TR2023010074A2 - WORKING METHOD OF SHARING PLATFORM THAT PROTECTS DATA PRIVACY - Google Patents

Abstract

The invention generally relates to a secure sharing platform operating method that protects data privacy by ensuring that the sharing process is completed securely without disclosing personal data while sharing data between the parties.

Description

DESCRIPTION SHARING PLATFORM WORKING METHOD THAT PROTECTS DATA PRIVACY Technical field The invention generally relates to a secure sharing platform working method that protects data privacy by ensuring that the sharing process is completed securely without disclosing personal data while sharing data between the parties. State of the Art Today, the importance of data-based decisions, and therefore data, in the decision-making mechanisms of companies is increasing day by day. However, awareness of the privacy and confidentiality of personal data, laws and the responsibilities brought by these laws are increasing around the world. The need for different parties, independent of each other, to share personal data with each other in a secure and confidential manner exists in different sectors. The parties in question will both fulfill their legal obligations and protect privacy when sharing data with each other. However, for companies in the data provision sector, this also means that trade secrets are protected. In the state-of-the-art application numbered TR 2019/20364, a personal data protection system and method is mentioned. This invention relates to a system (1) and method (1000) used to prevent violations in the processing and sharing of personal data. The system (1) and method (1000) subject to the invention can be used by anyone who has personal data, regardless of sector and company. The system (1) and method (1000) subject to the invention enable automatic detection and processing of data specified as personal data in the KVKK legislation. In this way, the time required for the work to be done manually is shortened and violations that are likely to be overlooked are prevented. The invention titled "Apparatus, system and method for selectively encrypting different parts of data sent over a network", which was validated in Turkey with the application number TR 2008/01841 from the document with publication number EP1317839B1, which is another document in the known technique, is used to transfer data over a network between a server and a client. An apparatus and method for selectively encrypting parts of the data is mentioned. Apparatus; It includes parsing means for separating a first part of the data from a second part of the data, encryption means for encrypting only the first part of the data, and combination means for combining the first encrypted part of the data with the second part of the data, where the second part of the data is not encrypted. The apparatus also includes decryption tools installed on the client to decrypt the encrypted portion of the data. The apparatus is platform independent in terms of media format and data protocol. The encryption unit encrypts data transparently to the client based on the media format. The apparatus of this invention is implemented as one of the embodiments and as a wearable object. Method for selecting and encrypting parts of data that differ from each other in at least one feature; It involves parsing the data into a first and a second part, encrypting only a first part of the data, and sending the encrypted first part and the second part of the data to the client over the network. The method further includes receiving data from the server, determining whether a data flow has been established between the server and the client, and negotiating an encryption key with a decryption key of the client. The documents describe a data differential privacy protection sharing platform based on a blockchain and a method thereof. The blockchain-based data differential privacy protection sharing platform includes a data upload module, a data access module, a data processing module and a smart contract module. The data processing module includes a hierarchical access control module, a data optimization module, a data query component, and a reliability evaluation feedback module. However, neither in the documents mentioned above nor in other documents in the state of the art, there is a working method that allows the parties to compare data, although some of the data (personal data) is encrypted to protect it from the other party when two parties share data with each other. As a result, developments are being made in sharing platforms and working methods that protect data privacy, therefore new structures are needed that will eliminate the disadvantages mentioned above and bring solutions to existing systems. Purpose of the Invention The present invention is a secure sharing platform operating method that meets the above-mentioned requirements, eliminates all disadvantages and brings some additional advantages. The main purpose of the invention is to introduce a secure sharing platform operating method that protects data privacy by ensuring that the sharing process is completed securely without disclosing personal data while sharing data between the parties. Another aim of the invention is to introduce a secure sharing platform operating method that will ensure automatic fulfillment of responsibilities and legal obligations regarding the privacy and confidentiality of personal data. Another purpose of the invention is to introduce a secure sharing platform operating method that allows the parties to compare data while sharing data with each other, although some of the data (personal data) is encrypted to protect it from the other party. Detailed Description of the Invention In this detailed explanation, the working method and preferred embodiments of the secure sharing platform, which protects data privacy by ensuring that the sharing process is completed securely without disclosing personal data while sharing data between the parties subject to the invention, are discussed only for a better understanding of the subject and without any limiting effect. It is explained in a way that does not create The secure sharing platform working method that protects data privacy consists of the following process steps: 0 creating the first party's own encryption key, o encrypting the personal data in the first party's data with the first party's own encryption key, o encrypting the personal data within the first party's own