Secure multiparty differentially private median computation

    公开(公告)号:US11861038B2

    公开(公告)日:2024-01-02

    申请号:US16699997

    申请日:2019-12-02

    Applicant: SAP SE

    CPC classification number: G06F21/6245 G06F7/08

    Abstract: In an example embodiment, a differentially private function is computed via secure computation. Secure computation allows multiple parties to compute a function without learning details about the data. The differentially private function is performed via probability distribution, which then permits computation of a result that is likely to be very close to the actual value without being so exact that it can be used to deduce the underlying data itself.

    PRIVATE DECISION TREE EVALUATION USING AN ARITHMETIC CIRCUIT

    公开(公告)号:US20230379135A1

    公开(公告)日:2023-11-23

    申请号:US18221665

    申请日:2023-07-13

    Applicant: SAP SE

    Abstract: A non-interactive protocol is provided for evaluating machine learning models such as decision trees. A client can delegate the evaluation of a machine learning model such as a decision tree to a server by sending an encrypted input and receiving only the encryption of the result. The inputs can be encoded as vector of integers using their binary representation. The server can then evaluate the machine learning model using a homomorphic arithmetic circuit. The homomorphic arithmetic circuit provides an implementation that requires fewer multiplication than a Boolean comparison circuit. Efficient data representations are then combined with different algorithmic optimizations to keep the computational overhead and the communication cost low. Related apparatus, systems, techniques and articles are also described.

    Secure group file sharing
    3.
    发明授权

    公开(公告)号:US11546341B2

    公开(公告)日:2023-01-03

    申请号:US16791761

    申请日:2020-02-14

    Applicant: SAP SE

    Abstract: Aspects of the current subject matter are directed to secure group file sharing. An architecture for end-to-end encrypted, group-based file sharing using a trusted execution environment (TEE) is provided to protect confidentiality and integrity of data and management of files, enforce immediate permission and membership revocations, support deduplication, and mitigate rollback attacks.

    Differential privacy to prevent machine learning model membership inference

    公开(公告)号:US11449639B2

    公开(公告)日:2022-09-20

    申请号:US16442336

    申请日:2019-06-14

    Applicant: SAP SE

    Abstract: Machine learning model data privacy can be maintained by training a machine learning model forming part of a data science process using data anonymized using each of two or more differential privacy mechanisms. Thereafter, it is determined, for each of the two or more differential privacy mechanisms, a level of accuracy and a level precision when evaluating data with known classifications. Subsequently, using the respective determined levels of precision and accuracy, a mitigation efficiency ratio is determined for each of the two or more differential privacy mechanisms. The differential privacy mechanism having a highest mitigation efficiency ratio is then incorporated into the data science process. Related apparatus, systems, techniques and articles are also described.

    GENERATION OF OPTIMAL PROGRAM VARIATION

    公开(公告)号:US20210349807A1

    公开(公告)日:2021-11-11

    申请号:US16867632

    申请日:2020-05-06

    Applicant: SAP SE

    Abstract: Provided is a system and method for generating a subset of optimal variations of a software program which allow some statements of the control flow to be exposed to side channels. Furthermore, the subset of optimal variations may be selected based on a security and a performance trade-off analysis. In one example, the method may include identifying a set of statements within a control flow of a software program, generating a plurality of variations of the software program which comprise different subsets of statements which are exposed to side channels, respectively, determining one or more pareto-optimal variations of the software program based on side channel leakage values and performance values of the plurality of variations of the software program, and outputting information about the one or more pareto-optimal variations of the software program to a user device.

