12 research outputs found
Privacy Threats and Practical Solutions for Genetic Risk Tests
Recently, several solutions have been proposed to address the complex challenge of protecting individuals’ genetic data during personalized medicine tests. In this short paper, we analyze different privacy threats and propose simple countermeasures for the generic architecture mainly used in the literature. In particular, we present and evaluate a new practical solution against a critical attack of a malicious medical center trying to actively infer raw genetic information of patients
Privacy Threats and Practical Solutions for Genetic Risk Tests
Abstract-Recently, several solutions have been proposed to address the complex challenge of protecting individuals' genetic data during personalized medicine tests. In this short paper, we analyze different privacy threats and propose simple countermeasures for the generic architecture mainly used in the literature. In particular, we present and evaluate a new practical solution against a critical attack of a malicious medical center trying to actively infer raw genetic information of patients
Efficient Verifiable Computation of XOR for Biometric Authentication
This work addresses the security and privacy issues in remotebiometric authentication by proposing an efficient mechanism to verifythe correctness of the outsourced computation in such protocols.In particular, we propose an efficient verifiable computation of XORingencrypted messages using an XOR linear message authenticationcode (MAC) and we employ the proposed scheme to build a biometricauthentication protocol. The proposed authentication protocol is bothsecure and privacy-preserving against malicious (as opposed to honest-but-curious) adversaries. Specifically, the use of the verifiable computation scheme together with an homomorphic encryption protects the privacy of biometric templates against malicious adversaries. Furthermore, in order to achieve unlinkability of authentication attempts, while keeping a low communication overhead, we show how to apply Oblivious RAM and biohashing to our protocol. We also provide a proof of security for the proposed solution. Our simulation results show that the proposed authentication protocol is efficient
Cryptographic Solutions for Credibility and Liability Issues of Genomic Data
In this work, we consider a scenario that includes an individual sharing his genomic data (or results obtained from his genomic data) with a service provider. In this scenario, (i) the service provider wants to make sure that received genomic data (or results) in fact belongs to the corresponding individual (and computed correctly), (ii) the individual wants to provide a digital consent along with his data specifying whether the service provider is allowed to further share his data, and (iii) if his data is shared without his consent, the individual wants to determine the service provider that is responsible for this leakage. We propose two schemes based on homomorphic signature and aggregate signature that links the information about the legitimacy of the data to the consent and the phenotype of the individual. Thus, to verify the data, each party also needs to use the correct consent and phenotype of the individual who owns the data
Privacy-Preserving Whole Genome Sequence Processing through Proxy-Aided ORAM
Widespread use and low prices of genomic sequencing bring us into the area of personalized medicine and biostatistics of large cohorts. As the processed genomic data is highly sensitive, Privacy-Enhancing Technologies for genomic data need to be developed. In this work, we present a novel and flexible mechanism for the private processing of whole genomic sequences which is flexible enough to support any query. The basic underlying idea is to store DNA in several small encrypted blocks, use ORAM mechanisms to access the desired blocks in an oblivious manner, and finally run secure two-party protocols to privately compute the desired functionality on the retrieved encrypted blocks. Our construction keeps all sensitive information hidden and reveals only the end result to the legitimate party. Our main technical contribution is the design of a new ORAM that allows for access rights delegation while not requiring the data owner to be online to reshuffle the database. We validate the practicability of our approach through experimental studies
Blurry-ORAM: A Multi-Client Oblivious Storage Architecture
Since the development of tree-based Oblivious RAM by Shi et al. (Asiacrypt \u2711) it has become apparent that privacy preserving outsourced storage can be
practical. Although most current constructions follow a client-server model, in many applications it is desirable to share data between different clients, in a way that hides the access patterns, not only from the server, but also between the clients.
