Type: Service, Product - Service
Category: Security, Privacy
Sub-categories: Data Protection, Secure Collaboration

Sharemind : Sharing & Processing Data while maintaining data owner's control

Problem
Standard application and database systems have to decrypt any encrypted data to perform queries on it. This makes the data vulnerable to both insider and outsider attacks. Sharemind on the other hand can recover graciously from successful attacks against a single server in the system and resume normal operation.

Solution (Value Proposition)
Sharemind software enables sharing and processing confidential data while maintaining data owner's control. Its cryptographic guarantees allow organizations, governments and individuals to combine data to create new knowledge and not reveal it to third parties. Sharemind applications include:
1. governments making smarter decisions by securely combining national databases,
2. privacy-preserving online, mobile and cloud services,
3. nation states cooperating to increase international security without creating vulnerable superdatabases.
Sharemind enables this by integrating innovations in cryptography and engineering. The application server can collect, store and process encrypted data into databases without having to decrypt it for processing. Data in the system is secret-shared guaranteeing information-theoretical provable security. All computations have to be allowed by all participating parties, because computations cannot be completed otherwise. These two mechanisms protect data against leaks and help data owners retain control, even revoke initial permission as needed. As of today, no application platform except for Sharemind can provide this capability.

Key Differentiators:
Sharemind integrates innovations in cryptography and engineering. The application server can collect, store and process encrypted data into databases without having to decrypt it for processing. Data in the system is secret-shared guaranteeing information-theoretical provable security. All computations have to be allowed by all participating parties, because computations cannot be completed otherwise. These two mechanisms protect data against leaks and help data owners retain control, even revoke initial permission as needed. As of today, no application platform except for Sharemind can provide this capability.

Supporting Technology (the 'magic')
Sharemind was created during R&D in Cybernetica AS. The first PhD describing the methodology was defended in 2013 by Dan Bogdanov, the Sharemind product manager. The second PhD about Sharemind by a researcher of Cybernetica was by Liina Kamm in 2015. Several more PhD thesis are currently being written by Cybernetica researchers. Presently Sharemind, its cryptographic protocols and software development tools are developed in Cybernetica with support from several FP7, H2020, US Defense Advanced Research Projects Agency and Estonian scientific funding projects. Sharemind development kit, SDK emulator is available under the Opens Source (GPLv3) license. Sharemind Academic Server is licensed for universities or project partners for privacy research with a proprietary license from Cybernetica. Sharemind Application Server is licensed for commercial use with server based licensing

Team Experience

Cybernetica Dan Boganov 2

Dan Bogdanov, R&D team leader, creator of the Sharemind secure database

Cybernetica is a R&D intensive ICT company that researches, develops and manufactures software solutions, light signalling and telematics products, maritime surveillance and radio communications systems; investigates and applies the theoretical and practical security solutions. Total number of employees is about 100. Cybernetica has been involved in the deployment of Estonia's nation-wide ID card with PKI support and the development of digital signature solutions. Cybernetica has developed time-stamping systems and the Estonian Internet voting solution, deployed secure cross-database query systems, customs systems and border security systems. The information security systems department designs, builds and deploys information systems with complex protocols and non-functional (e.g. security, timing) requirements. The information security research group supports all development in Cybernetica. Research goals are related to cryptography (including Public Key Infrastructure, time-stamping, secure multiparty computation), database security, language-based security and security analysis of programs and protocols. Cybernetica has localized and developed its own tools for supporting security audits of information systems. Typical customers are institutions that need their information systems to be certified conformant to relevant standards and regulations. Integrated management system of Cybernetica is certified according to the standards ISO 9001:2008 and ISO 14001:2004

Contacts for clients, press and partners:
Cybernetica AS
Mäealuse 2/1
12618 Tallinn
ESTONIA
Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
Tel: +372 639 7991
Web: http://cyber.ee/en/

Getting Started

Which type of company are you? Choose one of the options below and get a head-start.

Framework Overview

Navigate through the different parts of the Framework

leeg