Today, confidential or private data, generally referred to as sensitive data, is often retained in centralized data storages. The source of such sensitive data may be vary. Whether it is received from a business entity entrusting its trade secrets with the data storage, received from a private citizen required by law to provide biological samples, or from any other source, the confidentiality of the stored data must be maintained.
The data storage may be accessible by a server in response to a client query, and thereby allowing moderate and limited usage of the sensitive data. In some cases, the server ensures that the client has permission to perform such a query, and that its pattern of operation is consistent with the client's role. The server may anonymize the information while processing it, and provide anonymous data in return.
However, the server still processes the sensitive data and has access to the crude data itself. As a result, it may be important to ensure that there is no potential leakage point within the server. In some cases, administrators of such servers are selected with care, and undergo severe scrutiny before given access to the server. The administrators may hold unrestricted access to the data that is retained within the server, and as a result, may have unlimited access to all sensitive data retained in the centralized data storage.