PRIST

Project start date:

Project end date:

The aim of the research project PRIST is to develop a more secure solution for studies that need linked data from different databases.

In PRIST a register-based study is conducted to compare the process and accuracy of a regular and privacy-preserving study. The aim is to discover relationships between levels of IT education and salary and between working during studies and time required for graduating.

The project is carried out by the following partners:

  • Association of Information Technology and Telecommunications ITL as the decision-maker needing answers to the defined research questions,
  • Estonian Center for Applied Research CentAR as the analyst and subject area expert,
  • Estonian Information System’s Authority RIA, Ministry of Finance, Information Technology Center RMIT and Cybernetica as participants in the secure multiparty computation,
  • data is secret-shared by Ministry of Education and Research and Estonian Tax and Customs Board,
  • data processing is reviewed by the Estonian Data Protection Inspectorate.

Technology used in PRIST is based on the theory of secure multiparty computation. Secure multiparty computation preserves confidentiality of input data and only designated parties can conduct pre-specified operations with the study data. This helps researchers to respect the natural persons’ fundamental right to the protection of personal data and keep it secret with best contemporary scientific and technological guarantees.

Secure multiparty computation also offers a solution to the data owner’s problem with research where data owner loses control of data processing as soon as data is given out of the organization. With secure multiparty computation the data owner retains control of data and its processing during the whole time when data is used and can revoke this permission when needed.

During the project new privacy-preserving statistical software and research process are developed and tested. Privacy guarantees of the new process is compared with a traditional study that does not use personal data.

In the PRIST study data processing is implemented with the Sharemind® software.

Sharemind® has been developed by Cybernetica in a number of research projects and according to published information is the most complete secure multiparty computation platform existing.

The statistical software of the PRIST project is implemented as a Sharemind® application written in the imperative SecreC programming language. SecreC distinguishes between the public and private data at the data type level. With SecreC the full Sharemind® system is available to software developers without cryptographic expertise.

The project is funded by the European Regional Development Fund through the Implementing Agency Archimedes Foundation from the operational programme for the Development of the Economic Environment, priority axe for Improving the competitiveness of Estonian R&D through the research programmes and modernization of higher education and R&D institution.

The project reference in the register of structural support is 3.2.1201.13-0017.

Current projects:

CyberSec4Europe

The project will test and demonstrate potential governance structures for the network of competence centres using the best practices examples of participants like CERN.

EXCITE

EXCITE will advance foundational theories of model verification and data analysis.

STACC

The objective is to turn STACC into a leading and economically independent R&D organisation.

ONENET

Creating a reliable architecture that enables the European electrical system to function as a single system.

AKIT

AKIT is an English-Estonian data protection and information security lexicon (Andmekaitse ja infoturbe leksikon).

MAITT

MAITT will prototype machine learning and AI-powered public domain service delivery in domains that are of importance to the state.

DANCE

Data protection synthesis of test databases using secure computing technology.

PROVENANCE

Creating techniques for constructing zero-knowledge proofs for government interactions with citizens, companies or other governments.

New technologies in voting

The project seeks to map the effects emerging technologies have on voting and offer solutions to potential problems.

eeCloud

Implementation of the Estonian Government Cloud.

SPoF2 - Part 3 eID Infrastructure Trust Model

Analysis of and recommendation for the Estonian eID trust model.

Vessel Traffic and Maritime Surveillance System

The project aims to bring to market a new TDOA technology and develop a maritime traffic surveillance product for the international market.

VORMSI

Research & development of a security threat information sharing and correlation system for transnational use.

ECYSAP

Implementation of high maturity cyber situational awareness platform for military use.

CoNurse

The project aims to expand the functionalities of CoNurse through developing a stochastic model for implementing smart and dynamic protocol delivery.

Smart Wallet (eKukkur)

The aim of this project is to make the necessary preparations and create the necessary commercial and technological base for the provision of next-generation eID services in accordance with the updated version of eIDAS.

Minerva

De-risking machine learning technology for cyber security applications in cooperation with European Space Agency.

Past projects:

DATABIO

DataBio demonstrates that enabling data-driven decisionmaking in agriculture, forestry and fishing increases productivity and has a measurable impact to both the economy and the environment.

ELIKO

Development a radio surveillance platform and an adaptive radio network.

NAPLES

NAPLES demonstrates how to seamlessly add security analysis and optimization capabilities on top of Business Process Management tools.

IUT27-1

IUT27-1 is centered on systems’ security with a focus on Secure Multiparty Computation, Structured Risk Assessment of information and related systems, and Internet voting.

OCEAN2020

The support of maritime surveillance and interdiction missions.

PRACTICE

PRACTICE will mitigate insider threats and stop data leakage for computations in the cloud while maintaining economies of scale.

PRIST

Privacy-preserving statistical studies on linked databases.

SafeCloud

SafeCloud aimed to re-architect cloud infrastructures with a focus on partitioning and entanglement.

SUNFISH

The SUNFISH project will develop and integrate software enabling secure cloud federation as required by European Public Sector bodies.

TREsPASS

The goal of TREsPASS was to create a mart ‘attack navigator’, which will trace potential weak points within an organization or a given infrastructure.

UaESMC

The UaESMC project focused on methods for making secure computation more practical in the real world.

MANTICUS APOLLO

MANTICUS APOLLO focused on creating the theoretical foundation for a transnational and comprehensive situational awareness capability for coordinating national defense.

SYSFLEX

SysFlex will identify issues and solutions associated with integrating large-scale renewable energy and create a plan to assist system operators across Europe.

INTERRFACE

INTERFACE aims to achieve greater coordination between TSOs and DSOs to ensure a cost-effective and secure supply of electricity.

M-VOTING

Analysing the changes in e-voting risk analysis in a situation where voting from a smart device is possible.

BELIEVE

Analyzing the impact of biometric facial recognition measures on the e-voting system in ensuring freedom of choice and its applicability in the Estonian e-voting system

EIS

The Estonian information security standard aims to develop and promote the level of information security of the Estonian public authorities as well as private businesses.

KYPSIS

Study of applicability of cryptographic algorithms in information systems, their spread and assessment of the strength of already implemented cryptographic algorithms.

LESCA

Creation of a tool to convert a Datalog-like program to a SecreC program (privacy-preserving computation based on Sharemind MPC platform).

WEBEXTENSIONS

Analysis of the Open-eID architecture design offer including the formulation of system security requirements, review and verification of the protocol set in terms of fixed requirements.

SEVILLA

Creation of programmable secure multi-party computation and applications.

CDOC 2.0

Analysis for Estonia's new file encryption standard CDOC2.0 and general architecture design.

Eurostat-Cybernetica project ESTAT 2019.0232

The project created a proof-of-concept solution for the secure private processing of longitudinal Mobile Network Operator data in support of official statistics.