We’re happy to welcome you to the PhD defence of Tulio Pascoal (CritiX group) on 26 August 2022 at 15:00.
The PhD defense will take place on the 1st floor at the MNO Building (Campus Belval) in seminar room 1.040.
After the PhD defense, a drink will be offered in room 1.030.
Members of the defense committee:
- Prof. Dr Reinhard SCHNEIDER, University of Luxembourg, Chairman
- Prof. Dr Gabriele LENZINI, University of Luxembourg, Vice-Chairman
- Prof. Dr Marcus VÖLP, University of Luxembourg, Supervisor
- Prof. Dr Erman AYDAY, Case Western Reserve University, USA, Member
- Prof. Dr Yves MOREAU, KU Leuven, Belgium, Member
Abstract:
Genome-Wide Association Studies (GWAS) is a popular statistical method for discovering correlations between genomic variations associated with a particular phenotype. Leveraging genome data from multiple institutions worldwide nowadays is essential to produce more powerful findings by operating GWAS at larger scale. However, this raises several security and privacy risks, not only in the computation of such statistics, but also in the public release of GWAS results. Careless release might enable recovery and membership attacks, by which the genome of individuals respectively their participation in a certain study can be revealed.
In this thesis, I explore possible solutions to enable end-to-end privacy-preserving federated GWAS in line with privacy regulations such as GDPR to secure the public release of the results of Genome-Wide Association Studies that are dynamically updated as new genomes become available, that can support internal threats such as colluding members in the federation, that partially overlap with their genomes and considered locations within the genome, and that are computed in a distributed manner without sharing actual genome data.
The thesis first examines the conditions to enable dynamic, consent-aware, and collusion-tolerant federated GWAS (DyPS). Then, it extends the solutions to allow safe releases under the presence of overlapping studies (I-GWAS), while providing their system’s performance discussion. Finally, it provides a distributed workflow (GenDPR) to conduct collusion-tolerant membership inference tests without requiring centralized genome data.
The method chosen for protection is of a statistical nature, ensuring that the theoretical complexity of attacks remains high and withholding releases of statistics that would impose re-identification risks to participants, despite adversaries gaining additional information over time, but we also relate the findings to techniques that further protect the revealed information (such as differential privacy). The proposed solutions leverage Intel SGX as trusted execution environment to perform selected critical operations in a performant manner, however, the work translates equally well to other trusted execution environments and other schemes, such as homomorphic encryption.