    Secure database utilizing dictionary encoding

    公开(公告)号:US11048816B2

    公开(公告)日:2021-06-29

    申请号:US16373066

    申请日:2019-04-02

    Applicant: SAP SE

    Abstract: Embodiments offer database security utilizing dictionary encoding, with certain functionality being implemented inside a secure environment, e.g., a Trusted Execution Environment (TEE). In particular, the secure environment receives a secret key from a data owner, and receives an encrypted query range and a dictionary reference from a query engine. Based upon the query range decrypted using the secret key, and also the dictionary loaded from a database, the secure environment searches the dictionary to produce list of value identifiers corresponding to the query range. The value identifiers are communicated outside the secure environment to the query engine for further processing (e.g., to generate RecordIDs), ultimately producing a query result for a user. Particular embodiments may leverage the processing power of an in-memory database engine in order to perform the role of the query engine that interacts with the secure environment.

    Method and system for automated text anonymization

    公开(公告)号:US10999256B2

    公开(公告)日:2021-05-04

    申请号:US15881958

    申请日:2018-01-29

    Applicant: SAP SE

    Abstract: A method of producing an anonymized vector for a text mining task in lieu of a feature vector is disclosed. A vocabulary is created from a corpus of documents, each of the corpus of documents having a context that is similar to a set of target documents. The set of target documents is received. The feature vector is generated from a first document of the set of target documents. The feature vector is transformed into a composition vector. A synthetic vector is constructed based on the composition vector. The synthetic vector is shared as the anonymized vector in lieu of the feature vector.

    Privacy preserving smart metering

    公开(公告)号:US10746567B1

    公开(公告)日:2020-08-18

    申请号:US16361405

    申请日:2019-03-22

    Applicant: SAP SE

    Abstract: Methods, systems, and computer-readable storage media for privacy preserving metering is described herein. A resource threshold value associated with anonymizing meter data for resources metered at a first destination is received. Based on a noise scale value and the resource threshold value, an individual inference value of the first destination is computed. The individual inference value defines a probability of distinguishing the first destination as a contributor to a query result based on anonymized meter data of the first destination and other destinations according to the noise scale value. The noise scale value is defined for a processing application. Based on evaluating the individual inference value, it is determined to provide anonymized meter data for metered resources at the first destination. An activation of a communication channel for providing the anonymized meter data for metered resources is triggered. The communication channel is between the first destination and the processing application.

    Secure Substring Search to Filter Encrypted Data

    公开(公告)号:US20190220620A1

    公开(公告)日:2019-07-18

    申请号:US15874754

    申请日:2018-01-18

    Applicant: SAP SE

    Abstract: Secure substring searching on encrypted data may involve a first preprocessing comprising fragmenting a plaintext string slated for remote secure storage, in a plurality of overlapping plaintext substrings. A second preprocessing encrypts these substrings into ciphertexts (e.g., utilizing Frequency-Hiding Order Preserving Encryption) further including position information of the substring. A search index and a secret state result from the first and second preprocessing. The ciphertexts and search index are outsourced to a database within an unsecure server. An engine within the server determines candidate ciphertexts matching a query request received from a secure client. The engine returns ciphertexts to the client for decryption according to the secret state. Preprocessing may be delegated to a third party for outsourcing search index/ciphertexts to the server, and the secret state to the client. Filtering of candidate ciphertexts on the server-side, can eliminate false positives and reduce the volume of communication with remote clients.

    Poly-Logarithmic Range Queries on Encrypted Data

    公开(公告)号:US20170139985A1

    公开(公告)日:2017-05-18

    申请号:US14939138

    申请日:2015-11-12

    Applicant: SAP SE

    Abstract: Methods, systems, and computer-readable storage media for range queries over encrypted data include actions of receiving a range query token, determining one or more of whether a tree list of an encrypted search index is empty and a range of the token intersects with a range accounted of a tree in the tree list, the encrypted search index including the tree list and a point list, receiving encrypted query results based on one of a search tree, if the tree list is not empty and a range of the token is at least a sub-range of a range accounted for in the tree list, and the point list, if the tree list is empty or the range of the token is not at least a sub-range of a range accounted for in the tree list, and updating the encrypted search index based on the token.

Patent Agency Ranking