Select Page

Technology

Technology

Data Anonymization

To meet the specifications of anonymization, the data must be stripped of sufficient elements such that the data subject can no longer be identified. More precisely, that data must be processed in such a way that it can no longer be used to identify a natural person by using ‘all the means likely reasonably to be used’ by either the controller or a third party. An important factor is that the processing must be irreversible.

CryptoNumerics’ CN-Protect Solution anonymizes direct identifiers in a manner that is irreversible, and additionally applies further advanced practical privacy-preserving protection to ensure indirect identifiers cannot be used to re-identify a natural person through inference attacks and the mosaic effect.

    CN-Protect

    Technology

    Data Pseudonymization

    Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

    Personal data which have undergone pseudonymization, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person.

    CryptoNumerics CN-Protect solution is a software solution architecturally configured so that indexes and additional information used that links a data subject to the pseudonymized data is kept in a separate and secure manner demonstrating enterprise-class technical and organizational controls.

    CryptoNumerics CN-Protect solutions, risk assessment for re-identification capability and privacy-preserving privacy actions on indirect identifiers is central to demonstrating that pseudonymized data cannot be used to identify a natural person.

    CN-Protect

    Technology

    Differential Privacy

    Differential Privacy (DP) is a privacy framework that characterizes a data analysis or transformation algorithm rather than a dataset. It specifies a property that the algorithm must satisfy to protect the privacy of its inputs, whereby the outputs of the algorithm are statistically indistinguishable when any one particular record is removed in the input dataset. It involves a randomization element and tunable parameters such as epsilon and delta to guarantee the statistical indistinguishability of any individual record, up to a specified limit. It is most effective when applied to very large datasets.

      CN-Protect

      Technology

      Optimal k-anonymity

      K-anonymity is a privacy model that protects re-identification of individuals in a dataset based on indirect identifiers (or quasi-identifiers). Quasi-identifiers, such as age, gender, or zipcode, are not fully identifying each on their own but in combination can be used to distinguish a much smaller, or possible a single individual in the dataset. K-anonymity considers each unique combination of quasi-identifiers as an equivalance class (or bin), and then ensures that each bin has at least k members which are indistinguishable from each other. This is achieved by generalizing and/or suppressing the quasi-identifiers. For example, if k is set equal to 5, then any bin must contain at least 5 individuals. In bins smaller than 5, the zip code digits are redacted from right-to-left, thus increasing the area that the remaining digits represent, and thus more individuals would be contained in that bin.

      As k increases, the data becomes more general and the risk of re-identification is reduced.

        CN-Protect

        Technology

        Secure Multi-Party Computation

        Secure Multi-party Computation (SMC), or Multi-Party Computation (MPC), is an approach to jointly compute a function over inputs held by multiple parties while keeping those inputs private.

        MPC is used across a network of computers while ensuring that no data leaks during computation. Each computer in the network only sees bits of secret shares — but never anything meaningful. Secret shares are derived from data using correlated randomness such that at the end of the computation, each computer has a share of the solution. The only way to reconstruct the complete solution is to add all the shares together from all the computers involved.

        This allows training a machine learning model across datasets held by multiple parties as if they were a single dataset but without actually moving, centralizing, or disclosing the data between the parties. The secret shares exchanged between parties cannot be used to reverse engineer any input data, and no single party can unilaterally decrypt the resulting model. Therefore, MPC can be used to satisfy privacy, confidentiality, and data residency requirements.

        CN-Insight

        Technology

        Private Set Intersection

         Private Set Intersection (PSI) identifies common elements between datasets typically held by different parties, without revealing anything to each other except the intersection. This replaces simplistic approaches such as one-way hashing functions that are susceptible to dictionary attacks. Applications for PSI include identifying the overlap with potential data partners (i.e. “Is there a large enough client base in common to be worthwhile to work together), as well as aligning datasets with data partners in preparation for using MPC to train a machine learning model.

