Cited By
View all- Van Bulck JPiessens FStrackx RLie DMannan MBackes MWang X(2018)NemesisProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243822(178-195)Online publication date: 15-Oct-2018
Enclave-Based Privacy-Preserving Alignment of Raw Genomic Information: Information Leakage and Countermeasures
Authors: 
Marcus Völp, Jérémie Decouchant, Christoph Lambert, Maria Fernandes, Paulo Esteves-VerissimoAuthors Info & Claims
Article No.: 7, Pages 1 - 6
Abstract
Recent breakthroughs in genomic sequencing led to an enormous increase of DNA sampling rates, which in turn favored the use of clouds to efficiently process huge amounts of genomic data. However, while allowing possible achievements in personalized medicine and related areas, cloud-based processing of genomic information also entails significant privacy risks, asking for increased protection. In this paper, we focus on the first, but also most data-intensive, processing step of the genomics information processing pipeline: the alignment of raw genomic data samples (called reads) to a synthetic human reference genome. Even though privacy-preserving alignment solutions (e.g., based on homomorphic encryption) have been proposed, their slow performance encourages alternatives based on trusted execution environments, such as Intel SGX, to speed up secure alignment. Such alternatives have to deal with data structures whose size by far exceeds secure enclave memory, requiring the alignment code to reach out into untrusted memory. We highlight how sensitive genomic information can be leaked when those enclave-external alignment data structures are accessed, and suggest countermeasures to prevent privacy breaches. The overhead of these countermeasures indicate that the competitiveness of a privacy-preserving enclave-based alignment has yet to be precisely evaluated.
References
[1]
S. F. Altschul et al. "Basic local alignment search tool". In: Journal of molecular biology 215.3 (1990), pp. 403--410.
[2]
I. Anati, S. Gueron, S. P. Johnson, and V. R. Scarlata. Innovative Technology for CPU Based Attestation and Sealing. Tech. rep. Intel Corp., Aug. 2013.
[3]
M. J. Atallah, F. Kerschbaum, and W. Du. "Secure and private sequence comparisons". In: WPES. 2003.
[4]
M. J. Atallah and J. Li. "Secure outsourcing of sequence comparisons". In: International Journal of Information Security 4.4 (2005), pp. 277--287.
[5]
M. Backes et al. "Simulating the Large-Scale Erosion of Genomic Privacy Over Time". In: GenoPri. 2016.
[6]
J. Baron et al."5pm: Secure pattern matching". In: Security and Cryptography for Networks. Springer, 2012, pp. 222--240.
[7]
P. Biosciences. Pacific Biosciences Introduces New Che istry with Longer Read Length. Oct. 2013.
[8]
F. Brasser et al. "Software Grand Exposure: SGX Cache Attacks Are Practical". In: WOOT. 2017. Url: https://www.usenix.org/conference/woot17/workshop-program/presentation/brasser.
[9]
Y. Chen, B. Peng, X. Wang, and H. Tang. "Large-Scale Privacy-Preserving Mapping of Human Genomic Sequences on Hybrid Clouds." In: NDSS. 2012.
[10]
V. V. Cogo, A. Bessani, F. M. Couto, and P. Verissimo. "A high-throughput method to detect privacy-sensitive human genomic data". In: WPES. 2015.
[11]
T. 1. G. P. Consortium. "A global reference for human genetic variation". In: Nature 526.7571 (Oct. 2015), pp. 68--74.
[12]
V. Costan and S. Devadas. Intel SGX Explained. MIT.
[13]
E. De Cristofaro, S. Faber, and G. Tsudik. "Secure genomic testing with size-and position-hiding private substring matching". In: WPES. 2013.
[14]
A. Gollamudi and S. Chong. "Automatic Enforcement of Expressive Security Policies using Enclaves". In: OOP-SLA. 2016.
[15]
O. Gotoh. "An improved algorithm for matching biological sequences". In: Journal of molecular biology 162.3 (1982), pp. 705--708.
[16]
O. S. Hofmann et al. "InkTag: Secure Applications on an Untrusted Operating System". In: ASPLOS. 2013.
[17]
Y. Huang, D. Evans, J. Katz, and L. Malka. "Faster Secure Two-Party Computation Using Garbled Circuits." In: USENIX Security. 2011.
[18]
S. Jha, L. Kruger, and V. Shmatikov. "Towards practical privacy for genomic computation". In: IEEE Security and Privacy. 2008.
