Mechanisms for Hiding Sensitive Genotypes With Information-Theoretic Privacy

IF 2.2 3区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Information Theory Pub Date : 2022-03-03 DOI:10.1109/TIT.2022.3156276

Fangwei Ye;Hyunghoon Cho;Salim El Rouayheb

{"title":"Mechanisms for Hiding Sensitive Genotypes With Information-Theoretic Privacy","authors":"Fangwei Ye;Hyunghoon Cho;Salim El Rouayheb","doi":"10.1109/TIT.2022.3156276","DOIUrl":null,"url":null,"abstract":"Motivated by the growing availability of personal genomics services, we study an information-theoretic privacy problem that arises when sharing genomic data: a user wants to share his or her genome sequence while keeping the genotypes at certain positions hidden, which could otherwise reveal critical health-related information. A straightforward solution of erasing (masking) the chosen genotypes does not ensure privacy, because the correlation between nearby positions can leak the masked genotypes. We introduce an erasure-based privacy mechanism with perfect information-theoretic privacy, whereby the released sequence is statistically independent of the sensitive genotypes. Our mechanism can be interpreted as a locally-optimal greedy algorithm for a given processing order of sequence positions, where utility is measured by the number of positions released without erasure. We show that finding an optimal order is NP-hard in general and provide an upper bound on the optimal utility. For sequences from hidden Markov models, a standard modeling approach in genetics, we propose an efficient algorithmic implementation of our mechanism with complexity polynomial in sequence length. Moreover, we illustrate the robustness of the mechanism by bounding the privacy leakage from erroneous prior distributions. Our work is a step towards more rigorous control of privacy in genomic data sharing.","PeriodicalId":13494,"journal":{"name":"IEEE Transactions on Information Theory","volume":"68 6","pages":"4090-4105"},"PeriodicalIF":2.2000,"publicationDate":"2022-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10243750/pdf/nihms-1850165.pdf","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Information Theory","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/9726242/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 1

Abstract

Motivated by the growing availability of personal genomics services, we study an information-theoretic privacy problem that arises when sharing genomic data: a user wants to share his or her genome sequence while keeping the genotypes at certain positions hidden, which could otherwise reveal critical health-related information. A straightforward solution of erasing (masking) the chosen genotypes does not ensure privacy, because the correlation between nearby positions can leak the masked genotypes. We introduce an erasure-based privacy mechanism with perfect information-theoretic privacy, whereby the released sequence is statistically independent of the sensitive genotypes. Our mechanism can be interpreted as a locally-optimal greedy algorithm for a given processing order of sequence positions, where utility is measured by the number of positions released without erasure. We show that finding an optimal order is NP-hard in general and provide an upper bound on the optimal utility. For sequences from hidden Markov models, a standard modeling approach in genetics, we propose an efficient algorithmic implementation of our mechanism with complexity polynomial in sequence length. Moreover, we illustrate the robustness of the mechanism by bounding the privacy leakage from erroneous prior distributions. Our work is a step towards more rigorous control of privacy in genomic data sharing.

Abstract Image

查看原文本刊更多论文

利用信息论隐私隐藏敏感基因型的机制

受个人基因组学服务日益普及的推动，我们研究了共享基因组数据时出现的一个信息论隐私问题：用户希望共享他或她的基因组序列，同时将基因型隐藏在某些位置，否则可能会泄露关键的健康相关信息。擦除（掩蔽）所选基因型的直接解决方案不能确保隐私，因为附近位置之间的相关性可能会泄露掩蔽的基因型。我们引入了一种具有完美信息论隐私的基于擦除的隐私机制，通过该机制，发布的序列在统计上与敏感基因型无关。我们的机制可以被解释为对于给定的序列位置处理顺序的局部最优贪婪算法，其中效用是通过在没有擦除的情况下释放的位置的数量来衡量的。我们证明了寻找最优阶在一般情况下是NP困难的，并给出了最优效用的上界。对于来自隐马尔可夫模型（遗传学中的一种标准建模方法）的序列，我们提出了一种有效的算法实现机制，该机制具有序列长度的复杂度多项式。此外，我们通过限制来自错误先验分布的隐私泄露来说明该机制的稳健性。我们的工作是朝着更严格地控制基因组数据共享中的隐私迈出的一步。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Information Theory 工程技术-工程：电子与电气

CiteScore

5.70

自引率

20.00%

发文量

514

审稿时长

12 months

期刊介绍： The IEEE Transactions on Information Theory is a journal that publishes theoretical and experimental papers concerned with the transmission, processing, and utilization of information. The boundaries of acceptable subject matter are intentionally not sharply delimited. Rather, it is hoped that as the focus of research activity changes, a flexible policy will permit this Transactions to follow suit. Current appropriate topics are best reflected by recent Tables of Contents; they are summarized in the titles of editorial areas that appear on the inside front cover.