Browsing by Subject "Genomic privacy"

Filter results by typing the first few letters
Now showing 1 - 10 of 10
  • Thumbnail Image
    ItemOpen Access
    Cryptographic solutions for credibility and liability issues of genomic data
    (Institute of Electrical and Electronics Engineers, 2019) Ayday, E.; Tang, Q.; Yilmaz, A.
    In this work, we consider a scenario that includes an individual sharing his genomic data (or results obtained from his genomic data) with a service provider. In this scenario, (i) the service provider wants to make sure that received genomic data (or results) in fact belongs to the corresponding individual (and computed correctly), (ii) the individual wants to provide a digital consent along with his data specifying whether the service provider is allowed to further share his data, and (iii) if his data is shared without his consent, the individual wants to determine the service provider that is responsible for this leakage. We propose two schemes based on homomorphic signature and aggregate signature that links the information about the legitimacy of the data to the consent and the phenotype of the individual. Thus, to verify the data, each party also needs to use the correct consent and phenotype of the individual who owns the data.
  • Thumbnail Image
    ItemOpen Access
    Differential privacy with bounded priors: Reconciling utility and privacy in genome-wide association studies
    (ACM, 2015-10) Tramèr, F.; Huang, Z.; Hubaux J.-P.; Ayday, Erman
    Differential privacy (DP) has become widely accepted as a rigorous definition of data privacy, with stronger privacy guarantees than traditional statistical methods. However, recent studies have shown that for reasonable privacy budgets, differential privacy significantly affects the expected utility. Many alternative privacy notions which aim at relaxing DP have since been proposed, with the hope of providing a better tradeoff between privacy and utility. At CCS'13, Li et al. introduced the membership privacy framework, wherein they aim at protecting against set membership disclosure by adversaries whose prior knowledge is captured by a family of probability distributions. In the context of this framework, we investigate a relaxation of DP, by considering prior distributions that capture more reasonable amounts of background knowledge. We show that for different privacy budgets, DP can be used to achieve membership privacy for various adversarial settings, thus leading to an interesting tradeoff between privacy guarantees and utility. We re-evaluate methods for releasing differentially private χ2-statistics in genome-wide association studies and show that we can achieve a higher utility than in previous works, while still guaranteeing membership privacy in a relevant adversarial setting. © 2015 ACM.
  • Thumbnail Image
    ItemOpen Access
    Dynamic attribute-based privacy-preserving genomic susceptibility testing
    (Association for Computing Machinery, 2019) Namazi, M.; Ayday, Erman; Eryonucu, Cihan; Perez-Gonzalez, F.
    Developments in the field of genomic studies have resulted in the current high availability of genomic data which, in turn, raises significant privacy concerns. As DNA information is unique and correlated among family members, it cannot be regarded just as a matter of individual privacy concern. Due to the need for privacy-enhancing methods to protect these sensitive pieces of information, cryptographic solutions are deployed and enabled scientists to work on encrypted genomic data. In this paper, we develop an attribute-based privacy-preserving susceptibility testing method in which genomic data of patients is outsourced to an untrustworthy platform. We determine the challenges for the computations required to process the outsourced data and access control simultaneously within patient-doctor interactions. We obtain a non-interactive scheme regarding the contribution of the patient which improves the safety of the user data. Moreover, we exceed the computation performance of the susceptibility testing over the encrypted genomic data while we manage attributes and embedded access policies. Also, we guarantee to protect the privacy of individuals in our proposed scheme.
  • Thumbnail Image
    ItemOpen Access
    GenoGuard: protecting genomic data against brute-force attacks
    (IEEE, 2015-05) Huang, Z.; Ayday, Erman; Fellay, Jacques; Hubaux, J-P.; Juels, A.
