Homomorphic encryption

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Homomorphic_encryption 

 

Homomorphic encryption

General
Derived from	Ring learning with errors
Related to	Private set intersection

Homomorphic encryption is a form of encryption that allows computation on ciphertexts, generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext.

Homomorphic encryption can be used for privacy-preserving outsourced storage and computation. This allows data to be encrypted and out-sourced to commercial cloud environments for processing, all while encrypted. In highly regulated industries, such as health care, homomorphic encryption can be used to enable new services by removing privacy barriers inhibiting data sharing. For example, predictive analytics in health care can be hard to apply due to medical data privacy concerns, but if the predictive analytics service provider can operate on encrypted data instead, these privacy concerns are diminished.

Description

Homomorphic encryption is a form of encryption with an additional evaluation capability for computing over encrypted data without access to the secret key. The result of such a computation remains encrypted. Homomorphic encryption can be viewed as an extension of either symmetric-key or public-key cryptography. Homomorphic refers to homomorphism in algebra: the encryption and decryption functions can be thought of as homomorphisms between plaintext and ciphertext spaces.

Homomorphic encryption includes multiple types of encryption schemes that can perform different classes of computations over encrypted data. Some common types of homomorphic encryption are partially homomorphic, somewhat homomorphic, leveled fully homomorphic, and fully homomorphic encryption. The computations are represented as either Boolean or arithmetic circuits. Partially homomorphic encryption encompasses schemes that support the evaluation of circuits consisting of only one type of gate, e.g., addition or multiplication. Somewhat homomorphic encryption schemes can evaluate two types of gates, but only for a subset of circuits. Leveled fully homomorphic encryption supports the evaluation of arbitrary circuits of bounded (pre-determined) depth. Fully homomorphic encryption (FHE) allows the evaluation of arbitrary circuits of unbounded depth, and is the strongest notion of homomorphic encryption. For the majority of homomorphic encryption schemes, the multiplicative depth of circuits is the main practical limitation in performing computations over encrypted data.

Homomorphic encryption schemes are inherently malleable. In terms of malleability, homomorphic encryption schemes have weaker security properties than non-homomorphic schemes.

History

Homomorphic encryption schemes have been developed using different approaches. Specifically, fully homomorphic encryption schemes are often grouped into generations corresponding to the underlying approach.

Pre-FHE

The problem of constructing a fully homomorphic encryption scheme was first proposed in 1978, within a year of publishing of the RSA scheme. For more than 30 years, it was unclear whether a solution existed. During that period, partial results included the following schemes:

• RSA cryptosystem (unbounded number of modular multiplications);
• ElGamal cryptosystem (unbounded number of modular multiplications);
• Goldwasser–Micali cryptosystem (unbounded number of exclusive or operations);
• Benaloh cryptosystem (unbounded number of modular additions);
• Paillier cryptosystem (unbounded number of modular additions);
• Sander-Young-Yung system (after more than 20 years solved the problem for logarithmic depth circuits);
• Boneh–Goh–Nissim cryptosystem (unlimited number of addition operations but at most one multiplication);
• Ishai-Paskin cryptosystem (polynomial-size branching programs).

First-generation FHE

Craig Gentry, using lattice-based cryptography, described the first plausible construction for a fully homomorphic encryption scheme. Gentry's scheme supports both addition and multiplication operations on ciphertexts, from which it is possible to construct circuits for performing arbitrary computation. The construction starts from a somewhat homomorphic encryption scheme, which is limited to evaluating low-degree polynomials over encrypted data; it is limited because each ciphertext is noisy in some sense, and this noise grows as one adds and multiplies ciphertexts, until ultimately the noise makes the resulting ciphertext indecipherable. Gentry then shows how to slightly modify this scheme to make it bootstrappable, i.e., capable of evaluating its own decryption circuit and then at least one more operation. Finally, he shows that any bootstrappable somewhat homomorphic encryption scheme can be converted into a fully homomorphic encryption through a recursive self-embedding. For Gentry's "noisy" scheme, the bootstrapping procedure effectively "refreshes" the ciphertext by applying to it the decryption procedure homomorphically, thereby obtaining a new ciphertext that encrypts the same value as before but has lower noise. By "refreshing" the ciphertext periodically whenever the noise grows too large, it is possible to compute an arbitrary number of additions and multiplications without increasing the noise too much. Gentry based the security of his scheme on the assumed hardness of two problems: certain worst-case problems over ideal lattices, and the sparse (or low-weight) subset sum problem. Gentry's Ph.D. thesis provides additional details. The Gentry-Halevi implementation of Gentry's original cryptosystem reported timing of about 30 minutes per basic bit operation. Extensive design and implementation work in subsequent years have improved upon these early implementations by many orders of magnitude runtime performance.

In 2010, Marten van Dijk, Craig Gentry, Shai Halevi and Vinod Vaikuntanathan presented a second fully homomorphic encryption scheme, which uses many of the tools of Gentry's construction, but which does not require ideal lattices. Instead, they show that the somewhat homomorphic component of Gentry's ideal lattice-based scheme can be replaced with a very simple somewhat homomorphic scheme that uses integers. The scheme is therefore conceptually simpler than Gentry's ideal lattice scheme, but has similar properties with regards to homomorphic operations and efficiency. The somewhat homomorphic component in the work of Van Dijk et al. is similar to an encryption scheme proposed by Levieil and Naccache in 2008, and also to one that was proposed by Bram Cohen in 1998. Cohen's method is not even additively homomorphic, however. The Levieil–Naccache scheme supports only additions, but it can be modified to also support a small number of multiplications. Many refinements and optimizations of the scheme of Van Dijk et al. were proposed in a sequence of works by Jean-Sébastien Coron, Tancrède Lepoint, Avradip Mandal, David Naccache, and Mehdi Tibouchi. Some of these works included also implementations of the resulting schemes.

