Secure Computing Platform

Product overview

Sharemind platform

  • Data owners encrypt each record on premises with the Sharemind importer and upload to the Sharemind Application Server cluster.
  • The Sharemind hosts cannot decrypt the data.
  • Instead, Sharemind utilises secure computing technology to processes data without removing the protection.
  • All intermediate and final results are also encrypted and only the user making the query can decrypt them.
  • Hosts and selected third parties control what can be computed and what results can be released.

The Sharemind advantage

  • Use more data in your decision making, processes or research.
  • Start new businesses or services based on data that you could not access before.
  • Go so far beyond data protection requirements that they may not apply anymore.
  • Use the better privacy guarantees as your market advantage.
  • Use Sharemind developer tools to build privacy-preserving data mining solutions that integrate with your workflow.

Product modules

CSV Importer

The CSV Importer imports a CSV formatted database or Excel spreadsheet export into a Sharemind installation. CSV Importer validates input file according to a given data model description, secret shares each individual value in the CSV input file and distributes the shares among the Sharemind Application Servers in a given installation. CSV Importer is the last step, where sensitive values are available in plaintext, and therefore the tool should be used by Data Owner.

CSV Importer supports comma-, semicolon-, tab- and space-separated input files and various data types, including automatic generation of enumeration types.

Encrypted Computing Engine (three-party secure computing)

Encrypted Computing Engine is an application server and a core component of the Sharemind platform that facilitates running secure multi-party computation programs. These programs are written in the SecreC language that separates public and encrypted data work flows.

Sharemind Encrypted Computing Engine implements secure computation protocols based on 3-party additive secret sharing. Therefore, a Sharemind deployment consists of three parties, each hosting their own Encrypted Computing Engine.

Encrypted Computing Emulator

Encrypted Computing Emulator provides the same user experience as Sharemind Encrypted Computing Engine, but emulates the secure computing locally without the network communication overhead. Encrypted Computing Emulator is used for developing and testing SecreC programs before deploying them on Encrypted Computing Engine.

Encrypted Computing Emulator provides performance models for secure multi-party computation protocols, so you can evaluate the running time breakdown of you SecreC programs even before deploying them on real installation.

Add-on: Web Application Gateway

Web Application Gateway provides a HTTP/HTTPS interface for your Sharemind Encrypted Computing Engine, so you can build privacy-preserving web applications, where data is encrypted in end user's browser.

Each of the three Encrypted Computing Engines needs its own Web Application Gateway that may be deployed at the same host computer. The Web Application Gateway may also handle application-specific business logic, e.g. cache input shares and starting a secure computing periodically on larger batches of input values. Sharemind Web Application Gateway is provided as a NodeJS module.

Add-on: Encrypted Storage (Embedded HDF5)

The Encrypted Storage (Embedded HDF5) provides a persistent storage layer for the Sharemind Application Servers (Encrypted Computing Engine and Emulator). It is used to store input values and computation results, both of which may be either public or encrypted.

The Encrypted Storage add-on is based on HDF5 technology, which provides an efficient column-optimised storage of high volume data.

Add-on: Encrypted NoSQL Storage (Redis adapter)

The Encrypted NoSQL Storage (Redis adapter) provides a persistent storage layer for the Sharemind Application Servers (Encrypted Computing Engine and Emulator). It is used to store input values and computation results, both of which may be either public or encrypted.

This add-on provides an efficient key-value interface for data storage. It requires a Redis backend at each Sharemind Application Server host.

Rmind

Rmind is a statistical analysis suite that works on encrypted data. Rmind supports a wide variety of data manipulation and statistical functionality, including descriptive statistics, merging (joining) data tables, aggregations, statistical models as well as visualisations. Analyst will only see statistical aggregate results, while all individual values and intermediary results will stay encrypted on the Sharemind Application Server. People who have previous experience with the R language and tools can appreciate the familiarity of Rmind data mining software.

Client API

Sharemind Client API provides the necessary tools for building custom client application for the Sharemind platform and integrating secure computation technology into existing information systems.

The Client API consists of libraries, header files and documentation for building and integrating privacy-preserving applications in C, C++, Haskell and JavaScript (to be used with Sharemind Web Application Gateway).

Feature SDK & Emulator Academic Server Application server
Target users Who is the runtime designed for? For developers For privacy researchers For service providers
Secure computation engine Security or ease of development? Protocol emulator Cryptographic protocols Cryptographic protocols
Application development How to make it understand me? SecreC 2 language SecreC 2 language SecreC 2 language
Deployment options Where can I use Sharemind from? Only within the development environment Web, mobile, desktop, server apps Web, mobile, desktop, server apps
Enterprise features Which one runs in practice? None None Support for database engines and access control, best performance
Licensing Where do I have to sign? Open source (GPLv3) License from Cybernetica License from Cybernetica
Pricing What will it cost? Free Free for research use Server-based pricing
Download Request License Request a trial