    Secure storage of genomic data is of great and increasing importance. The scientific community's improving ability to interpret individuals' genetic materials and the growing size of genetic database populations have been aggravating the potential consequences of data breaches. The prevalent use of passwords to generate encryption keys thus poses an especially serious problem when applied to genetic data. Weak passwords can jeopardize genetic data in the short term, but given the multi-decade lifespan of genetic data, even the use of strong passwords with conventional encryption can lead to compromise. We present a tool, called Geno Guard, for providing strong protection for genomic data both today and in the long term. Geno Guard incorporates a new theoretical framework for encryption called honey encryption (HE): it can provide information-theoretic confidentiality guarantees for encrypted data. Previously proposed HE schemes, however, can be applied to messages from, unfortunately, a very restricted set of probability distributions. Therefore, Geno Guard addresses the open problem of applying HE techniques to the highly non-uniform probability distributions that characterize sequences of genetic data. In Geno Guard, a potential adversary can attempt exhaustively to guess keys or passwords and decrypt via a brute-force attack. We prove that decryption under any key will yield a plausible genome sequence, and that Geno Guard offers an information-theoretic security guarantee against message-recovery attacks. We also explore attacks that use side information. Finally, we present an efficient and parallelized software implementation of Geno Guard. © 2015 IEEE.
  • Thumbnail Image
    ItemOpen Access
    An inference attack on genomic data using kinship, complex correlations, and phenotype information
    (IEEE, 2018) Deznabi, Iman; Mobayen, Mohammad; Jafari, Nazanin; Taştan, Öznur; Ayday, Erman
    Abstract—Individuals (and their family members) share (partial) genomic data on public platforms. However, using special characteristics of genomic data, background knowledge that can be obtained from the Web, and family relationship between the individuals, it is possible to infer the hidden parts of shared (and unshared) genomes. Existing work in this field considers simple correlations in the genome (as well as Mendel’s law and partial genomes of a victim and his family members). In this paper, we improve the existing work on inference attacks on genomic privacy. We mainly consider complex correlations in the genome by using an observable Markov model and recombination model between the haplotypes. We also utilize the phenotype information about the victims. We propose an efficient message passing algorithm to consider all aforementioned background information for the inference. We show that the proposed framework improves inference with significantly less information compared to existing work.
  • Thumbnail Image
    ItemOpen Access
    On non-cooperative genomic privacy
    (Springer, Berlin, Heidelberg, 2015) Humbert, M.; Ayday, Erman; Hubaux J.-P.; Telenti, A.
    Over the last few years, the vast progress in genome sequencing has highly increased the availability of genomic data. Today, individuals can obtain their digital genomic sequences at reasonable prices from many online service providers. Individuals can store their data on personal devices, reveal it on public online databases, or share it with third parties. Yet, it has been shown that genomic data is very privacysensitive and highly correlated between relatives. Therefore, individuals’ decisions about how to manage and secure their genomic data are crucial. People of the same family might have very different opinions about (i) how to protect and (ii) whether or not to reveal their genome. We study this tension by using a game-theoretic approach. First, we model the interplay between two purely-selfish family members. We also analyze how the game evolves when relatives behave altruistically. We define closed-form Nash equilibria in different settings. We then extend the game to N players by means of multi-agent influence diagrams that enable us to efficiently compute Nash equilibria. Our results notably demonstrate that altruism does not always lead to a more efficient outcome in genomic-privacy games. They also show that, if the discrepancy between the genome-sharing benefits that players perceive is too high, they will follow opposite sharing strategies, which has a negative impact on the familial utility. © International Financial Cryptography Association 2015.
  • Thumbnail Image
    ItemOpen Access
    Privacy threats and practical solutions for genetic risk tests
    (IEEE, 2015) Barman, L.; Elgraini, M.-T.; Raisaro, J. L.; Hubaux, J. -P.; Ayday, Erman
    Recently, several solutions have been proposed to address the complex challenge of protecting individuals' genetic data during personalized medicine tests. In this short paper, we analyze different privacy threats and propose simple countermeasures for the generic architecture mainly used in the literature. In particular, we present and evaluate a new practical solution against a critical attack of a malicious medical center trying to actively infer raw genetic information of patients. © 2015 IEEE.
