A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation

BACKGROUND: Patient data is considered particularly sensitive personal data. Privacy regulations strictly govern the use of patient data and restrict their exchange. However, medical research can benefit from multicentric studies in which patient data from different institutions are pooled and evalu...

Descripción completa

Detalles Bibliográficos
Autores principales: von Maltitz, Marcel, Ballhausen, Hendrik, Kaul, David, Fleischmann, Daniel F, Niyazi, Maximilian, Belka, Claus, Carle, Georg
Formato: Online Artículo Texto
Lenguaje:English
Publicado: JMIR Publications 2021
Materias:
Original Paper
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7850908/
https://www.ncbi.nlm.nih.gov/pubmed/33459602
http://dx.doi.org/10.2196/22158
_version_ 1783645536745684992
author von Maltitz, Marcel
Ballhausen, Hendrik
Kaul, David
Fleischmann, Daniel F
Niyazi, Maximilian
Belka, Claus
Carle, Georg
author_facet von Maltitz, Marcel
Ballhausen, Hendrik
Kaul, David
Fleischmann, Daniel F
Niyazi, Maximilian
Belka, Claus
Carle, Georg
author_sort von Maltitz, Marcel
collection PubMed
description BACKGROUND: Patient data is considered particularly sensitive personal data. Privacy regulations strictly govern the use of patient data and restrict their exchange. However, medical research can benefit from multicentric studies in which patient data from different institutions are pooled and evaluated together. Thus, the goals of data utilization and data protection are in conflict. Secure multiparty computation (SMPC) solves this conflict because it allows direct computation on distributed proprietary data—held by different data owners—in a secure way without exchanging private data. OBJECTIVE: The objective of this work was to provide a proof-of-principle of secure and privacy-preserving multicentric computation by SMPC with real-patient data over the free internet. A privacy-preserving log-rank test for the Kaplan-Meier estimator was implemented and tested in both an experimental setting and a real-world setting between two university hospitals. METHODS: The domain of survival analysis is particularly relevant in clinical research. For the Kaplan-Meier estimator, we provided a secure version of the log-rank test. It was based on the SMPC realization SPDZ and implemented via the FRESCO framework in Java. The complexity of the algorithm was explored both for synthetic data and for real-patient data in a proof-of-principle over the internet between two clinical institutions located in Munich and Berlin, Germany. RESULTS: We obtained a functional realization of an SMPC-based log-rank evaluation. This implementation was assessed with respect to performance and scaling behavior. We showed that network latency strongly influences execution time of our solution. Furthermore, we identified a lower bound of 2 Mbit/s for the transmission rate that has to be fulfilled for unimpeded communication. In contrast, performance of the participating parties have comparatively low influence on execution speed, since the peer-side processing is parallelized and the computational time only constitutes 30% to 50% even with optimal network settings. In the real-world setting, our computation between three parties over the internet, processing 100 items each, took approximately 20 minutes. CONCLUSIONS: We showed that SMPC is applicable in the medical domain. A secure version of commonly used evaluation methods for clinical studies is possible with current implementations of SMPC. Furthermore, we infer that its application is practically feasible in terms of execution time.
format Online
Article
Text
id pubmed-7850908
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher JMIR Publications
record_format MEDLINE/PubMed
spelling pubmed-78509082021-02-05 A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation von Maltitz, Marcel Ballhausen, Hendrik Kaul, David Fleischmann, Daniel F Niyazi, Maximilian Belka, Claus Carle, Georg JMIR Med Inform Original Paper BACKGROUND: Patient data is considered particularly sensitive personal data. Privacy regulations strictly govern the use of patient data and restrict their exchange. However, medical research can benefit from multicentric studies in which patient data from different institutions are pooled and evaluated together. Thus, the goals of data utilization and data protection are in conflict. Secure multiparty computation (SMPC) solves this conflict because it allows direct computation on distributed proprietary data—held by different data owners—in a secure way without exchanging private data. OBJECTIVE: The objective of this work was to provide a proof-of-principle of secure and privacy-preserving multicentric computation by SMPC with real-patient data over the free internet. A privacy-preserving log-rank test for the Kaplan-Meier estimator was implemented and tested in both an experimental setting and a real-world setting between two university hospitals. METHODS: The domain of survival analysis is particularly relevant in clinical research. For the Kaplan-Meier estimator, we provided a secure version of the log-rank test. It was based on the SMPC realization SPDZ and implemented via the FRESCO framework in Java. The complexity of the algorithm was explored both for synthetic data and for real-patient data in a proof-of-principle over the internet between two clinical institutions located in Munich and Berlin, Germany. RESULTS: We obtained a functional realization of an SMPC-based log-rank evaluation. This implementation was assessed with respect to performance and scaling behavior. We showed that network latency strongly influences execution time of our solution. Furthermore, we identified a lower bound of 2 Mbit/s for the transmission rate that has to be fulfilled for unimpeded communication. In contrast, performance of the participating parties have comparatively low influence on execution speed, since the peer-side processing is parallelized and the computational time only constitutes 30% to 50% even with optimal network settings. In the real-world setting, our computation between three parties over the internet, processing 100 items each, took approximately 20 minutes. CONCLUSIONS: We showed that SMPC is applicable in the medical domain. A secure version of commonly used evaluation methods for clinical studies is possible with current implementations of SMPC. Furthermore, we infer that its application is practically feasible in terms of execution time. JMIR Publications 2021-01-18 /pmc/articles/PMC7850908/ /pubmed/33459602 http://dx.doi.org/10.2196/22158 Text en ©Marcel von Maltitz, Hendrik Ballhausen, David Kaul, Daniel F Fleischmann, Maximilian Niyazi, Claus Belka, Georg Carle. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 18.01.2021. https://creativecommons.org/licenses/by/4.0/ This is an open-access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in JMIR Medical Informatics, is properly cited. The complete bibliographic information, a link to the original publication on http://medinform.jmir.org/, as well as this copyright and license information must be included.
spellingShingle Original Paper
von Maltitz, Marcel
Ballhausen, Hendrik
Kaul, David
Fleischmann, Daniel F
Niyazi, Maximilian
Belka, Claus
Carle, Georg
A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation
title A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation
title_full A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation
title_fullStr A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation
title_full_unstemmed A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation
title_short A Privacy-Preserving Log-Rank Test for the Kaplan-Meier Estimator With Secure Multiparty Computation: Algorithm Development and Validation
title_sort privacy-preserving log-rank test for the kaplan-meier estimator with secure multiparty computation: algorithm development and validation
topic Original Paper
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7850908/
https://www.ncbi.nlm.nih.gov/pubmed/33459602
http://dx.doi.org/10.2196/22158
work_keys_str_mv AT vonmaltitzmarcel aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT ballhausenhendrik aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT kauldavid aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT fleischmanndanielf aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT niyazimaximilian aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT belkaclaus aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT carlegeorg aprivacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT vonmaltitzmarcel privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT ballhausenhendrik privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT kauldavid privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT fleischmanndanielf privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT niyazimaximilian privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT belkaclaus privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation
AT carlegeorg privacypreservinglogranktestforthekaplanmeierestimatorwithsecuremultipartycomputationalgorithmdevelopmentandvalidation

Ejemplares similares