encryption key, and Transmitting the data to be shared other than personal data to the second party, 0 creating the second party's own encryption key, 0 encrypting the personal data on the second party with the second party's own encryption key, o encrypting the personal data received from the first party with the second party's own encryption key, 0 transmitting all encrypted personal data on the second party and the data to be shared other than personal data to the first party, o decrypting the data belonging to the first party on the first party, on the data encrypted by both the first party and the second party within the data sent from the second party to the first party, o decrypting the data belonging to the first party and comparing the data encrypted by the second party with the data belonging to the second party and encrypted by the second party, even if the personal data is encrypted as a result of that comparison, the detection of common data, while the personal data encrypted by the second party cannot be accessed among the other data other than the common data detected on the first party. , accessing the data to be shared that is not encrypted. In a preferred embodiment of a sharing platform operating method that protects data confidentiality, the commutative encryption method is used in the process step(s) of creating the encryption key performed by the first and/or second parties and removing the first party's own encryption key data over the encryption key data received from the second party. In another preferred embodiment of the invention, in the creation of the encryption key performed in the first and/or second parties, the authorization rates are determined on the passwords distributed to the stakeholders in the parties in order to open the key. The transactions in question can also be executed in binary combinations between more than two parties. Additionally, by changing the order of party-2 and party-2, party-2 can be enabled to access common data. A preferred embodiment of the invention works as follows; The platform that enables secure data sharing between two different parties while protecting personal data privacy can be visualized as follows. Party-1 Data ( KV2) pani-2 Data % SEND Encryption \([KV2]+ek1) ! : î /Encryption EncKeyl Desif`re A (KV3+ek2) (KV1+ek2) {[KV2]+ek2} RECEIVE Diagram 1. Secure data Representative diagram of data sharing on the sharing platform. In the above diagram, party-1 contains only personal data named KV2 (personal data). On the other hand, party-2 contains personal data KV1, KV2 and KV3. The KV1, KV2 and KV3 data mentioned here only contain personal information. For example, it may include advertising data on a social media platform in addition to the personal information of person number 1. That is, it does not have to be just personal data. However, encryption processes are applied to the personal data section. Thus, at the end of the transactions, only advertising data will be changed without disclosing personal data. Thanks to the study method, personal data held by both party-1 and party-2 is detected without disclosing the personal data in question. Commutative encryption was used in the encryptions. Step 1: Party-1 encrypts its own KV2 with its own encryption key ek1 and sends it to party-2 as "KV2+ek1". Step 2: There are two sub-steps here: g Side-2 encrypts its own KV1, KV2 and KV3 with its own encryption key ek2 and sends it to party-1 as KV1+ek2, KV2+ek2 and KV3+ek2. . It encrypts it using its own encryption key and sends it again to party-1. Step 3: If we list the data held by party-1 at this stage: The data that belongs to him and that he encrypts and sends to party-2 and is re-encrypted and sent to him by party-2, the encryption key of Party-2 from Party-2 to him. The data sent encrypted with, In this step, by taking advantage of the commutative encryption feature, party-1 obtains KV2+ek2 by removing its own password (ek1) via KV2+ek1+ek2. Step 4: At this stage, party-1 obtains KV2+ek2 with KV2+ek2 data. It compares the information sent by -2 and obtains the common data. During the process of obtaining the common data, although the password represented by annex 2 above is not known to party-1, since the whole of the data (KV2 + annex2) is the same, party-1 does not disclose personal data. It becomes clear that 's already has this data. In this way, party-1 and party-2, whose example was given above, were able to determine which data was on both sides without disclosing data to each other. KV2 is present on both sides, and since KV1 and KV3, which are on party-2 but not on party-1, are encrypted by party-2, they are not disclosed on party-1. However, the key can be shared during the creation of encryption keys, and the sharers with whom the key is shared have their own They can obtain the secret key of the distributor (the unit responsible for creating passwords in any of the parties) by using the secret key pieces. For example, let the key assigned by the distributor be "G" and the passwords distributed to the stakeholders in the parties are password1, password2, password3,... In this case, G = password1 + password2 + password3. + password4 + password5. If the distributor wishes, he can determine the effect of these passwords on the key. For example, any one of the passwords 4, password 6, password 9 belonging to the general managers, and at least two of the password 1, password 7 and password 11 belonging to the managers. A combination of at least three of the assistant principals' password2, password3, password5, password8, a password belonging to the principals, and a password belonging to the assistant principals can be produced, which will be sufficient to open the password key. In other words, it is possible for the parties to share data without disclosing data to each other, and the encryption key to be used can be determined in different roles each time. In addition, the process of creating the encryption key to be used in each encryption process can be carried out by different people on side-1. The absence of the need for different people to come together physically to create the encryption key provides a great advantage. In addition, the distributor is open without any additional secret meeting. By changing the multivariate polynomial, a new secret key can be shared with the same stakeholders. In this way, different encryption keys can be created for each data sharing on side-1 or side-2 for each encryption process. TR