-
公开(公告)号:US11861038B2
公开(公告)日:2024-01-02
申请号:US16699997
申请日:2019-12-02
Applicant: SAP SE
Inventor: Jonas Boehler , Florian Kerschbaum
CPC classification number: G06F21/6245 , G06F7/08
Abstract: In an example embodiment, a differentially private function is computed via secure computation. Secure computation allows multiple parties to compute a function without learning details about the data. The differentially private function is performed via probability distribution, which then permits computation of a result that is likely to be very close to the actual value without being so exact that it can be used to deduce the underlying data itself.
-
公开(公告)号:US20230379135A1
公开(公告)日:2023-11-23
申请号:US18221665
申请日:2023-07-13
Applicant: SAP SE
Inventor: Anselme Tueno , Yordan Boev , Florian Kerschbaum
IPC: H04L9/00 , G06N20/10 , G06F40/126 , G06F40/205 , H04L9/06 , G06N5/01
CPC classification number: H04L9/008 , G06N20/10 , G06F40/126 , G06F40/205 , H04L9/0618 , G06N5/01 , H04L2209/08
Abstract: A non-interactive protocol is provided for evaluating machine learning models such as decision trees. A client can delegate the evaluation of a machine learning model such as a decision tree to a server by sending an encrypted input and receiving only the encryption of the result. The inputs can be encoded as vector of integers using their binary representation. The server can then evaluate the machine learning model using a homomorphic arithmetic circuit. The homomorphic arithmetic circuit provides an implementation that requires fewer multiplication than a Boolean comparison circuit. Efficient data representations are then combined with different algorithmic optimizations to keep the computational overhead and the communication cost low. Related apparatus, systems, techniques and articles are also described.
-
公开(公告)号:US11546341B2
公开(公告)日:2023-01-03
申请号:US16791761
申请日:2020-02-14
Applicant: SAP SE
Inventor: Benny Fuhry , Lina Hirschoff , Florian Kerschbaum
Abstract: Aspects of the current subject matter are directed to secure group file sharing. An architecture for end-to-end encrypted, group-based file sharing using a trusted execution environment (TEE) is provided to protect confidentiality and integrity of data and management of files, enforce immediate permission and membership revocations, support deduplication, and mitigate rollback attacks.
-
公开(公告)号:US11449639B2
公开(公告)日:2022-09-20
申请号:US16442336
申请日:2019-06-14
Applicant: SAP SE
Inventor: Daniel Bernau , Jonas Robl , Philip-William Grassal , Florian Kerschbaum
Abstract: Machine learning model data privacy can be maintained by training a machine learning model forming part of a data science process using data anonymized using each of two or more differential privacy mechanisms. Thereafter, it is determined, for each of the two or more differential privacy mechanisms, a level of accuracy and a level precision when evaluating data with known classifications. Subsequently, using the respective determined levels of precision and accuracy, a mitigation efficiency ratio is determined for each of the two or more differential privacy mechanisms. The differential privacy mechanism having a highest mitigation efficiency ratio is then incorporated into the data science process. Related apparatus, systems, techniques and articles are also described.
-
公开(公告)号:US20210349807A1
公开(公告)日:2021-11-11
申请号:US16867632
申请日:2020-05-06
Applicant: SAP SE
Inventor: Andreas Fischer , Jonas Janneck , Joern Kussmaul , Nikolas Kraetzschmar , Florian Kerschbaum
Abstract: Provided is a system and method for generating a subset of optimal variations of a software program which allow some statements of the control flow to be exposed to side channels. Furthermore, the subset of optimal variations may be selected based on a security and a performance trade-off analysis. In one example, the method may include identifying a set of statements within a control flow of a software program, generating a plurality of variations of the software program which comprise different subsets of statements which are exposed to side channels, respectively, determining one or more pareto-optimal variations of the software program based on side channel leakage values and performance values of the plurality of variations of the software program, and outputting information about the one or more pareto-optimal variations of the software program to a user device.
