Analyzing public sector incomes on the cloud using MPC

Introduction

Following the success of deploying secure multi-party computation for a secure double auction in Denmark in 2008 and for the financial reporting of the ICT sector in Estonia in 2011, Cybernetica has developed a new MPC application together with a web-based frontend that provides statistical analysis of incomes in public sector in Estonia.

The demonstration website was originally developed for the European Cloud Partnership Steering Board meeting held in Tallinn this summer. The main goal of this webpage was to show that MPC technology is mature enough to be used in real cloud applications that operate on sensitive data. Also, a web-based interface makes it accessible and convenient for a lot of users without the need for installing special software.

We are glad to announce that we have decided to make this website a permanent demo.

Click here to see it run

Technical details

The online demonstration is built on the Sharemind secure multi-party framework that uses three computation parties. The three nodes are deployed on three virtual machines provided by three distinct cloud service providers: Amazon EC2, Windows Azure and Zone Media. All the cloud instances reside in Europe.

As the application computes only average salaries, grouped by various categories, the MPC protocols used are quite simple and are thus not the most interesting part of the demo. What makes this demonstration unique, is the fact that the MPC computation is done in real time and it is controlled by a web frontend. The web application solution builds on the ICT sector benchmark analysis application deployed in Estonia in 2011. However, this time there is no caching and the report computation is initiated directly from the web page.

Instead of embedding an HTTP server inside the Sharemind servers, we opted to use a separate HTTP server in front of each node that connects to Sharemind via its normal protocol and forwards all commands from the web.
This allows us to use existing, stable web server technologies.

Out implementation uses Node.js as the proxy server and the socket.io JavaScript library on top of that to mimic two-way WebSocket-like communication between the client’s web browser and the proxy server.

Future work

We plan to update the application to use the Sharemind application server, a newer, faster version of Sharemind with support for more protocols. Stay tuned!

“The Sharemind team” (sharemind@cyber.ee)

(The technical work was done by Reimo Rebane and Riivo Talviste at Cybernetica, with DanBogdanov supplying the vision. Thanks go out to our collaborators in STACC and the e-Governance Academy.)