  • Thumbnail Image
    ItemOpen Access
    Privacy-preserving genomic testing in the clinic: a model using HIV treatment
    (Nature Publishing Group, 2016) Mclaren, P. J.; Raisaro, J. L.; Aouri, M.; Rotger, M.; Ayday, E.; Bartha, I.; Delgado, M. B.; Vallet, Y.; Günthard, H. F.; Cavassini, M.; Furrer, H.; Doco-Lecompte, T.; Marzolini, C.; Schmid, P.; Di Benedetto, C.; Decosterd, L. A.; Fellay, J.; Hubaux, Jean-Pierre; Telenti A.
    Purpose:The implementation of genomic-based medicine is hindered by unresolved questions regarding data privacy and delivery of interpreted results to health-care practitioners. We used DNA-based prediction of HIV-related outcomes as a model to explore critical issues in clinical genomics.Methods:We genotyped 4,149 markers in HIV-positive individuals. Variants allowed for prediction of 17 traits relevant to HIV medical care, inference of patient ancestry, and imputation of human leukocyte antigen (HLA) types. Genetic data were processed under a privacy-preserving framework using homomorphic encryption, and clinical reports describing potentially actionable results were delivered to health-care providers.Results:A total of 230 patients were included in the study. We demonstrated the feasibility of encrypting a large number of genetic markers, inferring patient ancestry, computing monogenic and polygenic trait risks, and reporting results under privacy-preserving conditions. The average execution time of a multimarker test on encrypted data was 865 ms on a standard computer. The proportion of tests returning potentially actionable genetic results ranged from 0 to 54%.Conclusions:The model of implementation presented herein informs on strategies to deliver genomic test results for clinical care. Data encryption to ensure privacy helps to build patient trust, a key requirement on the road to genomic-based medicine.
  • Thumbnail Image
    ItemOpen Access
    Quantifying genomic privacy via inference attack with high-order SNV correlations
    (IEEE, 2015) Samani, S. S.; Huang, Z.; Ayday, Erman; Elliot, M.; Fellay, J.; Hubaux, J.-P.; Kutalik, Z.
    As genomic data becomes widely used, the problem of genomic data privacy becomes a hot interdisciplinary research topic among geneticists, bioinformaticians and security and privacy experts. Practical attacks have been identified on genomic data, and thus break the privacy expectations of individuals who contribute their genomic data to medical research, or simply share their data online. Frustrating as it is, the problem could become even worse. Existing genomic privacy breaches rely on low-order SNV (Single Nucleotide Variant) correlations. Our work shows that far more powerful attacks can be designed if high-order correlations are utilized. We corroborate this concern by making use of different SNV correlations based on various genomic data models and applying them to an inference attack on individuals' genotype data with hidden SNVs. We also show that low-order models behave very differently from real genomic data and therefore should not be relied upon for privacy-preserving solutions.
  • Thumbnail Image
    ItemOpen Access
    A utility maximizing and privacy preserving approach for protecting kinship in genomic databases
    (2017-03) Kale, Gülce
    Rapid and low cost sequencing of genomic data enables widespread use of genomic information in research studies and personalized customer applications, where people share their genomic data in public databases. Although the identities of the participants are anonymized in these databases, sensitive information about individuals can still be inferred if the stored data is not shared in a privacypreserving manner. Proper handling of kinship information is one such caveat that needs to be addressed to avoid exposure of privacy-sensitive information. In this work, we show that by using only the publicly available single nucleotide polymorphism (SNP) data of anonymized individuals, kinship relationships can be inferred. We present two scenarios that result in privacy leakage; one based on genomic similarity of the individuals; the other, through the outlier allele pair counts of the family members. In the proposed models, we assume that the family members join to the database sequentially and we systematically identify minimal portions of data to withhold as the new participants are added to the database. Choosing the proper positions to hide is cast as an optimization problem. Therein, the number of positions to mask is minimized subject to several privacy constraints that ensure the kinship information among any pair of the family members is not leaked. We evaluate the proposed technique on real genomic data of two different families of size five by considering different sequential arrival orders for the family members. Results indicate that concurrent sharing of data pertaining to a parent and an of spring results in high risks of privacy leakages, whereas the sharing data from further relatives together is often safer. We also show that different arrival orders of the members can lead to different levels of privacy risks and the utility of shared data can vary. Adoption of the proposed method shall allow safe sharing of genomic data in terms of kinship privacy in future research studies and public genomic services.