Privacy-Preserving and Efficient Verification of the Outcome in Genome-Wide Association Studies

Anisa Halimi; Leonard Dervishi; Erman Ayday; Apostolos Pyrgelis; Juan Ramón Troncoso-Pastoriza; Jean-Pierre Hubaux; Xiaoqian Jiang; Jaideep Vaidya

Privacy-Preserving and Efficient Verification of the Outcome in Genome-Wide Association Studies

Authors: Anisa Halimi (IBM Research Europe - Dublin), Leonard Dervishi (Case Western Reserve University), Erman Ayday (Case Western Reserve University), Apostolos Pyrgelis (EPFL), Juan Ramón Troncoso-Pastoriza (Tune Insight), Jean-Pierre Hubaux (EPFL), Xiaoqian Jiang (University of Texas, Health Science Center), Jaideep Vaidya (Rutgers University)

Volume: 2022
Issue: 3
Pages: 732–753
DOI: https://doi.org/10.56553/popets-2022-0094

Download PDF

Abstract: Providing provenance in scientific workflows is essential for reproducibility and auditability purposes. In this work, we propose a framework that verifies the correctness of the aggregate statistics obtained as a result of a genome-wide association study (GWAS) conducted by a researcher while protecting individuals’ privacy in the researcher’s dataset. In GWAS, the goal of the researcher is to identify highly associated point mutations (variants) with a given phenotype. The researcher publishes the workflow of the conducted study, its output, and associated metadata. They keep the research dataset private while providing, as part of the metadata, a partial noisy dataset (that achieves local differential privacy). To check the correctness of the workflow output, a verifier makes use of the workflow, its metadata, and results of another GWAS (conducted using publicly available datasets) to distinguish between correct statistics and incorrect ones. For evaluation, we use real genomic data and show that the correctness of the workflow output can be verified with high accuracy even when the aggregate statistics of a small number of variants are provided. We also quantify the privacy leakage due to the provided workflow and its associated metadata and show that the additional privacy risk due to the provided metadata does not increase the existing privacy risk due to sharing of the research results. Thus, our results show that the workflow output (i.e., research results) can be verified with high confidence in a privacy-preserving way. We believe that this work will be a valuable step towards providing provenance in a privacy-preserving way while providing guarantees to the users about the correctness of the results.

Keywords: Privacy; verifiable computation; genomewide association studies; workflows; provenance

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license.