Enabling analytics on sensitive medical data with secure multi-party computation

While there is a clear need to apply data analytics in the healthcare sector, this is often difficult because it requires combining sensitive data from multiple data sources. In this paper, we show how the cryptographic technique of secure multiparty computation can enable such data analytics by performing analytics without the need to share the underlying data. We discuss the issue of compliance to European privacy legislation; report on three pilots bringing these techniques closer to practice; and discuss the main challenges ahead to make fully privacy-preserving data analytics in the medical sector commonplace

New approach to privacy-preserving clinical decision support systems for HIV treatment

Background: HIV treatment prescription is a complex process. Clinical decision support systems (CDSS) are a category of health information technologies that can assist clinicians to choose optimal treatments based on clinical trials and expert knowledge. The usability of some CDSSs for HIV treatment would be significantly improved by using the knowledge obtained by treating other patients. This knowledge, however, is mainly contained in patient records, whose usage is restricted due to privacy and confidentiality constraints. Methods: A treatment effectiveness measure, containing valuable information for HIV treatment prescription, was defined and a method to extract this measure from patient records was developed. This method uses an advanced cryptographic technology, known as secure Multiparty Computation (henceforth referred to as MPC), to preserve the privacy of the patient records and the confidentiality of the clinicians’ decisions. Findings: Our solution enables to compute an effectiveness measure of an HIV treatment, the average time-to-treatment-failure, while preserving privacy. Experimental results show that our solution, although at proof-of-concept stage, has good efficiency and provides a result to a query within 24 min for a dataset of realistic size. Interpretation: This paper presents a novel and efficient approach HIV clinical decision support systems, that harnesses the potential and insights acquired from treatment data, while preserving the privacy of patient records and the confidentiality of clinician decisions

Privacy-preserving dataset combination and Lasso regression for healthcare predictions

Background: Recent developments in machine learning have shown its potential impact for clinical use such as risk prediction, prognosis, and treatment selection. However, relevant data are often scattered across different stakeholders and their use is regulated, e.g. by GDPR or HIPAA. As a concrete use-case, hospital Erasmus MC and health insurance company Achmea have data on individuals in the city of Rotterdam, which would in theory enable them to train a regression model in order to identify high-impact lifestyle factors for heart failure. However, privacy and confdentiality concerns make it unfeasible to exchange these data. Methods: This article describes a solution where vertically-partitioned synthetic data of Achmea and of Erasmus MC are combined using Secure Multi-Party Computation. First, a secure inner join protocol takes place to securely determine the identifiers of the patients that are represented in both datasets. Then, a secure Lasso Regression model is trained on the securely combined data. The involved parties thus obtain the prediction model but no further information on the input data of the other parties. Results: We implement our secure solution and describe its performance and scalability: we can train a prediction model on two datasets with 5000 records each and a total of 30 features in less than one hour, with a minimal difference from the results of standard (non-secure) methods. Conclusions: This article shows that it is possible to combine datasets and train a Lasso regression model on this combination in a secure way. Such a solution thus further expands the potential of privacy-preserving data analysis in the medical domain

Network-assisted proximity discovery, authentication and link establishment between communication mobile devices in 3GPP LTE

The invention enables a device to discover one or more other devices within range for a device-to-device mode of communication. This proximity discovery may trigger a target device, e.g. to start listening to signals from a source device or perform any other action based on the proximity discovery like e.g. charging at a toll gate. A source device that wants to be discovered broadcasts a message including an identifier or a representation of the identifier. This identifier may be an identifier of the target device to be contacted or of the source device or a derivation thereof or a common security association used by a set of peers. The target device compares the broadcast identifier with a known identifier to establish proximity discovery

Proximity Discovery, Authentication and Link Establishment Between Mobile Devices in 3GPP LTE

The invention enables a device to discover one or more other devices within range for a device-to-device mode of communication. This proximity discovery may trigger a target device, e.g. to start listening to signals from a source device or perform any other action based on the proximity discovery like e.g. charging at a toll gate. A source device that wants to be discovered broadcasts a message including an identifier or a representation of the identifier. This identifier may be an identifier of the target device to be contacted or of the source device or a derivation thereof or a common security association used by a set of peers. The target device compares the broadcast identifier with a known identifier to establish proximity discovery

Proximity Discovery, Authentication and Link Establishment Between Mobile Devices in 3GPP LTE

The invention enables a device to discover one or more other devices within range for a device-to-device mode of communication. This proximity discovery may trigger a target device, e.g. to start listening to signals from a source device or perform any other action based on the proximity discovery like e.g. charging at a toll gate. A source device that wants to be discovered broadcasts a message including an identifier or a representation of the identifier. This identifier may be an identifier of the target device to be contacted or of the source device or a derivation thereof or a common security association used by a set of peers. The target device compares the broadcast identifier with a known identifier to establish proximity discovery

Descubrimiento de proximidad asistido por la red, autenticación y establecimiento de enlace entre dispositivos móviles de comunicación en LTE 3GPP

La invención permite que un dispositivo descubra uno o más otros dispositivos dentro del rango para un modo de comunicación de dispositivo a dispositivo. Este descubrimiento de proximidad puede activar un dispositivo objetivo, p. Para comenzar a escuchar señales desde un dispositivo fuente o realizar cualquier otra acción basada en el descubrimiento de proximidad, como p. Cargando en una puerta de peaje. Un dispositivo fuente que desea descubrir transmite un mensaje que incluye un identificador o una representación del identificador. Este identificador puede ser un identificador del dispositivo de destino que se contactará o del dispositivo de origen o una derivación del mismo o una asociación de seguridad común utilizada por un conjunto de pares. El dispositivo objetivo compara el identificador de transmisión con un identificador conocido para establecer el descubrimiento de proximidad. (Traducción automática con Google Translate, sin valor legal