Secure computation database platform
that brings security and change to society
The calculation process is executed without reconstructing any of the encrypted data using secure computation technology.
Enables secure data transfer, processing, and analysis regardless of the cloud, internal servers, or any environment.
QueryAhead® promote the proactive use of confidential data, which has been difficult in the past.
Table of Contents
What is Secure Computation?
Where to be used?
What is QueryAhead®?
What is Secure Computation?
When important data is sent to a server, that data is usually encrypted. TLS and HTTPS are technologies used to encrypted communications. The data sent to the server would then also be encrypted and stored.
But is this enough to be safe?
Of course, the contents of the data cannot be read in its encrypted state. Therefore, when the data is used for analysis or processing, the encrypted data must be decrypted to the original data. Decrypting data means that the important data itself is placed there in a state that can be read by anyone (called plaintext). This state has been subject to the risk of information leakage and tampering.
Secure computation technology enables encrypted data to be computed without decryption. This makes it possible to realize a consistently secure environment from data communication to storage and even utilization.
Secure computation technology has been studied for many years in the field of cryptology around the world, and its security is widely recognized in academic fields. Our secure computation technology has been developed based on the theoretical design by the National Institute of Advanced Industrial Science and Technology (AIST), a leading research institute in Japan.
Nuttapong Attrapadung, Goichiro Hanaoaka, Takahiro Matsuda, Hiraku Morita, Kazuma Ohara, Jacob C. N. Schuldt, Tadanori Teruya, and Kazunari Tozawa. 2021. Oblivious Linear Group Actions and Applications. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21). Association for Computing Machinery, New York, NY, USA, 630–650. https://doi.org/10.1145/3460120.3484584
Yusuke Ishida, Kazuma Ohara, Takahiro Matsuda, Nuttapong Attrapadung, Goichiro Hanaoka, "Design and Implementation of RNG Server for Secure MPC", SCIS2021.
Yusuke Ishida, Atsushi Kunii, Junichi Oketani, Satsuya Ohata, Takahiro Matsuda, Nuttapong Attrapadung, Goichiro Hanaoka, "A Secure Querying System for Developers without Background on Secure Computation", SCIS2020.
Yusuke Ishida, Junichi Oketani, Atsushi Kunii, Satsuya Ohata, Goichiro Hanaoka, "A Scalable Server Configuration and Round-Efficient Implementation in Secure Two-Party Computation", CSS2019.
Where to be used?
Wants to leverage data from multiple organizations
If it were possible to analyze the data of companies across the entire industry through research institutes, etc., it would be expected to provide clues for solving industry-wide problems and further market expansion. In reality, however, individual companies cannot expose their valuable data to a third party.
This is where secure computation technology can be used.
Secure computation technology makes it possible to process and analyze data while keeping the contents of the confidential data from individual companies hidden. This allows each company to provide data and thus output that benefits the entire industry.
Wants to leverage data from multiple organizations
With the growing demands for data analysis, there are more and more opportunities to outsource the analysis of one's own data. However, on-site analysis of sensitive data is often subject to security restrictions, such as prohibiting data to be taken outside the company. While significant time and cost savings can be expected if a scalable cloud service can be used from any work location, in reality, the work may have to be done onsite in an environment where network connectivity is also prohibited.
Secure computation technology can be used to solve this problem.
With secure computation technology, data can be processed and analyzed without any decryption, even if the data is placed on an external cloud. As a result, by eliminating external data reconstruction points, it is possible to securely take data out and utilize it, thereby increasing the efficiency of the analysis process.
What is QueryAhead®?
① Can be queried in Python and SQL
② Can be built in the cloud or on-premise
③ No expertise in cryptography is required
It can be used immediately with general knowledge of Python and data manipulation. The secure computation technology is a cryptographic technique, but there is no need for cryptographic expertise. QueryAhead® does all the work as a secure computation on the back end.
Since it can be built either in the cloud or on-premise, it can be used for a wide range of purposes, from internal data utilization to collaboration with external organizations.
Function list
Basic arithmetic operations
Filtering
Sort
+、-、×、÷
Extraction by conditions
Sorting Table Data
Table join
Aggregating
Basic statistical operations
Linear regression
Join multiple tables according to conditions
Grouping and aggregating the same categories
Minimum, maximum, average, number of pieces, etc.
Learning and inference with linear regression
Access control
Other
Fine control of decryption, query, and other permissions for each user and table
String operations, inner product operations, etc.
Flow
The flow when using QueryAhead® is based on three steps: storing data, querying, and retrieving results.
Let's look at each step using the example of a situation in which the data owner outsources data analysis to another company.
1. Storing data
Data is encrypted (secret sharing process) and sent to QueryAhead® in the cloud.
Data can be submitted via CSV files or Python's Pandas or Numpy.
2. Query
Analysts whose data analysis is outsourced issue queries from the outside.
The queries can be written like regular data processing programs using Python or SQL. The issued query is converted into a secure computation program on QueryAhead®, which performs the secure computation using the submitted encrypted data.
The query results are also encrypted and stored on QueryAhead®.
Access rights are flexible, so the range of data (table names, column names, etc.) that can be decrypted or referenced by external analysts and operations allowed to be performed can be set in detail.
3. Obtaining results
Since the query results are also obtained in encrypted form (secret sharing process), the results cannot be read unless they are decrypted.
In this example, the data owner obtains the encrypted query results from the QueryAhead® server, decrypts them, and uses them.
