Sovereign information sharing service
First Claim
1. A computer-implemented method for secure distributed query processing, comprising:
- storing data tables from at least one data provider in at least one first computer comprising a sovereign server;
performing encrypted input and output of said data tables between said server and a second computer;
computing join operations, comprising determining whether arbitrary join predicates yield matches within said data tables;
outputting encrypted results of said join operations,where said data tables include database relations A, B, C and D,where |A|=|C|, and |B|=|D|,where A and C have identical schema, and B and D have identical schema,where for any given maximum number of tuples from B that match a tuple from A, JAC, and JBD are ordered lists of server locations read and written by the sovereign server during the join of A with respect to C, and the joint of B with respect to D, respectively, andwhere JAC and JBD are identically distributed.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments herein provide a method, system, etc. for a sovereign information sharing service. More specifically, a method for secure distributed query processing comprises storing data tables from at least one data provider in at least one first computer comprising a sovereign server. Next, encrypted input and output of the data tables is performed between the server and a second computer. Following this, join operations are computed, comprising determining whether arbitrary join predicates yield matches within the data tables; and encrypted results of the join operations are output. The method minimizes possible information leakage from interaction between the server and the second computer by making observations and inferences from patterns of the outputting of the encrypted results.
-
Citations
17 Claims
-
1. A computer-implemented method for secure distributed query processing, comprising:
-
storing data tables from at least one data provider in at least one first computer comprising a sovereign server; performing encrypted input and output of said data tables between said server and a second computer; computing join operations, comprising determining whether arbitrary join predicates yield matches within said data tables; outputting encrypted results of said join operations, where said data tables include database relations A, B, C and D, where |A|=|C|, and |B|=|D|, where A and C have identical schema, and B and D have identical schema, where for any given maximum number of tuples from B that match a tuple from A, JAC, and JBD are ordered lists of server locations read and written by the sovereign server during the join of A with respect to C, and the joint of B with respect to D, respectively, and where JAC and JBD are identically distributed. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method for secure distributed query processing, comprising:
-
performing encrypted input and output of data tables between a server and a secure computer; performing queries of said data tables to produce results; modifying said results by at least one of increasing a size of said results, and increasing a processing time of said results to produce modified results; and outputting said modified results; and where said data tables include database relations A, B, C and D, where |A|=|C|, and |B|=|D|, where A and C have identical schema, and B and D have identical schema, where for any given maximum number of tuples from B that match a tuple from A, JAC, and JBD are ordered lists of server locations read and written by said server during the join of A with respect to C, and the joint of B with respect to D, respectively, and where JAC and JBD are identically distributed. - View Dependent Claims (6, 7, 8)
-
-
9. A system for secure distributed query processing, comprising:
-
at least one first computer comprising a sovereign server adapted to store data tables from at least one data provider; and a second computer operatively connected to said first computer, wherein said second computer is adapted to perform encrypted input and output of said data tables with said first computer, compute join operations to determine whether arbitrary join predicates yield matches within said data tables, and output encrypted results of said join operations, and where said data tables include database relations A, B, C and D, where |A|=|C|, and |B|=|D|, where A and C have identical schema, and B and D have identical schema, where for any given maximum number of tuples from B that match a tuple from A, JAC, and JBD are ordered lists of server locations read and written by the sovereign server during the join of A with respect to C, and the joint of B with respect to D, respectively, and where JAC and JBD are identically distributed. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A system for secure distributed query processing, comprising:
-
a secure computer adapted to perform encrypted input and output of data tables with a server, perform queries of said data tables to produce results, modify said results to produce modified results, and output said modified results, where said data tables include database relations A, B, C and D, where |A|=|C|, and |B|=|D|, where A and C have identical schema, and B and D have identical schema, where for any given maximum number of tuples from B that match a tuple from A, JAC, and JBD are ordered lists of server locations read and written by said server during the join of A with respect to C, and the joint of B with respect to D, respectively, and where JAC and JBD are identically distributed. - View Dependent Claims (15, 16, 17)
-
Specification