Upload
peers
View
34
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Exciting experience in participating EDM forum commissioned projects. Protect Patient Privacy When Sharing Data for CER 12/01/11 – 6/01/12 - PowerPoint PPT Presentation
Citation preview
1
Exciting experience in participating EDM forum commissioned projects
Protect Patient Privacy When Sharing Data for CER 12/01/11 – 6/01/12Write a commissioned paper (i.e., systematic review of privacy technologies of sharing data for Comparative Effectiveness Research) and present the paper at the June 15, 2012 EDM Forum Stakeholder Symposium. Making distributed models accessible and useful to data analysis 08/15/12 - 08/15/13Test a practical user interface to Grid LOgistic REgression (GLORE) across clinical sites.
2
Motivation
• We want to provide researchers a set of tools that enable efficient global data analyses without accessing patient-level health records.
• The EDM forum commissioned project provides us an opportunity to access the viability of distributed model that builds model without sharing data.
3
Distributed data analysis
Dataset A Dataset B
4
Distributed data analysis
Dataset A Dataset B
5
Distributed data analysis
Dataset A Dataset B
6
Distributed data analysis
Dataset A Dataset B
7
Distributed data analysis
Dataset A Dataset B
8
Distributed data analysisuntil global parameters convergeLoop n times:
Dataset A Dataset B
GLORE
Foundation of GLORE
9
• Suppose m-1 features are consistent over k sites
• In each iteration, intermediary results of a mxm matrix and a m-dimensional vector are transmitted to k-1 sites
No exchanging of raw data
Wu Y, Jiang X, Kim J, et al. Grid Binary LOgistic REgression (GLORE): building shared models without sharing data. J Am Med Inform Assoc 2012;2012:758–64.
10
Grid Logistic Regression as a webservice
MIT license
Healthcare
research
Data collection
Algorithm development
Software implementati
on
Results verification
11
Challenges and solutions• Privacy challenge
Ji Z, Jiang X, Wang S, et al. Differentially private distributed logistic regression using private and public data. BMC Med Genomics 2014;7:S14.
• Efficiency challengeWu Y, Jiang X, Kim J, et al. Grid Binary LOgistic REgression (GLORE): building shared models without sharing data. J Am Med Inform Assoc 2012;2012:758–64.
• Institutional privacy concernWu Y, Jiang X, Ohno-machado L. Preserving Institutional Privacy in Distributed Binary Logistic Regression. In: AMIA Annu Symp. Chicago, IL: 2012. 1450–8.
• UI challengeJiang W, Li P, Wang S, et al. WebGLORE: a web service for Grid LOgistic REgression. Bioinformatics 2013;29:3238–40.
• Implementation challengeJiang W, Wang S, et al. Development of a web service for model building in a distributed network, eGEMs (under revision), 2014.
12
Beyond WebGLORE• How to collaborate more efficiently and securely?
o Efficiency: Data user can delegate a part of collaborative studies into a cloud environment
o Security: public cloud cannot learn any information about the underlying data protected by the cryptographic technologies
13
Beyond WebGLORE• How to collaborate more efficiently and securely?
o Efficiency: Data user can delegate a part of collaborative studies into a cloud environment
o Security: public cloud cannot learn any information about the underlying data protected by the cryptographic technologies
Data A
Answer
Data A Data B
(a) Traditional encryption methods
Encrypted data A
14
Beyond WebGLORE• How to collaborate more efficiently and securely?
