Abstract
Consider a server offering risk assessment services and potential clients of these services. The risk assessment model that is run by the server is based on current and historical data of the clients. However, the clients might prefer not sharing such sensitive data with external parties such as the server, and the server might consider the possession of this data as a liability rather than an asset. Secure multi-party computation (MPC) enables one, in principle, to compute any function while hiding the inputs to the function, and would thus enable the computation of the risk assessment model while hiding the client's data from the server. However, a direct application of a generic MPC solution to this problem is rather inefficient due to the large scale of the data and the complexity of the function. We examine a specific case of risk assessment - the ground speed model. In this model, the geographical locations of successive user-authentication attempts are compared, and a warning flag is raised if the physical speed required to move between these locations is greater than some threshold, and some other conditions, such as authentication from two related networks, do not hold.We describe a very efficient secure computation solution that is tailored for this problem. This solution demonstrates that a risk model can be applied over encrypted data with sufficient efficiency to fit the requirements of commercial systems.
| Original language | English |
|---|---|
| Article number | 54 |
| Journal | ACM Transactions on Intelligent Systems and Technology |
| Volume | 8 |
| Issue number | 4 |
| DOIs | |
| State | Published - Jun 2017 |
Keywords
- Risk models
- Secure multi-party computation
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- Artificial Intelligence