SAFETY: Secure gwAs in Federated Environment Through a hYbrid solution with Intel SGX and Homomorphic Encryption

Sadat, Md. Nazmus; Aziz, Momin Al; Mohammed, Noman; Chen, Feng; Wang, Shuang; Jiang, Xiaoqian

doi:10.48550/arxiv.1703.02577

Cited by 5 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A privacy-preserving statistical analysis environment called Sharemind was proposed to support statistically analysis between independent biobanks [11]. A tool called SAFETY was proposed recently, which can securely perform GWAS on federated genomic datasets using homomorphic encryption [56]. Another protocol was proposed to provide genomic diagnoses while preserving participant privacy [35].…”

Section: Related Workmentioning

confidence: 99%

“…The existing techniques of preserving privacy for general- purpose data analytics, including differentially private (DP) deep learning frameworks [5], [59], and cryptographic technologies such as homomorphic encryption (HE) [56], [69] or secure multiparty computation (MPC) [8], [11], [14], [35], [36], [38], [48], may not be applicable to genome-wide analysis due to their inherent limitations. The DP mechanisms are usually based on additive noise mechanisms which perturb the original data/models and consequently affect model accuracy to a certain extent.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Preserving Privacy for Distributed Genome-Wide Analysis Against Identity Tracing Attacks

Zhang

Bai

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Genome-wide analysis has demonstrated both health and social benefits. However, large scale sharing of such data may reveal sensitive information about individuals. One of the emerging challenges is identity tracing attack that exploits correlations among genomic data to reveal the identity of DNA samples. In this paper, we first demonstrate that the adversary can narrow down the sample's identity by detecting his/her genetic relatives and quantify such privacy threat by employing a Shannon entropy-based measurement. For example, we exemplify that when the dataset size reaches 30% of the population, for any target from that population, the uncertainty of the target's identity is reduced to merely 2.3 bits of entropy (i.e., the identity is pinned down within 5 people). Direct application of existing approaches such as differential privacy (DP), secure multiparty computation (MPC) and homomorphic encryption (HE) may not be applicable to this challenge in genome-wide analysis because of the compromise on utility (i.e., accuracy or efficiency). Towards addressing this challenge, this paper proposes a framework named υFRAG to facilitate privacy-preserving data sharing and computation in genome-wide analysis. υFRAG mitigates privacy risks by using a vertical fragmentation to disrupt the genetic architecture on which the adversary relies for identity tracing without sacrificing the capability of genome-wide analysis. We theoretically prove that it preserves the correctness of the primitive functionalities and algorithms ranging from basic summary statistics to advanced neural networks. Our experiments demonstrate that υFRAG outperforms secure multiparty computation (MPC) and homomorphic encryption (HE) protocols, with a speedup of more than 221x for training neural networks, and also traditional non-private algorithms and a state-of-the-art noise-based differential privacy (DP) solution in most settings.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Preserving Privacy for Distributed Genome-Wide Analysis Against Identity Tracing Attacks

Zhang

Bai

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…To resolve the concern, Kim et al [18] applied the BGV scheme [13] and YASHE scheme [8] to encrypt the patient data and conduct secure evaluation of 𝜒 2 distribution over the encrypted data. Sadat et al [23] proposed a hybrid system called SAFETY, which combines Paillier encryption scheme and Intel Software Guard Extensions (Intel SGX) to improve the efficiency of the chi-square test. The second approach is the decentralized solution, where each participant stores its data locally.…”

Section: Related Workmentioning

confidence: 99%

“…Both centralized and decentralized approaches have been explored in this context. In the centralized schemes [18,23], all data owners encrypt their data and outsource them to a common repository, where collective computation becomes possible. In the decentralized schemes [11,21], all data owners store their data locally and run a distributed protocol to conduct the computation over all databases.…”

Section: Introductionmentioning

confidence: 99%

Privacy-Preserving Identification of Target Patients from Outsourced Patient Data

Zhu,

Ayday,

Vitenberg

2021

Preprint

View full text Add to dashboard Cite

With the increasing affordability and availability of patient data, hospitals tend to outsource their data to cloud service providers (CSPs) for the purpose of storage and analytics. However, the concern of data privacy significantly limits the data owners' choice. In this work, we propose the first solution, to the best of our knowledge, that allows a CSP to perform efficient identification of target patients (e.g., pre-processing for a genome-wide association study -GWAS) over multi-tenant encrypted phenotype data (owned by multiple hospitals or data owners). We first propose an encryption mechanism for phenotype data, where each data owner is allowed to encrypt its data with a unique secret key. Moreover, the ciphertext supports privacy-preserving search and, consequently, enables the selection of the target group of patients (e.g., case and control groups). In addition, we provide a per-query based authorization mechanism for a client to access and operate on the data stored at the CSP. Based on the identified patients, the proposed scheme can either (i) directly conduct GWAS (i.e., computation of statistics about genomic variants) at the CSP or (ii) provide the identified groups to the client to directly query the corresponding data owners and conduct GWAS using existing distributed solutions. We implement the proposed scheme and run experiments over a real-life genomic dataset to show its effectiveness. The result shows that the proposed solution is capable to efficiently identify the case/control groups in a privacy-preserving way. CCS CONCEPTS• Security and privacy → Management and querying of encrypted data.

show abstract

“…In addition, there are more works on generic privacy-preserving machine learning frameworks via HE/MPC solutions [9,14,20,25,26,34,35,41,43,45] or differential privacy mechanism [1,2,18,39]. Recent studies [11,12] propose a hybrid multi-party computation protocol for securely computing a linear regression model.…”

Section: Related Workmentioning

confidence: 99%

PrivColl: Practical Privacy-Preserving Collaborative Machine Learning

Zhang

Bai

et al. 2020

Preprint

View full text Add to dashboard Cite

Collaborative learning enables two or more participants, each with their own training dataset, to collaboratively learn a joint model. It is desirable that the collaboration should not cause the disclosure of either the raw datasets of each individual owner or the local model parameters trained on them. This privacy-preservation requirement has been approached through differential privacy mechanisms, homomorphic encryption (HE) and secure multiparty computation (MPC), but existing attempts may either introduce the loss of model accuracy or imply significant computational and/or communicational overhead. In this work, we address this problem with the lightweight additive secret sharing technique. We propose PrivColl, a framework for protecting local data and local models while ensuring the correctness of training processes. PrivColl employs secret sharing technique for securely evaluating addition operations in a multiparty computation environment, and achieves practicability by employing only the homomorphic addition operations. We formally prove that it guarantees privacy preservation even though the majority (n − 2 out of n) of participants are corrupted. With experiments on real-world datasets, we further demonstrate that Priv-Coll retains high efficiency. It achieves a speedup of more than 45X over the state-of-the-art MPC-/HE-based schemes for training linear/logistic regression, and 216X faster for training neural network.

show abstract

SAFETY: Secure gwAs in Federated Environment Through a hYbrid solution with Intel SGX and Homomorphic Encryption

Cited by 5 publications

References 17 publications

Preserving Privacy for Distributed Genome-Wide Analysis Against Identity Tracing Attacks

Preserving Privacy for Distributed Genome-Wide Analysis Against Identity Tracing Attacks

Privacy-Preserving Identification of Target Patients from Outsourced Patient Data

PrivColl: Practical Privacy-Preserving Collaborative Machine Learning

Contact Info

Product

Resources

About