Marina Blanton

Marina Blanton, Ah Reum Kang, Subhadeep Karan et al.

Objective: To enable privacy-preserving learning of high quality generative and discriminative machine learning models from distributed electronic health records. Methods and Results: We describe general and scalable strategy to build machine learning models in a provably privacy-preserving way. Compared to the standard approaches using, e.g., differential privacy, our method does not require alteration of the input biomedical data, works with completely or partially distributed datasets, and is resilient as long as the majority of the sites participating in data processing are trusted to not collude. We show how the proposed strategy can be applied on distributed medical records to solve the variables assignment problem, the key task in exact feature selection and Bayesian networks learning. Conclusions: Our proposed architecture can be used by health care organizations, spanning providers, insurers, researchers and computational service providers, to build robust and high quality predictive models in cases where distributed data has to be combined without being disclosed, altered or otherwise compromised.

Fattaneh Bayatbabolghani, Marina Blanton, Mehrdad Aliasgari et al.

We present three private fingerprint alignment and matching protocols, based on what are considered to be the most precise and efficient fingerprint recognition algorithms, which use minutia points. Our protocols allow two or more honest-but-curious parties to compare their respective privately-held fingerprints in a secure way such that they each learn nothing more than an accurate score of how well the fingerprints match. To the best of our knowledge, this is the first time fingerprint alignment based on minutiae is considered in a secure computation framework. We build secure fingerprint alignment and matching protocols in both the two-party setting using garbled circuit evaluation and in the multi-party setting using secret sharing techniques. In addition to providing precise and efficient secure fingerprint alignment and matching, our contributions include the design of a number of secure sub-protocols for complex operations such as sine, cosine, arctangent, square root, and selection, which are likely to be of independent interest.

Justin DeBenedetto, Marina Blanton

Growth in research collaboration has caused an increased need for sharing of data. However, when this data is private, there is also an increased need for maintaining security and privacy. Secure multi-party computation enables any function to be securely evaluated over private data without revealing any unintended data. A number of tools and compilers have been recently developed to support evaluation of various functionalities over private data. PICCO is one of such compilers that transforms a general-purpose user program into its secure distributed implementation. Here we assess performance of common statistical programs using PICCO. Specifically, we focus on chi-squared and standard deviation computations and optimize user programs for them to assess performance that an informed user might expect from securely evaluating these functions using a general-purpose compiler.

Yihua Zhang, Marina Blanton, Ghada Almashaqbeh

Recent compilers allow a general-purpose program (written in a conventional programming language) that handles private data to be translated into secure distributed implementation of the corresponding functionality. The resulting program is then guaranteed to provably protect private data using secure multi-party computation techniques. The goals of such compilers are generality, usability, and efficiency, but the complete set of features of a modern programming language has not been supported to date by the existing compilers. In particular, recent compilers PICCO and the two-party ANSI C compiler strive to translate any C program into its secure multi-party implementation, but currently lack support for pointers and dynamic memory allocation, which are important components of many C programs. In this work, we mitigate the limitation and add support for pointers to private data and consequently dynamic memory allocation to the PICCO compiler, enabling it to handle a more diverse set of programs over private data. Because doing so opens up a new design space, we investigate the use of pointers to private data (with known as well as private locations stored in them) in programs and report our findings. Besides dynamic memory allocation, we examine other important topics associated with common pointer use such as reference by pointer/address, casting, and building various data structures in the context of secure multi-party computation. This results in enabling the compiler to automatically translate a user program that uses pointers to private data into its distributed implementation that provably protects private data throughout the computation. We empirically evaluate the constructions and report on performance of representative programs.