In this work, we introduce Blurry-ORAM, an extension of Path-ORAM
that allows for oblivious sharing of data in the multi-client setting, so that accesses
can be hidden from the server and other clients. Our construction follows the design of
Path-ORAM as closely as possible in order to benefit from its performance as well
as security. We prove our construction secure in a setting where the clients
are semi-honest, do not trust each other but try to learn the access
patterns of each other
Privacy in the Genomic Era
Genome sequencing technology has advanced at a rapid pace and it is now
possible to generate highly-detailed genotypes inexpensively. The collection
and analysis of such data has the potential to support various applications,
including personalized medical services. While the benefits of the genomics
revolution are trumpeted by the biomedical community, the increased
availability of such data has major implications for personal privacy; notably
because the genome has certain essential features, which include (but are not
limited to) (i) an association with traits and certain diseases, (ii)
identification capability (e.g., forensics), and (iii) revelation of family
relationships. Moreover, direct-to-consumer DNA testing increases the
likelihood that genome data will be made available in less regulated
environments, such as the Internet and for-profit companies. The problem of
genome data privacy thus resides at the crossroads of computer science,
medicine, and public policy. While the computer scientists have addressed data
privacy for various data types, there has been less attention dedicated to
genomic data. Thus, the goal of this paper is to provide a systematization of
knowledge for the computer science community. In doing so, we address some of
the (sometimes erroneous) beliefs of this field and we report on a survey we
conducted about genome data privacy with biomedical specialists. Then, after
characterizing the genome privacy problem, we review the state-of-the-art
regarding privacy attacks on genomic data and strategies for mitigating such
attacks, as well as contextualizing these attacks from the perspective of
medicine and public policy. This paper concludes with an enumeration of the
challenges for genome data privacy and presents a framework to systematize the
analysis of threats and the design of countermeasures as the field moves
forward
Critical analysis and comparison of data protection techniques for genomics data sets
This work reviews the current literature on protecting genomic information. The goal is to provide insight on how to define a secure file format for such data. We compare the published ideas to the requirements defined by MPEG. We also propose new ideas to secure such data
Innovative Verfahren für die standortübergreifende Datennutzung in der medizinischen Forschung
Implementing modern data-driven medical research approaches ("Artificial intelligence", "Data Science") requires access to large amounts of data ("Big Data"). Typically, this can only be achieved through cross-institutional data use and exchange ("Data Sharing"). In this process, the protection of the privacy of patients and probands affected is a central challenge. Various methods can be used to meet this challenge, such as anonymization or federation. However, data sharing is currently put into practice only to a limited extent, although it is demanded and promoted from many sides. One reason for this is the lack of clarity about the advantages and disadvantages of different data sharing approaches. The first goal of this thesis was to develop an instrument that makes these advantages and disadvantages more transparent. The instrument systematizes approaches based on two dimensions - utility and protection - where each dimension is further differentiated with three axes describing different aspects of the dimensions, such as the degree of privacy protection provided by the results of performed analyses or the flexibility of a platform regarding the types of analyses that can be performed. The instrument was used for evaluation purposes to analyze the status quo and to identify gaps and potentials for innovative approaches. Next, and as a second goal, an innovative tool for the practical use of cryptographic data sharing methods has been designed and implemented. So far, such approaches are only rarely used in practice due to two main obstacles: (1) the technical complexity of setting up a cryptography-based data sharing infrastructure and (2) a lack of user-friendliness of cryptographic data sharing methods, especially for medical researchers. The tool EasySMPC, which was developed as part of this work, is characterized by the fact that it allows cryptographically secure computation of sums (e.g., frequencies of diagnoses) across institutional boundaries based on an easy-to-use graphical user interface. Neither technical expertise nor the deployment of specific infrastructure components is necessary for its practical use. The practicability of EasySMPC was analyzed experimentally in a detailed performance evaluation.Moderne datengetriebene medizinische Forschungsansätze („Künstliche Intelligenz“,
„Data Science“) benötigen große Datenmengen („Big Data“). Dies kann im Regelfall nur
durch eine institutionsübergreifende Datennutzung erreicht werden („Data Sharing“).
Datenschutz und der Schutz der Privatsphäre der Betroffenen ist dabei eine zentrale
Herausforderung. Um dieser zu begegnen, können verschiedene Methoden, wie etwa
Anonymisierungsverfahren oder föderierte Auswertungen, eingesetzt werden. Allerdings
findet Data Sharing in der Praxis nur selten statt, obwohl es von vielen Seiten gefordert
und gefördert wird. Ein Grund hierfür ist die Unklarheit ¸über Vor- und Nachteile
verschiedener Data Sharing-Ansätze. Erstes Ziel dieser Arbeit war es, ein Instrument zu
entwickeln, welches diese Vor- und Nachteile transparent macht. Das Instrument
bewertet Ansätze anhand von zwei Dimensionen - Nutzen und Schutz - wobei jede
Dimension mit drei Achsen weiter differenziert ist. Die Achsen bestehen etwa aus dem
Grad des Schutzes der Privatsphäre, der durch die Ergebnisse der durchgeführten
Analysen gewährleistet wird oder der Flexibilität einer Plattform hinsichtlich der Arten von
Analysen, die durchgeführt werden können. Das Instrument wurde zu
Evaluationszwecken für die Analyse des Status Quo sowie zur Identifikation von Lücken
und Potenzialen für innovative Verfahren eingesetzt. Als zweites Ziel wurde anschließend
ein innovatives Werkzeug für den praktischen Einsatz von kryptographischen Data
Sharing-Verfahren entwickelt. Der Einsatz entsprechender Ansätze scheitert bisher vor
allem an zwei Barrieren: (1) der technischen Komplexität beim Aufbau einer
Kryptographie-basierten Data Sharing-Infrastruktur und (2) der Benutzerfreundlichkeit
kryptographischer Data Sharing-Verfahren, insbesondere für medizinische Forschende.
Das neue Werkzeug EasySMPC zeichnet sich dadurch aus, dass es eine
kryptographisch sichere Berechnung von Summen (beispielsweise Häufigkeiten von
Diagnosen) über Institutionsgrenzen hinweg auf Basis einer einfach zu bedienenden
graphischen Benutzeroberfläche ermöglicht. Zur Anwendung ist weder technische
Expertise noch der Aufbau spezieller Infrastrukturkomponenten notwendig. Die
Praxistauglichkeit von EasySMPC wurde in einer ausführlichen Performance-Evaluation
experimentell analysiert