[19]
S. Kiebasa et al. "Adaptive seeds tame genomic sequence comparison". In: Genome Research 21.3 (2011), pp. 487--493.
[20]
B. Langmead, C. Trapnell, M. Pop, S. L. Salzberg, et al. "Ultrafast and memory-efficient alignment of short DNA sequences to the human genome". In: Genome biol 10.3 (2009), R25.
[21]
M. Lexa and G. Valle. "PRIMEX: Rapid identification of oligonucleotide matches in whole genomes". In: Bioinformatics 19.18 (2003).
[22]
NIST. STRBase: Short Tandem Repeat DNA Internet DataBase. http://www.cstl.nist.gov/biotech/strbase/.
[23]
D. R. Nyholt, C.-E. Yu, and P. M. Visscher. "On Jim Watson's APoE status: genetic information is hard to hide". In: Eur. J. Hum. Genet. 17 (2009), pp. 147--149.
[24]
O. Ohrimenko et al. "Oblivious Multi-Party Machine Learning on Trusted Processors". In: USENIX Security. 2016.
[25]
A. J. Pakstis, W. C. Speed, R. Fang, and F. C. e. a. Hyland. "SNPs for a universal individual identification panel". In: Human genetics 127.3 (2010), pp. 315--324.
[26]
V. Popic and S. Batzoglou."A hybrid cloud read aligner based on MinHash and kmer voting that preserves privacy." In: Nature comm. 8 (2017), p. 15311.
[27]
N. Sadat et al. SAFETY: Secure gwAs in Federated Environment Through a hybrid solution with Intel SGX and homomorphic encryption. Mar. 2017.
[28]
T. F. Smith and M. S. Waterman. "Identification of common molecular subsequences". In: Journal of molecular biology 147.1 (1981), pp. 195--197.
[29]
Systems and methods for protecting and governing genomic and other information. Patent CA2852916A1.
[30]
The 1000 Genomes Project Consortium. "An integrated map of genetic variation from 1,092 human genomes". In: Nature 491 (2012), p. 1.
[31]
M. Völp et al. "Avoiding Leakage and Synchronization Attacks Through Enclave-Side Preemption Control". In: SysTEX. Trento, Italy, 2016. isbn: 978-1-4503-4670-2.
[32]
Y. Xu, W. Cui, and M. Peinado. "Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems". In: IEEE Security and Privacy. 2015.
Index Terms
- Enclave-Based Privacy-Preserving Alignment of Raw Genomic Information: Information Leakage and Countermeasures
Recommendations
Privacy-Preserving Processing of Raw Genomic Data
Revised Selected Papers of the 8th International Workshop on Data Privacy Management and Autonomous Spontaneous Security - Volume 8247Geneticists prefer to store patients' aligned, raw genomic data, in addition to their variant calls (compact and summarized form of the raw data), mainly because of the immaturity of bioinformatic algorithms and sequencing platforms. Thus, we propose a ...
Preserving Genomic Privacy via Selective Sharing
WPES'20: Proceedings of the 19th Workshop on Privacy in the Electronic SocietyAlthough genomic data has significant impact and widespread usage in medical research, it puts individuals' privacy in danger, even if they anonymously or partially share their genomic data. To address this problem, we present a framework that is ...
Privacy-preserving federated discovery of DNA motifs with differential privacy
AbstractDNA sequence motif discovery is an important issue in gene research, which helps identify transcription factor binding sites in DNA sequences to reveal the mechanisms that regulate gene expression. However, the growing awareness of privacy ...
Highlights- Federated learning for DNA sequence motifs discovery.
- A strategy for reducing communication costs.
- Alleviating privacy concerns in distributed DNA sequence motif discovery.
- The new algorithm achieves a better trade-off between ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2017
55 pages
ISBN:9781450350976
DOI:10.1145/3152701
Copyright © 2017 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- SIGOPS: ACM Special Interest Group on Operating Systems
- USENIX Assoc: USENIX Assoc
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 28 October 2017
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
SOSP '17
Sponsor:
- SIGOPS
- USENIX Assoc
Upcoming Conference
EuroSys '25
- Sponsor:
- sigops
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 144Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)1
Reflects downloads up to 01 Jan 2025
Other Metrics
Citations
Cited By
View all- Van Bulck JPiessens FStrackx RLie DMannan MBackes MWang X(2018)NemesisProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243822(178-195)Online publication date: 15-Oct-2018
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in