A Hybrid Cloud Deployment Architecture for Privacy-Preserving Collaborative Genome-Wide Association Studies

The increasing availability of sequenced human genomes is enabling health professionals and genomics researchers to well understand the implication of genetic variants in the development of common diseases, notably by means of genome-wide association studies (GWAS) which are very promising for personalized medicine and diagnostic testing. However, the ever present need to handle genetic data from different sources to conduct large studies entails multiple privacy and security issues. Actually, classical methods of anonymization are inapplicable for genetic data that are now known to be identifying per se. In this paper, we propose a novel framework for privacy-preserving collaborative GWAS performed in the cloud. Indeed, our proposal is the first framework which combines a hybrid cloud deployment with a set of four security mechanisms that are digital watermarking, homomorphic encryption, meta-data de-identification and the Intel Software Guard Extensions technology in order to ensure confidentiality of genetic data as well as their integrity. Furthermore, our approach describes meta-data management which has rarely been considered in state-of-the-art propositions despite their importance to genetic analyses; in addition, the new deployment model we suggest fits with existing infrastructures which makes its integration straightforward. Experimental results of a prototypical implementation on typical data sizes demonstrate that our solution protocol is feasible and that the framework is practical for real-world scenarios.