- Services & Solutions
- Clients & Partners
Privacy PReserving Information Mediation for Enterprises (PPRIME)
Using advanced privacy technologies to enable informed and controlled information sharing.
Information sharing is a major challenge for many types of enterprises. Effective coordination with partners often requires the release or use of information that ideally would be held private. Meanwhile, information security mechanisms tend to impede rather than facilitate sharing information. SRI is exploring how advanced privacy technologies can promote more informed and controlled information sharing within enterprises, with a particular focus on coalition operations.
At the heart of SRI’s approach is a workflow platform called PPRIME (Privacy PReserving Information Mediation for Enterprises), a process-oriented system that selects and configures workflows for responding to information requests while taking into account privacy implications of their execution.
As seen in the figure below, PPRIME provides privacy management through 1) a set of security mechanisms and policy setting capabilities for data owners, and 2) analysis tools for measurement and prediction of information leakage. PPRIME manages request processing for authorized users by accessing data and processing services that satisfy the requester’s needs while remaining in compliance with the privacy requirements imposed by data owners.
SRI is developing PPRIME in the context of a humanitarian aid and disaster relief scenario in which a typhoon has caused extensive damage across a set of countries in the Pacific. Ships from multiple nations in the vicinity can potentially provide aid, and an ad hoc coalition forms among the aid-providing and aid-recipient nations to distribute aid relief and to support evacuations.
While eager to collaborate on the relief effort, coalition members have varying degrees of trust toward each other and must ensure that information sharing is conducted in a manner that is consistent with their organizations’ overall privacy objectives. The PPRIME use case addresses information-sharing challenges for such coalitions by applying privacy technologies and strategies including:
- Policies. Data owners can define policies that limit access to structured data based on characteristics of the requester, request history, and request details. Policies are enforced through a query rewriting mechanism that guarantees all information releases from encrypted databases are sanctioned by relevant data owners.
- Secure multi-party computation (MPC). Secure MPC enables agreed-upon computations to be performed on data supplied by multiple stake-holders without them having to reveal that data to each other. For example, PPRIME uses secure MPC to support resource allocation, with different parties submitting private bids on resource requirements.
- Secret sharing. This technology enables sensitive information to be split into multiple encrypted shares, from which the original information can be reconstructed only with the agreement of all parties.
- Searchable encryption. A searchable encryption scheme allows a party to outsource the storage of his data to another party in a private manner, while providing the ability to selectively search over it. For example, searchable encryption is used to store medical records, from which researchers can privately extract aggregate information about disease status.
- Differential Privacy. Differential privacy enables statistical queries over a database while minimizing the chances of identifying any individual within its records.
To help participants make informed decisions regarding the implications of sharing, PPRIME researchers also are developing information-theoretic capabilities for characterizing what is being revealed through data releases. PPRIME is part of the Defense Advanced Research Projects Agency (DARPA)-sponsored Brandeis program.
PPRIME is a DARPA project funded through Space and Naval Warfare (SPAWAR) Systems Center Pacific, Contract # N66001-15-C-4071.
The views, opinions and/or findings expressed are those of the author and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government.