1. Field of the Invention
The present invention relates generally to systems and methods for data analysis, and more particularly for determining an element value in private datasets.
2. Discussion of Background Art
Sharing information which by choice or by law is to remain private (i.e. secret) is almost self-contradictory. How can a party share information which is to remain private? One approach to this dilemma is that often parties are willing to share certain statistical information about their own private data. Such statistical data may include, an average value, a median value, a lowest value, a highest value, as well as various other data distribution statistics.
The usefulness of sharing such statistical information while preserving the privacy of the data abound. For example: Suppose that multiple hospitals wish to compute the median life expectancy of patients they treated who had a particular medical ailment (e.g. SARS or HIV). Often by law, hospitals are not permitted to share their detailed personal patient data so that such a median life expectancy could be computed, and yet knowing the median life expectancy would likely be of great value to researchers and government entities tracking the success of combating such a disease.
Similarly, suppose multiple universities wish to compute the median salary of their combined faculty populations so as to better compete for and compensate their faculty. Each university would not like to reveal individual salaries, since pay-scales are determined by length of time in the institution (and so, for example, the minimum salary corresponds to the most junior faculty member and the maximum salary to the most senior). However, computation of the median salary is a basic statistic that various employee organizations and magazines routinely publish.
Current solutions attempt to generate such statistical data from private information by perhaps using a trusted third party; however, the computational and resource overhead required to implement such methods is very burdensome. Also due to the private and sensitive nature of their data, parties may intentionally or unintentionally provide inaccurate data about their private information, thereby further complicating efforts to ensure the accuracy of various statistics computed for such private data.
In response to the concerns discussed above, what is needed is a system and method for secure data analysis that overcomes the problems of the prior art.