Accepted for/Published in: Journal of Medical Internet Research
Date Submitted: Feb 1, 2019
Open Peer Review Period: Feb 4, 2019 - Apr 1, 2019
Date Accepted: Jul 1, 2019
(closed for review but you can still tweet)
Examination of privacy preserving methods for feature engineering using blockchain
ABSTRACT
Background:
The protection of private data is a key responsibility for research studies interested in collecting data from study participants. Feature engineering is a process where useful features are extracted from raw data. An ideal framework for data collection would incorporate feature extraction in a secure environment without a trusted third party.
Objective:
This study compares current approaches based on their ability to maintain data privacy and on the practicality of their implementation. These approaches include traditional, cryptographic, secure hardware, and blockchain-based techniques.
Methods:
A set of properties are defined for evaluating each approach. A qualitative comparison is presented based on these properties. The evaluation of each approach is framed with a use case of sharing geolocation data.
Results:
We found that traditional approaches for preserving participant privacy require third parties to be highly trusted, and are subject to security vulnerabilities. Cryptographic techniques incorporate strong privacy-preserving paradigms, but are appropriate only for select use cases or are limited due to computational complexity. Blockchain smart contracts alone are insufficient to provide data privacy because transactional data is public. Trusted execution environments (TEEs) may have hardware vulnerabilities and lack visibility into how data is processed. Hybrid approaches combining blockchain and cryptographic techniques or blockchain and TEEs provide promising frameworks for privacy-preservation. For reference, we provide a software implementation that addresses the geolocation use case using the hybrid approach combining blockchain with TEEs as a supplement to this paper.
Conclusions:
Blockchain technology and smart contracts are pivotal in the development of new privacy-preserving feature engineering methods due to their lack of dependence on trusted parties and provide immutable, auditable data processing software. The overlap between blockchain and cryptographic techniques or blockchain and secure hardware technologies are promising fields for addressing important data privacy needs. Hybrid Blockchain and TEE frameworks currently provide practical tools for implementing privacy-preserving applications.
Citation
Per the author's request the PDF is not available.
Copyright
© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.