        CN-Insight

        Technology

        Data Anonymization

        To meet the specifications of anonymization, the data must be stripped of sufficient elements such that the data subject can no longer be identified. More precisely, that data must be processed in such a way that it can no longer be used to identify a natural person by using ‘all the means likely reasonably to be used’ by either the controller or a third party. An important factor is that the processing must be irreversible.

        CryptoNumerics’ CN-Protect Solution anonymizes direct identifiers in a manner that is irreversible, and additionally applies further advanced practical privacy-preserving protection to ensure indirect identifiers cannot be used to re-identify a natural person through inference attacks and the mosaic effect.

          CN-Protect

          Technology

          Data Pseudonymization

           Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

          Personal data which have undergone pseudonymization, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person.

          CryptoNumerics CN-Protect solution is a software solution architecturally configured so that indexes and additional information used that links a data subject to the pseudonymized data is kept in a separate and secure manner demonstrating enterprise-class technical and organizational controls.

          CryptoNumerics CN-Protect solutions, risk assessment for re-identification capability and privacy-preserving privacy actions on indirect identifiers is central to demonstrating that pseudonymized data cannot be used to identify a natural person.

          CN-Protect

          Technology

          Differential Privacy

          Differential Privacy (DP) is a privacy framework that characterizes a data analysis or transformation algorithm rather than a dataset. It specifies a property that the algorithm must satisfy to protect the privacy of its inputs, whereby the outputs of the algorithm are statistically indistinguishable when any one particular record is removed in the input dataset. It involves a randomization element and tunable parameters such as epsilon and delta to guarantee the statistical indistinguishability of any individual record, up to a specified limit. It is most effective when applied to very large datasets.

          CN-Protect

          Technology

          Optimal k-anonymity

          K-anonymity is a privacy model that protects re-identification of individuals in a dataset based on indirect identifiers (or quasi-identifiers). Quasi-identifiers, such as age, gender, or zipcode, are not fully identifying each on their own but in combination can be used to distinguish a much smaller, or possible a single individual in the dataset. K-anonymity considers each unique combination of quasi-identifiers as an equivalance class (or bin), and then ensures that each bin has at least k members which are indistinguishable from each other. This is achieved by generalizing and/or suppressing the quasi-identifiers. For example, if k is set equal to 5, then any bin must contain at least 5 individuals. In bins smaller than 5, the zip code digits are redacted from right-to-left, thus increasing the area that the remaining digits represent, and thus more individuals would be contained in that bin.

          As k increases, the data becomes more general and the risk of re-identification is reduced.

          CN-Protect

          Technology

          Secure Multi-Party Computation

           Secure Multi-party Computation (SMC), or Multi-Party Computation (MPC), is an approach to jointly compute a function over inputs held by multiple parties while keeping those inputs private.

          MPC is used across a network of computers while ensuring that no data leaks during computation. Each computer in the network only sees bits of secret shares — but never anything meaningful. Secret shares are derived from data using correlated randomness such that at the end of the computation, each computer has a share of the solution. The only way to reconstruct the complete solution is to add all the shares together from all the computers involved.

          This allows training a machine learning model across datasets held by multiple parties as if they were a single dataset but without actually moving, centralizing, or disclosing the data between the parties. The secret shares exchanged between parties cannot be used to reverse engineer any input data, and no single party can unilaterally decrypt the resulting model. Therefore, MPC can be used to satisfy privacy, confidentiality, and data residency requirements.

          CN-Insight

          Technology

          Private Set Intersection

          Private Set Intersection (PSI) identifies common elements between datasets typically held by different parties, without revealing anything to each other except the intersection. This replaces simplistic approaches such as one-way hashing functions that are susceptible to dictionary attacks. Applications for PSI include identifying the overlap with potential data partners (i.e. “Is there a large enough client base in common to be worthwhile to work together), as well as aligning datasets with data partners in preparation for using MPC to train a machine learning model.

            CN-Insight