EPISODE: Efficient Privacy-PreservIng Similar Sequence Queries on Outsourced Genomic DatabasEs

Schneider, Thomas; Tkachenko, Oleksandr

doi:10.1145/3321705.3329800

Cited by 38 publications

(30 citation statements)

References 37 publications

(95 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our threat model is consistent with previous work [19,24]. Client, hospital(s), and the CSP are assumed to be semi-honest, that is, they honestly follow the protocol while trying to learn extra information during the protocol.…”

Section: Threat Modelmentioning

confidence: 97%

“…Moreover, the encryption algorithm supports identification of case and control groups efficiently, without information leakage. Furthermore, the identification process requires less communication compared with secure multi-party computation-based approaches [24] and less computation compared to homomorphic encryption-based approaches [4]. In general, the execution of privacy-preserving identification of target group of patients can be divided into seven phases: data preprocessing, initialization, key generation, data encryption, client authorization, query generation, identification of case and control groups.…”

Section: Overviewmentioning

confidence: 99%

See 1 more Smart Citation

Privacy-Preserving Identification of Target Patients from Outsourced Patient Data

Zhu,

Ayday,

Vitenberg

2021

Preprint

View full text Add to dashboard Cite

With the increasing affordability and availability of patient data, hospitals tend to outsource their data to cloud service providers (CSPs) for the purpose of storage and analytics. However, the concern of data privacy significantly limits the data owners' choice. In this work, we propose the first solution, to the best of our knowledge, that allows a CSP to perform efficient identification of target patients (e.g., pre-processing for a genome-wide association study -GWAS) over multi-tenant encrypted phenotype data (owned by multiple hospitals or data owners). We first propose an encryption mechanism for phenotype data, where each data owner is allowed to encrypt its data with a unique secret key. Moreover, the ciphertext supports privacy-preserving search and, consequently, enables the selection of the target group of patients (e.g., case and control groups). In addition, we provide a per-query based authorization mechanism for a client to access and operate on the data stored at the CSP. Based on the identified patients, the proposed scheme can either (i) directly conduct GWAS (i.e., computation of statistics about genomic variants) at the CSP or (ii) provide the identified groups to the client to directly query the corresponding data owners and conduct GWAS using existing distributed solutions. We implement the proposed scheme and run experiments over a real-life genomic dataset to show its effectiveness. The result shows that the proposed solution is capable to efficiently identify the case/control groups in a privacy-preserving way. CCS CONCEPTS• Security and privacy → Management and querying of encrypted data.

show abstract

Section: Threat Modelmentioning

confidence: 97%

Section: Overviewmentioning

confidence: 99%

Privacy-Preserving Identification of Target Patients from Outsourced Patient Data

Zhu,

Ayday,

Vitenberg

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…In this setting, each two-party has a string (e.g., genome string) and computes the edit distance between these two strings. There are many research results on approximate edit distance computation (e.g., [30], [69]) since we need costly dynamic programming for exact edit distance computation. We also have results on the extended edit distance computation like weighted edit distance and Needleman-Wunsch distance [70].…”

Section: 2 Privacy-preserving Data Analysismentioning

confidence: 99%

Recent Advances in Practical Secure Multi-Party Computation

Ohata¹

2020

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

Secure multi-party computation (MPC) allows a set of parties to compute a function jointly while keeping their inputs private. MPC has been actively studied, and there are many research results both in the theoretical and practical research fields. In this paper, we introduce the basic matters on MPC and show recent practical advances. We first explain the settings, security notions, and cryptographic building blocks of MPC. Then, we show and discuss current situations on higher-level secure protocols, privacy-preserving data analysis, and frameworks/compilers for implementing MPC applications with low-cost.

show abstract

“…It is important to note that by using the outsourcing setting we achieve practical PPIL with security against malicious PPIL clients and malicious PPIL servers, whereas in the client/server setting even solutions with substantially weaker security against a semihonest client currently have impractical runtimes and communication. Furthermore, the outsourcing model with multiple STTPs is widely adopted not only in recent academic papers, e.g., for private machine learning [70,71], and genomic privacy [72,73,74,75,76,77], to name just a few, but also deployed in industrial products, see [78] for a few examples.…”

Section: A Outsourcing Schemementioning

confidence: 99%

PILOT: Practical Privacy-Preserving Indoor Localization Using OuTsourcing

Järvinen

Leppäkoski

Lohan

et al. 2019

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

Self Cite

View full text Add to dashboard Cite

In the last decade, we observed a constantly growing number of Location-Based Services (LBSs) used in indoor environments, such as for targeted advertising in shopping malls or finding nearby friends. Although privacy-preserving LBSs were addressed in the literature, there was a lack of attention to the problem of enhancing privacy of indoor localization, i.e., the process of obtaining the users' locations indoors and, thus, a prerequisite for any indoor LBS.In this work we present PILOT, the first practically efficient solution for Privacy-Preserving Indoor Localization (PPIL) that was obtained by a synergy of the research areas indoor localization and applied cryptography. We design, implement, and evaluate protocols for Wi-Fi fingerprint-based PPIL that rely on 4 different distance metrics. To save energy and network bandwidth for the mobile end devices in PPIL, we securely outsource the computations to two non-colluding semi-honest parties. Our solution mixes different secure two-party computation protocols and we design size-and depth-optimized circuits for PPIL. We construct efficient circuit building blocks that are of independent interest: Single Instruction Multiple Data (SIMD) capable oblivious access to an array with low circuit depth and selection of the k-Nearest Neighbors with small circuit size. Additionally, we reduce Received Signal Strength (RSS) values from 8 bits to 4 bits without any significant accuracy reduction. Our most efficient PPIL protocol is 553x faster than that of Li et al. (INFOCOM'14) and 500x faster than that of Ziegeldorf et al. (WiSec'14). Our implementation on commodity hardware has practical run-times of less than 1 second even for the most accurate distance metrics that we consider, and it can process more than half a million PPIL queries per day. 448 2019 IEEE European Symposium on Security and Privacy (EuroS&P)

show abstract

EPISODE: Efficient Privacy-PreservIng Similar Sequence Queries on Outsourced Genomic DatabasEs

Cited by 38 publications

References 37 publications

Privacy-Preserving Identification of Target Patients from Outsourced Patient Data

Privacy-Preserving Identification of Target Patients from Outsourced Patient Data

Recent Advances in Practical Secure Multi-Party Computation

PILOT: Practical Privacy-Preserving Indoor Localization Using OuTsourcing

Contact Info

Product

Resources

About