Abstract
Genome sequencing has rapidly advanced in the last decade, making it easier for anyone to obtain digital genomes at low costs from companies such as Helix, MyHeritage, and 23andMe. Companies now offer their services in a direct-to-consumer (DTC) model without the intervention of a medical institution. Thereby, providing people with direct services for paternity testing, ancestry testing and disease susceptibility testing (DST) to infer diseases' predisposition. Genome analyses are partly motivated by curiosity and people often want to partake without fear of privacy invasion. Existing privacy protection solutions for DST adopt cryptographic techniques to protect the genome of a patient from the party responsible for computing the analysis. Said techniques include homomorphic encryption, which can be computationally expensive and could take minutes for only a few single-nucleotide polymorphisms (SNPs). A predominant approach is a solution that computes DST over encrypted data, but the design depends on a medical unit and exposes test results of patients to the medical unit, making the design uncomfortable for privacy-aware individuals. Hence it is pertinent to have an efficient privacy-preserving DST solution with a DTC service. We propose a novel DTC model that protects the privacy of SNPs and prevents leakage of test results to any other party save for the genome owner. Conversely, we protect the privacy of the algorithms or trade secrets used by the genome analyzing companies. Our work utilizes a secure obfuscation technique in computing DST, eliminating expensive computations over encrypted data. Our approach significantly outperforms existing state-of-the-art solutions in runtime and scales linearly for equivalent levels of security. As an example, computing DST for 10,000 SNPs requires approximately 96 milliseconds on commodity hardware. With this efficient and privacy-preserving solution which is also simulation-based secure, we open possibilities for performing genome analyses on collectively shared data resources.
Original language | English |
---|---|
Title of host publication | CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy |
Editors | Barbara Carminati, Murat Kantarcioglu |
Publisher | Association for Computing Machinery (ACM) |
Pages | 329-340 |
Number of pages | 12 |
ISBN (Electronic) | 9781450371070 |
DOIs | |
Publication status | Published - 2020 |
Event | 10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020 - New Orleans, United States Duration: 16 Mar 2020 → 18 Mar 2020 |
Conference
Conference | 10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020 |
---|---|
Country/Territory | United States |
City | New Orleans |
Period | 16/03/20 → 18/03/20 |
Keywords
- direct-to-customer
- disease susceptibility testing
- genome
- obfuscation
- privacy-preserving
- snp