computation itself is encrypted in such a way that not even the cloud knows what is being computed, which protects any of the buyer\u2019s data used in the computation such as a proprietary algorithm. If everything goes as expected, the cloud reveals the decrypted results to the interested parties.<\/p>\n

Set up this way, according to the researchers, the data exchange is secure provided that the cloud itself follows the rules and nothing more.<\/p>\n

Test driving data<\/h2>\n

Here\u2019s another advantage to the system: It\u2019s costly to purchase data, and researchers with limited budgets need to make sure it is worth it. The exchange, Gilad-Bachrach explains, offers a way for a buyer to \u201ctest drive\u201d a portion of the sellers\u2019 data and thus make an informed decision over whether to buy the keys to unlock the full dataset.<\/p>\n

Consider researchers at a pharmaceutical company who are developing a machine learning model that combs through genomes to determine individuals\u2019 risk of various diseases. To improve the model and further study it, the researchers are interested in buying access to a medical center\u2019s bundle of anonymized patient genomes, but only if the bundle contains distinctly different data than what the researchers have already used.<\/p>\n

\u201cWe call this \u2018can we test drive your data\u2019 because why would you buy anything without knowing what you are buying,\u201d says Laine. \u201cBut the problem with data is you can\u2019t just show it.\u201d<\/p>\n

The secure data exchange system allows the researchers to perform a statistical analysis on a portion of the medical center\u2019s anonymized genetic data that reveals how much it differs from the data already used to build the disease-prediction algorithm. After this test drive, the researchers can decide whether to buy the keys to the full bundle.<\/p>\n

\u201cWhat we are trying to build,\u201d Gilad-Bachrach says, \u201cis a mechanism by which you can say, \u2018Look, I am interested in your data, but I want to verify it is really what I need before I purchase it.\u2019\u201d<\/p>\n

Real world applications<\/h2>\n

In another use of the exchange, a medical center could compare the outcomes of its treatment plan for pneumonia with the outcomes of treatment plans used at other medical centers without any one medical center revealing what treatment plan it uses. That avoids the risk of getting called out for using a less effective treatment.<\/p>\n

Individuals could even use the exchange as a marketplace to sell researchers access to their encrypted genetic data for algorithm training. Ultimately, Laine notes, the researchers might develop an algorithm that uses the exchange to communicate to participants whether or not their genome contains a specific mutation related to a health concern such as heart disease or cancer.<\/p>\n

\u201cIf you are a match,\u201d notes Laine, \u201cyou can decide if you want to contact the research group.\u201d<\/p>\n

It\u2019s a research project for now. But the team aims to publicly release the library, or tools, needed to implement the secure data exchange in the near future.<\/p>\n

Related links<\/strong><\/p>\n