Computación federada segura
Palabras clave:
computación preservadora de la confidencialidad, computación en el borde, computación colaborativa, criptología, computación colaborativa seguraResumen
El concepto de preservación de la privacidad en las computaciones, conocido como Computación Preservadora de la Privacidad (CPP), implica el procesamiento encriptado de datos confidenciales. A pesar de sus ventajas teóricas, la tecnología intrincada presenta significativas barreras prácticas de entrada. En este contexto, establecemos objetivos y principios de diseño para un middleware que centraliza procesos criptográficos exigentes en el lado del servidor al tiempo que ofrece una interfaz fácil de usar para desarrolladores de aplicaciones en el lado del cliente. El marco resultante, denominado "Computación Segura Federada", delega tareas intensivas en cómputo al servidor, segregando las preocupaciones criptográficas de la lógica empresarial. A través de una definición de API abierta 3.0, proporciona microservicios y acomoda varios protocolos mediante complementos autodescubiertos. Notablemente, requiere solo capacidades mínimas de DevSecOps, garantizando simplicidad y seguridad. Además, su tamaño compacto lo hace adecuado para implementarse en el Internet de las cosas (IoT) y en escenarios introductorios en hardware de consumo. Las pruebas de rendimiento para cálculos utilizando un protocolo de Computación Segura Multiparte (SMPC), aplicado tanto a datos vertical como horizontalmente particionados, revelan tiempos de ejecución rápidos en segundos en estaciones de trabajo dedicadas y dispositivos IoT como Raspberry Pi o teléfonos inteligentes. La implementación de referencia está disponible como software libre y de código abierto bajo la licencia MIT.
Citas
Deloitte. The Analytics Advantage; Deloitte: London, UK, 2013.
AIG. The Data Sharing Economy: Quantifying Tradeoffs That Power New Business Models; AIG: New York, NY, USA, 2016.
European Commission. Study on Data Sharing between Companies in Europe. 2018. Available online: https://op.europa.eu/s/y2R4 (accessed on 23 August 2023).
TrustArc. TRUSTe/National Cyber Security Alliance U.S. Consumer Privacy Index; TrustArc: San Francisco, CA, USA, 2016.
Yao, A.C. Protocols for secure computations. In Proceedings of the 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, Chicago, IL, USA, 3–5 November 1982; pp. 160–164.
Damgard, I.; Pastro, V.; Smart, N.; Zakarias, S. Multiparty Computation from Somewhat Homomorphic Encryption. In Proceedings of the 32nd Annual International Cryptology Conference (CRYPTO), University of California Santa Barbara, Santa
Barbara, CA, USA, 19–23 August 2012; pp. 643–662.
Gentry, C. Fully Homomorphic Encryption Using Ideal Lattices. In Proceedings of the 41st Annual ACM Symposium on Theory of Computing, Bethesda, MD, USA, 31 May–2 June 2009; pp. 169–178.
Paillier, P. Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology—Eurocrypt'99; Stern, J., Ed.; Lecture Notes in Computer Science; Springer: Berlin, Germany, 1999; Volume 1592, pp. 223–238.
Dwork, C. Differential privacy. In Automata, Languages and Programming, Pt 2; Bugliesi, M., Prennel, B., Sassone, V., Wegener, I., Eds.; Lecture Notes in Computer Science; Springer: Berlin, Germany, 2006; Volume 4052, pp. 1–12.
Dwork, C.; Roth, A. The Algorithmic Foundations of Differential Privacy. Found. Trends Theor. Comput. Sci. 2013, 9, 211–406.
[CrossRef]
Craddock, M.; Archer, D.W.; Bogdanov, D.; Gascon, A.; de Balle Pigem, B.; Laine, K.; Trask, A.; Raykova, M.; Jug, M.; McLellan, R.; et al. UN Handbook on Privacy-Preserving Computation Techniques. 2019. Available online:
https://unstats.un.org/bigdata/task-teams/privacy/UN%20Handbook%20for%20Privacy-Preserving%20Techniques.pdf (accessed on 23 August 2023).
Kolesnikov, V.; Schneider, T. Improved garbled circuit: Free XOR gates and applications. In Proceedings of the 35th International
Colloquium on Automata, Languages and Programming, Reykjavik, Iceland, 7–11 July 2008; pp. 486–498.
Shpilka, A.; Yehudayoff, A. Arithmetic Circuits: A Survey of Recent Results and Open Questions. Found. Trends Theor. Comput.
Sci. 2009, 5, 207–388. [CrossRef]
Bernstein, D.J. Curve25519: New Diffie-Hellman speed records. In Public Key Cryptography—Pkc 2006, Proceedings; Yung, M., Dodis, Y., Kiayias, A., Malkin, T., Eds.; Lecture Notes in Computer Science; Springer: Berlin, Germany, 2006; Volume 3958,
pp. 207–228.
