Benchmarking is the process of comparing one's own performance to the statistics of a group of competitors, named peer group. It is a common and important process in the business world for many important business metrics, called key performance indicators (M). Privacy is of the utmost importance, since these KPIs allow the inference of sensitive information. Therefore several secure multiparty computation (SMC) protocols for securely and privately computing statistics of KPIs have recently been developed. These protocols are the basic building block for a privacy-preserving benchmarking system, but in order to complete an enterprise system that offers a benchmarking service to its customers more problems need to be solved. This paper addresses two remaining problems: peer group formation and protocol orchestration. We first analyze how peer group participation impacts privacy and vice-versa. Given current network performance limitations we conclude that in order for KPIs to remain private one subscriber can participate in at most one peer group. Peer group formation is the process of forming sensible peer groups out of the set of subscribers. A sensible peer group is one that is useful for benchmarking, i.e. a group of similar companies, under the constraint that one subscriber can participate in at most one peer group. We characterize subscribers by a set of discrete criteria and therefore view the automatic peer group formation as a data clustering problem. A data clustering algorithm customized for automatic peer group formation is required to build clusters whose size does not fall below a minimum threshold. We present a high-performance modification of k-means clustering that takes the minimum cluster size as an additional parameter which might be of independent interest. In a simulation we evaluate its practical applicability to automatic peer group formation. Our final approach is the first automatic peer group formation algorithm for an enterprise benchmarking system. Polling-based protocol orchestration allows the subscribers to remain passive clients, i.e. require no inbound connection, e.g. through a company firewall. We show through simulation that such a polling-based orchestration can be expected to complete within one polling interval.
