DOI

Genome sequencing has rapidly advanced in the last decade, making it easier for anyone to obtain digital genomes at low costs from companies such as Helix, MyHeritage, and 23andMe. Companies now offer their services in a direct-to-consumer (DTC) model without the intervention of a medical institution. Thereby, providing people with direct services for paternity testing, ancestry testing and disease susceptibility testing (DST) to infer diseases' predisposition. Genome analyses are partly motivated by curiosity and people often want to partake without fear of privacy invasion. Existing privacy protection solutions for DST adopt cryptographic techniques to protect the genome of a patient from the party responsible for computing the analysis. Said techniques include homomorphic encryption, which can be computationally expensive and could take minutes for only a few single-nucleotide polymorphisms (SNPs). A predominant approach is a solution that computes DST over encrypted data, but the design depends on a medical unit and exposes test results of patients to the medical unit, making the design uncomfortable for privacy-aware individuals. Hence it is pertinent to have an efficient privacy-preserving DST solution with a DTC service. We propose a novel DTC model that protects the privacy of SNPs and prevents leakage of test results to any other party save for the genome owner. Conversely, we protect the privacy of the algorithms or trade secrets used by the genome analyzing companies. Our work utilizes a secure obfuscation technique in computing DST, eliminating expensive computations over encrypted data. Our approach significantly outperforms existing state-of-the-art solutions in runtime and scales linearly for equivalent levels of security. As an example, computing DST for 10,000 SNPs requires approximately 96 milliseconds on commodity hardware. With this efficient and privacy-preserving solution which is also simulation-based secure, we open possibilities for performing genome analyses on collectively shared data resources.

Original languageEnglish
Title of host publicationCODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy
EditorsBarbara Carminati, Murat Kantarcioglu
PublisherAssociation for Computing Machinery (ACM)
Pages329-340
Number of pages12
ISBN (Electronic)9781450371070
DOIs
Publication statusPublished - 2020
Event10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020 - New Orleans, United States
Duration: 16 Mar 202018 Mar 2020

Conference

Conference10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020
CountryUnited States
CityNew Orleans
Period16/03/2018/03/20

    Research areas

  • direct-to-customer, disease susceptibility testing, genome, obfuscation, privacy-preserving, snp

ID: 72399149