Diffie, W.; Hellman, M.E. New directions in cryptography. IEEE Trans. Inf. Theory 1976, 22, 644–654. [CrossRef]
Rabin, M.O. How to Exchange Secrets with Oblivious Transfer; Aiken Computation Laboratory, Harvard University: Cambridge, MA, USA, 1981.
Bogdanov, D.; Laur, S.; Willemson, J. Sharemind: A Framework for Fast Privacy-Preserving Computations. In Proceedings of the 13th European Symposium on Research in Computer Security, Malaga, Spain, 6–8 October 2008; pp. 192–206.
Wirth, F.N.; Kussel, T.; Muller, A.; Hamacher, K.; Prasser, F. EasySMPC: A simple but powerful no-code tool for practical secure multiparty computation. BMC Bioinform. 2022, 23, 531. [CrossRef]
Gay, W. Raspberry Pi Hardware Reference; Apress: Berkeley, CA, USA, 2014.
Gaye, A.; Marcon, Y.; Isaeva, J.; LaFlamme, P.; Turner, A.; Jones, E.M.; Minion, J.; Boyd, A.W.; Newby, C.J.; Nuotio, M.L.; et al.
DataSHIELD: Taking the analysis to the data, not the data to the analysis. Int. J. Epidemiol. 2014, 43, 1929–1944. [CrossRef]
[PubMed]
Wolfson, M.; Wallace, S.E.; Masca, N.; Rowe, G.; Sheehan, N.A.; Ferretti, V.; LaFlamme, P.; Tobin, M.D.; Macleod, J.; Little, J.; et al.
DataSHIELD: Resolving a conflict in contemporary bioscience-performing a pooled analysis of individual-level data without sharing the data. Int. J. Epidemiol. 2010, 39, 1372–1382. [CrossRef] [PubMed]
The Linux Foundation. New Collaborative Project to Extend Swagger Specification for Building Connected Applications and Services. 2015.
Available online: https://www.linuxfoundation.org/press/press-release/new-collaborative-project-to-extendswagger-specification-for-building-connected-applications-and-services (accessed on 23 August 2023).
Krüger-Brand, H.E. Innovatives IT-Verfahren soll sensible Daten in der Krebsforschung schützen. Ärzteblatt. 2019. Available
online: https://www.aerzteblatt.de/nachrichten/103090/Innovatives-IT-Verfahren-soll-sensible-Daten-in-der-Krebsforschungschuetzen (accessed on 23 August 2023).
Ballhausen, H.; von Maltitz, M.; Niyazi, M.; Kaul, D.; Belka, C.; Carle, G. Secure Multiparty Computation in Clinical Research and
Digital Health. In Proceedings of the E-Science-Tage 2019, Heidelberg, Germany, 27–29 March 2019.
von Maltitz, M.; Ballhausen, H.; Kaul, D.; Fleischmann, D.F.; Niyazi, M.; Belka, C.; Carle, G. A Privacy-Preserving Log-Rank
Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation. JMIR Med.
Inform. 2021, 9, e22158. [CrossRef] [PubMed]
Keller, M. MP-SPDZ: A Versatile Framework for Multi-Party Computation. In Proceedings of the ACM SIGSAC Conference on
Computer and Communications Security (ACM CCS), Virtual Event, 9–13 November 2020; pp. 1575–1590.
Keller, M.; Pastro, V.; Rotaru, D. Overdrive: Making SPDZ Great Again. In Proceedings of the 37th Annual International
Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Tel Aviv, Israel, 29 April–3 May 2018;
pp. 158–189.
Keller, M.; Scholl, P. Efficient, Oblivious Data Structures for MPC. In Proceedings of the 20th Annual International Conference
on the Theory and Application of Cryptology and Information Security (Asiacrypt), Kaoshiung, Taiwan, 7–11 December 2014;
pp. 506–525.
Niebuhr, C. Daten tauschen und schützen—Das muss kein Widerspruch sein. MERTON. 2021. Available online: https://mertonmagazin.de/daten-tauschen-und-schuetzen-das-muss-kein-widerspruch-sein (accessed on 23 August 2023).
LMU-Forschende mit Ideen zu Innovation und Bildung Erfolgreich. Available online: https://www.lmu.de/de/newsroom/newsuebersicht/news/lmu-forschende-mit-ideen-zu-innovation-und-bildung-erfolgreich.html (accessed on 22 September 2021).
Federated Secure Computing. Available online:
https://www.stifterverband.org/wirkunghoch100/3projekte/computing
(accessed on 16 August 2023).
