P2GT: Fine-Grained Genomic Data Access Control With Privacy-Preserving Testing in Cloud Computing

With the rapid development of bioinformatics and the availability of genetic sequencing technologies, genomic data has been used to facilitate personalized medicine. Cloud computing, features as low cost, rich storage and rapid processing can precisely respond to the challenges brought by the emergence of massive genomic data. Considering the security of cloud platform and the privacy of genomic data, we first introduce P2GT which utilizes key-policy attribute-based encryption to realize genomic data access control with unbounded attributes, and employs equality test algorithm to achieve personalized medicine test by matching digitized single nucleotide polymorphisms (SNPs) directly on the users' ciphertext without encrypting multiple times. We then propose an enhanced scheme P2GT+, which adopts identity-based encryption with equality test supporting flexible joint authorization to realize privacy-preserving paternity test, genetic compatibility test and disease susceptibility test over the encrypted SNPs with P2GT. We prove the security of proposed schemes and conduct extensive experiments with the 1,000 Genomes dataset. The results show that P2GT and P2GT+ are practical and scalable enough to meet the privacy-preserving and authorized genetic testing requirements in cloud computing.