Providing provenance in scientific workflows is essential for reproducibility and auditability purposes. Workflow systems model and record provenance describing the steps performed to obtain the final results of a computation. In this work, we propose a framework that verifies the correctness of the statistical test results that are conducted by a researcher while protecting individuals' privacy in the researcher's dataset. The researcher publishes the workflow of the conducted study, its output, and associated metadata. They keep the research dataset private while providing, as part of the metadata, a partial noisy dataset (that achieves local differential privacy). To check the correctness of the workflow output, a verifier makes use of the workflow, its metadata, and results of another statistical study (using publicly available datasets) to distinguish between correct statistics and incorrect ones. We use case the proposed framework in the genome-wide association studies (GWAS), in which the goal is to identify highly associated point mutations (variants) with a given phenotype. For evaluation, we use real genomic data and show that the correctness of the workflow output can be verified with high accuracy even when the aggregate statistics of a small number of variants are provided. We also quantify the privacy leakage due to the provided workflow and its associated metadata in the GWAS use-case and show that the additional privacy risk due to the provided metadata does not increase the existing privacy risk due to sharing of the research results. Thus, our results show that the workflow output (i.e., research results) can be verified with high confidence in a privacy-preserving way. We believe that this work will be a valuable step towards providing provenance in a privacy-preserving way while providing guarantees to the users about the correctness of the results.
翻译:提供科学工作流程的出处对于复制和可审计目的至关重要。 工作流系统模型和记录出处说明了为获得计算的最终结果而采取的步骤。 在这项工作中,我们提议了一个框架,用以核实由研究人员进行的统计测试结果的正确性,同时保护研究人员数据集中的个人隐私。 研究人员公布所进行研究的工作流程、其产出和相关元数据。 它们保持研究数据集的私密性,同时作为元数据的一部分,提供一个部分繁忙的数据集(从而实现本地差异的隐私)。 为了检查工作流程产出的正确性,核查员利用工作流程、其元数据和另一项统计研究的结果(使用公开提供的数据集)来区分正确的统计数据和不正确的数据。 我们用拟议的框架来验证整个基因组的联系研究(GWAS)的隐私性。 目的是查明与某种性能类型的高度关联的点突变(变量) 。 为了评估,我们使用真实的基因组数据,并显示工作流程产出的正确性可以以高准确性的方式加以核查,即使使用公开的统计结果, 也能够以高的准确性的方式显示GVIS的统计结果的使用。 我们提供一种更高的数据, 提供更多的数据, 提供新的数据。 提供新的数据。