Biblio
With the help of rapidly developing technology, DNA sequencing is becoming less expensive. As a consequence, the research in genomics has gained speed in paving the way to personalized (genomic) medicine, and geneticists need large collections of human genomes to further increase this speed. Furthermore, individuals are using their genomes to learn about their (genetic) predispositions to diseases, their ancestries, and even their (genetic) compatibilities with potential partners. This trend has also caused the launch of health-related websites and online social networks (OSNs), in which individuals share their genomic data (e.g., OpenSNP or 23andMe). On the other hand, genomic data carries much sensitive information about its owner. By analyzing the DNA of an individual, it is now possible to learn about his disease predispositions (e.g., for Alzheimer's or Parkinson's), ancestries, and physical attributes. The threat to genomic privacy is magnified by the fact that a person's genome is correlated to his family members' genomes, thus leading to interdependent privacy risks. This short tutorial will help computer scientists better understand the privacy and security challenges in today's genomic era. We will first highlight the significance of genomic data and the threats for genomic privacy. Then, we will present the high level descriptions of the proposed solutions to protect the privacy of genomic data and we will discuss future research directions. No prerequisite knowledge on biology or genomics is required for the attendees of this proposal. We only require the attendees to have a slight background on cryptography and statistics.
Personalized medicine brings the promise of better diagnoses, better treatments, a higher quality of life and increased longevity. To achieve these noble goals, it exploits a number of revolutionary technologies, including genome sequencing and DNA editing, as well as wearable devices and implantable or even edible biosensors. In parallel, the popularity of "quantified self" gadgets shows the willingness of citizens to be more proactive with respect to their own health. Yet, this evolution opens the door to all kinds of abuses, notably in terms of discrimination, blackmailing, stalking, and subversion of devices. After giving a general description of this situation, in this talk we will expound on some of the main concerns, including the temptation to permanently and remotely monitor the physical (and metabolic) activity of individuals. We will describe the potential and the limitations of techniques such as cryptography (including secure multi-party computation), trusted hardware and differential privacy. We will also discuss the notion of consent in the face of the intrinsic correlations of human data. We will argue in favor of a more systematic, principled and cross-disciplinary research effort in this field and will discuss the motives of the various stakeholders.
Microfluidics is an interdisciplinary science focusing on the development of devices and systems that process low volumes of fluid for applications such as high throughput DNA sequencing, immunoassays, and entire Labs-on-Chip platforms. Microfluidic diagnostic technology enables these advances by facilitating the miniaturization and integration of complex biochemical processing through a microfluidic biochip [1]. This approach tightly couples the biochemical operations, sensing system, control algorithm, and droplet-based biochip. During the process the status of a droplet is monitored in real-time to detect operational errors. If an error has occurred, the control algorithm dynamically reconfigures to allow recovery and rescheduling of on-chip operations. During this recovery procedure the droplet that is the source of the error is discarded to prevent the propagation of the error and the operation is repeated. Threats to the operation of the microfluidics biochip include (1) integrity: an attack can modify control electrodes to corrupt the diagnosis, and (2) privacy: what can a user/operator deduce about the diagnosis? It is challenging to describe both these aspects using existing models; as Figure 1 depicts there are multiple security domains, Unidirectional information flows shown in black indicate undesirable flows, the bidirectional black arrows indicate desirable, but possibly corrupted, information flows, and the unidirectional red arrows indicate undesirable information flows. As with Stuxnet, a bidirectional, deducible information flow is needed between the monitoring security domain and internal security domain (biochip) [2]. Simultaneously, the attacker and the operators should receive a nondeducible information flow. Likewise, the red attack arrows should be deducible to the internal domain. Our current security research direction uses the novel approach of Multiple Security Domain Nondeducibility [2] to explore the vulnerabilities of exploiting this error recovery process through information flow leakages and leads to protection of the system through desirable information flows.
