Field
The subject matter discussed herein relates generally to methods and systems of detecting leakage of sensitive information while also preserving privacy, and more particularly, to a protocol between an external host and an enterprise to detect large-scale data leakage in a manner that protects private information.
Related Art
In the related art, online information breach associated with sensitive user data is occurring with growing scale and cost. For example, enterprises that are online entities, such as retailers, insurers and government agencies, may experience large-scale loss (or leakage) of sensitive information associated with individual users. For example, a third party may steal (e.g., hack) a credit card number, social security number, or account information, publicly display the sensitive information, or attempt to sell the sensitive information in an unauthorized manner.
The breaches associated with sensitive data leakage are large (e.g., millions of online user accounts) in scale and occur rapidly, and can cause losses to the online entity (e.g., enterprise) as well as the individual user. Further, it may be difficult or impossible for the enterprise itself to detect the leakage. Even if the leakage is detected, there can be a significant time delay between the leakage event and the detection of the leakage event.
To address the foregoing problem, related art approaches may be employed. For example, the entity (e.g., enterprise such as an online retailer or agency, but not limited thereto) may contact a host and provide the host with an indication of online data loss. For example, but not by way of limitation, the enterprise may indicate to the host that it believes that credit card numbers may have been leaked from the client, and would like the host to determine whether a leak has occurred.
In response to the request, the related art host may be able to search for the credit card numbers online, but cannot do so in a privacy-preserving manner. Further, as explained above, there is a time gap between the breach and the enterprise becoming aware of the breach. Additionally, some online enterprises are not able to detect the breach using their own monitoring tools.
Accordingly, a need exists for the enterprise to be able to have a host quickly make the determination as to whether there has been a data loss (e.g., large-scale), without provide the host without the actual sensitive information, with the host not knowing the source of the data loss, so as to preserve privacy.