Sharemind HI for privacy-preserving web services

Less than a year ago we were excited to introduce Sharemind HI (blog post) as a new member in the Sharemind family. Since then, the team has continued to enhance Sharemind HI functionalities so that privacy-preserving, secure solutions could be more easily developed. We are proud to announce the implementation of the 'HI Web Client' library. Compared to the 'HI Client' library it is now easier to develop privacy-preserving web services on Sharemind HI.

These days we are surrounded by digital services to make our lives more comfortable. The downside of this is, that every single thing we do online, ultimately leaves a track. Even if the information is supposedly not logged, used or shared, we can never be too sure it is being processed and stored securely in privacy-preserving ways. Meaning information about us might still leak, for example, via unhappy workers or badly configured web communication. Information we might not even have acknowledged to have shared.

Ian - the doll enthusiast

Let us consider the following fictional example of Ian. He is renowned and highly respected in his field of work. But thanks to his great grandmother who collected vintage dolls, Ian is also a doll enthusiast. An interest he has kept to himself to uphold a certain public image. This was not a problem as Ian knew very well how to protect himself online and avoid people finding out about his fondness of dolls.

Unfortunately, one day Ian started receiving spam emails advertising dolls. To make matters worse, he started seeing advertisements from web pages that dabbled in doll fetishes. Something he was never interested in. This was very surprising to Ian, as he always took necessary precautions. From using a specific device, browser, network, vetting the web pages, to making sure he never ties any of the accounts using pseudonyms with his personal and identifiable information.

As the advertisements and emails now seemed to be tied to his personal email account, the ads were also being displayed in his work computer. This caught the attention of co-workers who were not shy sharing their diverse opinions. Information spread and Ian was confronted with confusing questions from co-workers, strangers and even some friends. It was obvious his enthusiasm in dolls could no longer be kept a secret. Whilst some of his acquaintances didn't mind the hobby and trusted Ian doesn't have a doll fetish, others found it to be strange. Ian felt that his position at the workplace and amongst some of his friends and acquaintances had changed.

How did Ian's sensitive information leak?

Ian could recall months ago, one of the web pages he visited whilst looking at dolls, asked him to take part of a survey. The survey had been created by a third party, in their domain, on behalf of the web page that sells dolls. Ian was excited to answer the survey, as it stated that one of the participants would be gifted a vintage doll. The doll was very special as it was from the pricier range and Ian didn't have it yet. This excitement and the low security measures of the survey service, were the reason why Ian's cover was blown.

Whilst filling in the survey, Ian made sure not to provide any sensitive information. But in order to be considered in the drawing, for a vintage doll, he had to provide his mobile number. This did make Ian think, as he needed to divulge identifiable information, but the doll was something he really wanted, and the survey promised data would be kept in unidentifiable and secure manner. As it turned out, this was not the case. The survey provider was attacked in the weeks following the doll survey and all information in their databases was made public. The breach revealed the filled out surveys had not been kept in the manner stated. Ian could find the form data online without much effort, including all of his answers and the tie between his mobile number and the account for the doll(s) web page.

We need to change how we build web applications

We make daily choices in the give and take between comfort and privacy. Even if you know how to protect your privacy, you still need to trust the service providers. In this case the survey provider should have put much more effort into how the surveys are carried out and stored. Privacy-preserving software development is becoming increasingly important, meaning more approaches and tools are becoming available.

Provided the survey would have been built using Sharemind HI, a breach like the one described above, would not have been possible. Simply because all the data that Sharemind ​HI analyzes and stores is protected by a combination of cryptography, processes, algorithms and the Trusted Execution Environments within modern processors. Meaning that even if the attacker manages to breach the service provider's security measures they wouldn't be able to find out any confidential information. For more information, please refer to the blog post introducing Sharemind HI.

New - the Sharemind HI Web Client library

The Sharemind team members are conscious about the privacy of their personal information and therefore also dream of a world that sees privacy as a must-have and all development follows Privacy by Design principles. This prompted the creation of the Sharemind HI Web Client library.

The Sharemind HI platform is mostly built using C++ and therefore the various functionalities - uploading data, downloading results, etc. - are first accessible via a reusable C++ library (HI Client library) as a command line application. However, using C++ for web development might not be the best choice as it requires more development effort. To simplify the usage of Sharemind HI and provide an additional method for privacy-preserving web service development, the Sharemind HI team implemented the HI Web Client library.

The HI Web Client library is largely a copy of the HI Client library in JavaScript. This new library is much easier to use in comparison to the C++ version whilst the same guarantees apply for both libraries. The web service implementation would use the HI Web Client library to implement actions like data upload, results download and so on. In the case of the above example, the new library reduces the effort required to implement an online survey system on top of Sharemind HI.

Conclusion

Privacy is increasingly important for both service providers and users, as showcased by public outcries in 2018. The advancement of tools and technologies means the development of privacy-preserving services requires less effort and should become more common. But it requires a change in how we see data and information. Think about how You could help speed up the transition to privacy-preserving, secure solutions. Could you make an impact by choosing services from providers who already incorporate Privacy by Design principles in their development? Or being the next service provider to provide more secure solutions to your clients to stand out?