o Efficiency: Data user can delegate a part of collaborative studies into a cloud environment
o Security: public cloud cannot learn any information about the underlying data protected by the cryptographic technologies
Encrypted data A Encrypted data BData A
Answer
Data A
Answer
Data A Data B
(a) Traditional encryption methods
(b) Homomorphic encryption based method
Encrypted data A
15
An Analogy: Alice’s necklace
• Alice has some gemstones and gold
16
An Analogy: Alice’s necklace
• Alice has some gemstones and gold• She wants to ask a worker to assemble raw materials
into a necklace
17
An Analogy: Alice’s necklace
• Alice has some gemstones and gold• She wants to ask a worker to assemble raw materials
into a necklace
But, Alice is worried about theft. She wants the worker to process the raw materials without having access to them
18
An Analogy: Alice’s necklace
• Alice solves the problem by locking the materials in a glove box
19
An Analogy: Alice’s necklace
• Alice solves the problem by locking the materials in a glove box
• She asks the worker to assemble the necklace in the box
20
An Analogy: Alice’s necklace
• Alice solves the problem by locking the materials in a glove box
• She asks the worker to assemble the necklace in the box• She unlocks the box to get the necklace without worry
about theft
21
The Analogy in Homomorphic (HM)
Operations• HM Encryption: put things inside the locked box
o Anyone can do this (e.g., a mail drop box)o Health data privacy can be protected by HM encryption
22
The Analogy in Homomorphic (HM)
Operations• HM Encryption: put things inside the locked box
o Anyone can do this (e.g., a mail drop box)o Health data privacy can be protected by HM encryption
• HM Decryption: take the results out of the boxo Only the person who has the keyo Authorized researchers, stakeholders, etc.
23
The Analogy in Homomorphic (HM)
Operations• HM Encryption: put things inside the locked box
o Anyone can do this (e.g., a mail drop box)o Health data privacy can be protected by HM encryption
• HM Decryption: take the results out of the boxo Only the person who has the keyo Authorized researchers, stakeholders, etc.
• HM Evaluation: work on the materials o Anyone can do it.o Compute encrypted data in a cloud environment without
sacrificing the privacy.
What can we do now using Homomorphic Encryption
(HME)?
24
Fully HME(e.g., enable
unlimited number of both addition and multiplication on encrypted data)
Partial HME(e.g., enable either
addition or multiplication on encrypted data, but not both)
Leveled HME(e.g., enable a
certain number of both addition and multiplication on encrypted data)Fl
exib
ilit
y
Complexity
Low High
Hig
h
Medium
Med
ium
25
Challenges and solutions• Supporting more types of operations
o HM encrypted data currently only support basic addition, multiplication or bit-wise shifting operations.
o Approximate advanced operations with addition and multiplication operations.
• E.g., Logarithm or exponential operation can be approximated by series expansion, which includes only addition and multiplication operations
26
Challenges and solutions• Supporting more types of operations
o HM encrypted data currently only support basic addition, multiplication or bit-wise shifting operations.
o Approximate advanced operations with addition and multiplication operations.
• E.g., Logarithm or exponential operation can be approximated by series expansion, which includes only addition and multiplication operations
• Supporting floating numbero All the HM operations are taken place on integero Use fixed point approximation
• E.g., the floating number 0.5 can be represented by an integer of 128 with respect to a base 256 (0.5 = 128/256)
27
Challenges and solutions• Supporting more types of operations
o HM encrypted data currently only support basic addition, multiplication or bit-wise shifting operations.
o Approximate advanced operations with addition and multiplication operations.
• E.g., Logarithm or exponential operation can be approximated by series expansion, which includes only addition and multiplication operations
• Supporting floating numbero All the HM operations are taken place on integero Use fixed point approximation
• E.g., the floating number 0.5 can be represented by an integer of 128 with respect to a base 256 (0.5 = 128/256)
• Complexity issueso HM operations are computationally demandingo Use Parallel computing to speed up HM operationso Leverage partial HM, leveled HM and fully HM operations in
different use cases.
28
Future work
Public Cloud services
Secure global model synthesisusing homomorphic computing
PrivateData
Private cloud at institution 1
Encryptor
PrivateData
Private cloud at institution 2
Encryptor
PrivateData
Private cloud at institution 3
Encryptor
Securely collaborate multiple data centers
homomorphic computing
homomorphic computing
homomorphic computing
Homomorphic encrypted federated-cloud computing
29
Thank you!• What is next?
o Two brief presentations to set the stage
o Breakout sessions in the afternoon
“Analytical Methods for a Learning Healthcare System”Michael Stoto, Georgetown University
“Distributed Statistical Model Fitting In Federated Networks: A user guide”Daniella Meeker, RAND Corporation and Jared Murray, Duke University
Room 304
Room 313