개인정보 - 비식별 - 프라이버시 향상 기술(PET ; Privacy Enhancing Technology)

가명·익명처리 기술, 동형암호, 합성데이터, 차분 프라이버시, 연합학습, 다자간 연산 등

 

(개념) 개인정보의 기밀성을 보호하면서 정보를 수집, 처리, 분석, 공유할 수 있는 디지털 기술과 접근 방식

- 출처 : 2023년 2월 ‘개인정보 보호 강화기술의 등장(EMERGING PRIVACY ENHANCING TECHNOLOGIES)

 

특정 개인정보 혹은 데이터 보호 기능을 달성하고, 더불어 개인 또는 자연인 그룹의 개인정보를 위협으로부터 보호하기 위한’ 기술 프로세스, 방법, 지식을 모두 포괄하는 개념

 

정보통신기획평가원의 주간기술동향 2127호 ICT신기술 ‘개인정보 보호 강화기술(PET)의 개념 및 사례 동향’(2024.3월) 기반, TTA 저널 제213호

정보통신기획평가원의 주간기술동향 2127호 ICT신기술 ‘개인정보 보호 강화기술(PET)의 개념 및 사례 동향’(2024.3월) 기반, TTA 저널 제213호

 

 

 

https://www.fsec.or.kr/bbs/detail?menuNo=242&bbsNo=11385

 

Cryptographic algorithms

1. Homomorphic Encryption: Homomorphic encryption is an encryption method that enables computational operations on encrypted data. It generates an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on unencrypted data (i.e. plaintext). This enables encrypted data to be transfered, analyzed and returned to the data owner who can decrypt the information and view the results on the original data. Therefore, companies can share sensitive data with third parties for analysis purposes. It is also useful in applications that hold encrypted data in cloud storage. Some common types of homomorphic encryption are:
   • Partial homomorphic encryption: can perform one type of operation on encrypted data, such as only additions or only multiplications but not both.
   • Somewhat homomorphic encryption: can perform more than one type of operation (e.g. addition, multiplication) but enables a limited number of operations.
   • Fully homomorphic encryption: can perform more than one type of operation and there is no restriction on the number of operations performed.
2. Secure multi-party computation (SMPC): Secure multi-party computation is a subfield of homomorphic encryption with one difference: users are able to compute values from multiple encrypted data sources. Therefore, machine learning models can be applied to encrypted data since SMPC is used for a larger volume of data.
3. Differential privacy: Differential privacy protects from sharing any information about individuals. This cryptographic algorithm adds a “statistical noise” layer to the dataset which enables to describe patterns of groups within the dataset while maintaining the privacy of individuals.
4. Zero-knowledge proofs (ZKP): Zero-knowledge proofs uses a set of cryptographic algorithms that allow information to be validated without revealing data that proves it.

Data masking techniques

Some privacy enhancing technologies are also data masking techniques that are used by businesses to protect sensitive information in their data sets.

• 5. Obfuscation: This one is a general term for data masking that contains multiple methods to replace sensitive information by adding distracting or misleading data to a log or profile.
• 6. Pseudonymization: Identifier fields (fields that contain information specific to an individual) are replaced with fictitious data such as characters or other data. Pseudonymization is frequently used by businesses to comply with GDPR.
• 7. Data minimisation: Collecting minimum amount of personal data that enables the business to provide the elements of a service.
• 8. Communication anonymizers: Anonymizers replace online identity (IP address, email address) with disposal/one-time untraceable identity.

With the help of AI & ML algorithms

• 9. Synthetic data generation: Synthetic data is an artificially created data by using different algorithms including ML algorithms. If you are interested in privacy-enhancing technologies because you need to transform your data into a testing environment where third-party users have access, generating synthetic data that has the same statistical characteristics is a better option.
• 10. Federated learning: This is a machine learning technique that trains an algorithm across multiple decentralized edge devices or servers holding local data samples, without exchanging them. With the decentralization of servers, users can also achieve data minimization by reducing the amount of data that must be retained on a centralized server or in cloud storage.

 

https://en.wikipedia.org/wiki/Privacy-enhancing_technologies

Privacy-enhancing technologies - Wikipedia

https://research.aimultiple.com/privacy-enhancing-technologies/

Top 10 Privacy Enhancing Technologies & Use Cases in 2023

https://www.fsec.or.kr/bbs/detail?menuNo=242&bbsNo=11385

금융보안원