Secure similar patients query with homomorphically evaluated thresholds

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2024-08-19 DOI:10.1016/j.jisa.2024.103861

Mounika Pratapa, Aleksander Essex

{"title":"Secure similar patients query with homomorphically evaluated thresholds","authors":"Mounika Pratapa, Aleksander Essex","doi":"10.1016/j.jisa.2024.103861","DOIUrl":null,"url":null,"abstract":"<div>Patient-centric precision medicine requires the analysis of large volumes of genomic data to tailor treatments and medications based on individual-level characteristics. Because the amount of data held by a single institution is limited, researchers may want access to genomic data held by other institutions. Owing to the inherent privacy implications of genomic data, performing comparisons on encrypted data is preferable in certain settings. The Similar patient query (SPQ) is an application that enables a secure search across genomic databases for patients with similar genetic makeup. Query results can be used to draw meaningful conclusions regarding suitable therapies.However, existing protocols either reveal intermediate computations, such as similarity scores, which can lead to membership-inference attacks, or they realize the ideal Boolean output (similar/not similar) through multiple protocol rounds, requiring the database owners to stay online throughout.This paper introduces a two-party privacy-preserving approach to perform SPQs across encrypted genomic databases based on secure function extensions of additively homomorphic encryption. In contrast to related works, our scheme enables secure computation of genomic data similarity without an external party in a single round. This is achieved for more than 1000 positions of a genome in a single public key operation of 256-bit security level in the integer factorization setting.</div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103861"},"PeriodicalIF":3.8000,"publicationDate":"2024-08-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624001637/pdfft?md5=03b251bf5e21af75bddaf15bffd0b4fd&pid=1-s2.0-S2214212624001637-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001637","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Patient-centric precision medicine requires the analysis of large volumes of genomic data to tailor treatments and medications based on individual-level characteristics. Because the amount of data held by a single institution is limited, researchers may want access to genomic data held by other institutions. Owing to the inherent privacy implications of genomic data, performing comparisons on encrypted data is preferable in certain settings. The Similar patient query (SPQ) is an application that enables a secure search across genomic databases for patients with similar genetic makeup. Query results can be used to draw meaningful conclusions regarding suitable therapies.

However, existing protocols either reveal intermediate computations, such as similarity scores, which can lead to membership-inference attacks, or they realize the ideal Boolean output (similar/not similar) through multiple protocol rounds, requiring the database owners to stay online throughout.

This paper introduces a two-party privacy-preserving approach to perform SPQs across encrypted genomic databases based on secure function extensions of additively homomorphic encryption. In contrast to related works, our scheme enables secure computation of genomic data similarity without an external party in a single round. This is achieved for more than 1000 positions of a genome in a single public key operation of 256-bit security level in the integer factorization setting.

查看原文本刊更多论文

利用同态评估阈值确保类似患者查询安全

以患者为中心的精准医疗需要分析大量的基因组数据，以便根据个体水平的特征定制治疗和药物。由于单个机构掌握的数据量有限，研究人员可能希望访问其他机构掌握的基因组数据。由于基因组数据本身涉及隐私，因此在某些情况下，最好对加密数据进行比较。相似患者查询（SPQ）是一种应用程序，可在基因组数据库中安全搜索具有相似基因构成的患者。然而，现有的协议要么会泄露中间计算（如相似性得分），从而导致成员推断攻击；要么会通过多轮协议来实现理想的布尔输出（相似/不相似），从而要求数据库所有者全程保持在线。与相关工作不同的是，我们的方案能在单轮中实现基因组数据相似性的安全计算，而无需外部参与。在整数因式分解设置中，通过 256 位安全级别的单个公钥操作，可对基因组的 1000 多个位置进行计算。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.