The concept of being a Smart Community has been at least since 1999 when the Intelligent Community Forum (ICF) chose Singapore as its first Intelligent Community of the Year. The ICF's criteria have been refined over the years, but they still seek out places that "understand the enormous challenges of the Broadband Economy, and have taken conscious steps to create an economy capable of prospering in it." But what does that really mean in a world where cardboard VR viewers are given away as conference swag, high school students are creating augmented reality tours of their schools, and citizens can report a pothole, or a messy neighbor, on an app like SeeClickFix? There is also an important confluence between the fields of "Smart Communities" and the concept of "Safe and Secure Communities". A community cannot really be considered "smart" if its habitants do not field "safe" going about their daily routines. On the flip side, many of the tools that will enable and enhance public safety (sensor based networks, big data analytics, public participation in decision making) have significant security and privacy implications. An innovative new program is being created at the University of Calgary to help in "Designing Smart and Secure Communities" while preserving privacy and avoiding a "Big Brother" world which would be antithetical to the goals of being a Smart Community. Thoughtful experts in this field believe that we can have many for of the benefits of being a smart community, including enhanced safety, without having to give up too much of our personal privacy. They also acknowledge that this is a tricky balance to strike, and that it will be hard work. There are excellent examples from around the world of cities that have found innovative ways to involve their citizens in a meaningful way in decisions that affect their lives. It will also consider some "platform technologies" such as non-financial applications of the blockchain, which can be used to build trust and confidence in civic applications. Things can also go horribly wrong when citizen engagement projects are poorly designed and implemented. As a creepy cautionary tale, and a warning about what might be coming down the road, we just have to look at the controversial use of "DNA Shaming" in Hong Kong to catch spitters and litterbugs.
A new paradigm in wireless network access is presented and analyzed. In this concept, certain classes of wireless terminals can be turned temporarily into an access point (AP) anytime while connected to the Internet. This creates a dynamic network architecture (DNA) since the number and location of these APs vary in time. In this paper, we present a framework to optimize different aspects of this architecture. First, the dynamic AP association problem is addressed with the aim to optimize the network by choosing the most convenient APs to provide the quality-of-service (QoS) levels demanded by the users with the minimum cost. Then, an economic model is developed to compensate the users for serving as APs and, thus, augmenting the network resources. The users' security investment is also taken into account in the AP selection. A preclustering process of the DNA is proposed to keep the optimization process feasible in a high dense network. To dynamically reconfigure the optimum topology and adjust it to the traffic variations, a new specific encoding of genetic algorithm (GA) is presented. Numerical results show that GA can provide the optimum topology up to two orders of magnitude faster than exhaustive search for network clusters, and the improvement significantly increases with the cluster size.
A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.
We propose a new security paradigm that makes cross-layer personalization a premier component in the design of security solutions for computer infrastructure and situational awareness. This paradigm is based on the observation that computer systems have a personalized usage profile that depends on the user and his activities. Further, it spans the various layers of abstraction that make up a computer system, as if the user embedded his own DNA into the computer system. To realize such a paradigm, we discuss the design of a comprehensive and cross-layer profiling approach, which can be adopted to boost the effectiveness of various security solutions, e.g., malware detection, insider attacker prevention and continuous authentication. The current state-of-the-art in computer infrastructure defense solutions focuses on one layer of operation with deployments coming in a "one size fits all" format, without taking into account the unique way people use their computers. The key novelty of our proposal is the cross-layer personalization, where we derive the distinguishable behaviors from the intelligence of three layers of abstraction. First, we combine intelligence from: a) the user layer, (e.g., mouse click patterns); b) the operating system layer; c) the network layer. Second, we develop cross-layer personalized profiles for system usage. We will limit our scope to companies and organizations, where computers are used in a more routine and one-on-one style, before we expand our research to personally owned computers. Our preliminary results show that just the time accesses in user web logs are already sufficient to distinguish users from each other,with users of the same demographics showing similarities in their profiles. Our goal is to challenge today's paradigm for anomaly detection that seems to follow a monoculture and treat each layer in isolation. We also discuss deployment, performance overhead, and privacy issues raised by our paradigm.