Today, most websites entail a database query. This serves many purposes; for example, it’s used to look up airline flights or to find the quickest driving route between two destinations. Although obviously useful, online database queries can also be used for unwanted user profiling. Also, some travel sites have been known to use them for price gouging on flights whose routes are drawing a high volume of queries. To prevent the misuse of database queries, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory and Stanford University have developed a new system that uses a tehcnique called function secret sharing to disguise database queries during web-service transactions.
To disguise users’ database queries, the system splits up a query and distributes it across copies of the same database on different servers. For this reason, it is called Splinter.
What this splitting up of queries does, is make servers return results that make sense only when recombined according to a procedure that only the user knows. So, the result is a secret query that nobody but the user alone can understand.
Splinter also uses function secret sharing, which enables it to convert a database query into a set of complementary mathematical functions, each of which is sent to a different database server.
With an increasing number of people wanting private web-surfing, including private queries, this system is a welcome addition to other privacy-protecting methods and techniques.
Source:
Massachusetts Institute of Technology via ScienceDaily (https://www.sciencedaily.com/releases/2017/03/170323152437.htm)
Chanwoo's Weekly Tech 