-
公开(公告)号:US11048816B2
公开(公告)日:2021-06-29
申请号:US16373066
申请日:2019-04-02
Applicant: SAP SE
Inventor: Benny Fuhry , Jayanth Jain Hassan Ajith Kumar , Florian Kerschbaum
IPC: G06F12/14 , G06F11/30 , G06F21/62 , G06F16/2455 , G06F16/248
Abstract: Embodiments offer database security utilizing dictionary encoding, with certain functionality being implemented inside a secure environment, e.g., a Trusted Execution Environment (TEE). In particular, the secure environment receives a secret key from a data owner, and receives an encrypted query range and a dictionary reference from a query engine. Based upon the query range decrypted using the secret key, and also the dictionary loaded from a database, the secure environment searches the dictionary to produce list of value identifiers corresponding to the query range. The value identifiers are communicated outside the secure environment to the query engine for further processing (e.g., to generate RecordIDs), ultimately producing a query result for a user. Particular embodiments may leverage the processing power of an in-memory database engine in order to perform the role of the query engine that interacts with the secure environment.
-
公开(公告)号:US10999256B2
公开(公告)日:2021-05-04
申请号:US15881958
申请日:2018-01-29
Applicant: SAP SE
Inventor: Benjamin Weggenmann , Florian Kerschbaum
Abstract: A method of producing an anonymized vector for a text mining task in lieu of a feature vector is disclosed. A vocabulary is created from a corpus of documents, each of the corpus of documents having a context that is similar to a set of target documents. The set of target documents is received. The feature vector is generated from a first document of the set of target documents. The feature vector is transformed into a composition vector. A synthetic vector is constructed based on the composition vector. The synthetic vector is shared as the anonymized vector in lieu of the feature vector.
-
公开(公告)号:US10746567B1
公开(公告)日:2020-08-18
申请号:US16361405
申请日:2019-03-22
Applicant: SAP SE
Inventor: Daniel Bernau , Philip-William Grassal , Florian Kerschbaum
Abstract: Methods, systems, and computer-readable storage media for privacy preserving metering is described herein. A resource threshold value associated with anonymizing meter data for resources metered at a first destination is received. Based on a noise scale value and the resource threshold value, an individual inference value of the first destination is computed. The individual inference value defines a probability of distinguishing the first destination as a contributor to a query result based on anonymized meter data of the first destination and other destinations according to the noise scale value. The noise scale value is defined for a processing application. Based on evaluating the individual inference value, it is determined to provide anonymized meter data for metered resources at the first destination. An activation of a communication channel for providing the anonymized meter data for metered resources is triggered. The communication channel is between the first destination and the processing application.
-
公开(公告)号:US20190220620A1
公开(公告)日:2019-07-18
申请号:US15874754
申请日:2018-01-18
Applicant: SAP SE
Inventor: Florian Hahn , Nicolas Loza , Florian Kerschbaum
CPC classification number: G06F21/6227 , G06F16/90344 , G06F21/602 , G06F21/606 , G06F21/6218 , H04L9/008 , H04W12/02
Abstract: Secure substring searching on encrypted data may involve a first preprocessing comprising fragmenting a plaintext string slated for remote secure storage, in a plurality of overlapping plaintext substrings. A second preprocessing encrypts these substrings into ciphertexts (e.g., utilizing Frequency-Hiding Order Preserving Encryption) further including position information of the substring. A search index and a secret state result from the first and second preprocessing. The ciphertexts and search index are outsourced to a database within an unsecure server. An engine within the server determines candidate ciphertexts matching a query request received from a secure client. The engine returns ciphertexts to the client for decryption according to the secret state. Preprocessing may be delegated to a third party for outsourcing search index/ciphertexts to the server, and the secret state to the client. Filtering of candidate ciphertexts on the server-side, can eliminate false positives and reduce the volume of communication with remote clients.
-
公开(公告)号:US20170139985A1
公开(公告)日:2017-05-18
申请号:US14939138
申请日:2015-11-12
Applicant: SAP SE
Inventor: Florian Hahn , Florian Kerschbaum
IPC: G06F17/30
Abstract: Methods, systems, and computer-readable storage media for range queries over encrypted data include actions of receiving a range query token, determining one or more of whether a tree list of an encrypted search index is empty and a range of the token intersects with a range accounted of a tree in the tree list, the encrypted search index including the tree list and a point list, receiving encrypted query results based on one of a search tree, if the tree list is not empty and a range of the token is at least a sub-range of a range accounted for in the tree list, and the point list, if the tree list is empty or the range of the token is not at least a sub-range of a range accounted for in the tree list, and updating the encrypted search index based on the token.
-
-
-
-
-
-
-
-
-