Second-generation FHE

The homomorphic cryptosystems in current use are derived from techniques that were developed starting in 2011-2012 by Zvika Brakerski, Craig Gentry, Vinod Vaikuntanathan, and others. These innovations led to the development of much more efficient somewhat and fully homomorphic cryptosystems. These include:

• The Brakerski-Gentry-Vaikuntanathan (BGV, 2011) scheme, building on techniques of Brakerski-Vaikuntanathan;
• The NTRU-based scheme by Lopez-Alt, Tromer, and Vaikuntanathan (LTV, 2012);
• The Brakerski/Fan-Vercauteren (BFV, 2012) scheme, building on Brakerski's scale-invariant cryptosystem;
• The NTRU-based scheme by Bos, Lauter, Loftus, and Naehrig (BLLN, 2013), building on LTV and Brakerski's scale-invariant cryptosystem;
• The Cheon-Kim-Kim-Song (CKKS, 2016) scheme.

The security of most of these schemes is based on the hardness of the (Ring) Learning With Errors (RLWE) problem, except for the LTV and BLLN schemes that rely on an overstretched variant of the NTRU computational problem. This NTRU variant was subsequently shown vulnerable to subfield lattice attacks,^[25][24] which is why these two schemes are no longer used in practice. 

All the second-generation cryptosystems still follow the basic blueprint of Gentry's original construction, namely they first construct a somewhat homomorphic cryptosystem and then convert it to a fully homomorphic cryptosystem using bootstrapping.

A distinguishing characteristic of the second-generation cryptosystems is that they all feature a much slower growth of the noise during the homomorphic computations. Additional optimizations by Craig Gentry, Shai Halevi, and Nigel Smart resulted in cryptosystems with nearly optimal asymptotic complexity: Performing ${\displaystyle T}$ operations on data encrypted with security parameter ${\displaystyle k}$ has complexity of only ${\displaystyle T\cdot \mathrm {polylog} (k)}$. These optimizations build on the Smart-Vercauteren techniques that enables packing of many plaintext values in a single ciphertext and operating on all these plaintext values in a SIMD fashion. Many of the advances in these second-generation cryptosystems were also ported to the cryptosystem over the integers.

Another distinguishing feature of second-generation schemes is that they are efficient enough for many applications even without invoking bootstrapping, instead operating in the leveled FHE mode.

Third-generation FHE

In 2013, Craig Gentry, Amit Sahai, and Brent Waters (GSW) proposed a new technique for building FHE schemes that avoids an expensive "relinearization" step in homomorphic multiplication. Zvika Brakerski and Vinod Vaikuntanathan observed that for certain types of circuits, the GSW cryptosystem features an even slower growth rate of noise, and hence better efficiency and stronger security. Jacob Alperin-Sheriff and Chris Peikert then described a very efficient bootstrapping technique based on this observation.

These techniques were further improved to develop efficient ring variants of the GSW cryptosystem: FHEW (2014) and TFHE (2016). The FHEW scheme was the first to show that by refreshing the ciphertexts after every single operation, it is possible to reduce the bootstrapping time to a fraction of a second. FHEW introduced a new method to compute Boolean gates on encrypted data that greatly simplifies bootstrapping, and implemented a variant of the bootstrapping procedure. The efficiency of FHEW was further improved by the TFHE scheme, which implements a ring variant of the bootstrapping procedure using a method similar to the one in FHEW.

Partially homomorphic cryptosystems

In the following examples, the notation ${\displaystyle {\mathcal {E}}(x)}$ is used to denote the encryption of the message ${\displaystyle x}$. 

Unpadded RSA

If the RSA public key has modulus ${\displaystyle n}$ and encryption exponent ${\displaystyle e}$, then the encryption of a message ${\displaystyle m}$ is given by ${\displaystyle {\mathcal {E}}(m)=m^{e}\;{\bmod {\;}}n}$. The homomorphic property is then

${\displaystyle {\begin{aligned}{\mathcal {E}}(m_{1})\cdot {\mathcal {E}}(m_{2})&=m_{1}^{e}m_{2}^{e}\;{\bmod {\;}}n\\[6pt]&=(m_{1}m_{2})^{e}\;{\bmod {\;}}n\\[6pt]&={\mathcal {E}}(m_{1}\cdot m_{2})\end{aligned}}}$

ElGamal

 

In the ElGamal cryptosystem, in a cyclic group ${\displaystyle G}$ of order ${\displaystyle q}$ with generator ${\displaystyle g}$, if the public key is ${\displaystyle (G,q,g,h)}$, where ${\displaystyle h=g^{x}}$, and ${\displaystyle x}$ is the secret key, then the encryption of a message ${\displaystyle m}$ is ${\displaystyle {\mathcal {E}}(m)=(g^{r},m\cdot h^{r})}$, for some random ${\displaystyle r\in \{0,\ldots ,q-1\}}$. The homomorphic property is then

${\displaystyle {\begin{aligned}{\mathcal {E}}(m_{1})\cdot {\mathcal {E}}(m_{2})&=(g^{r_{1}},m_{1}\cdot h^{r_{1}})(g^{r_{2}},m_{2}\cdot h^{r_{2}})\\[6pt]&=(g^{r_{1}+r_{2}},(m_{1}\cdot m_{2})h^{r_{1}+r_{2}})\\[6pt]&={\mathcal {E}}(m_{1}\cdot m_{2}).\end{aligned}}}$

Goldwasser–Micali

 

In the Goldwasser–Micali cryptosystem, if the public key is the modulus ${\displaystyle n}$ and quadratic non-residue ${\displaystyle x}$, then the encryption of a bit ${\displaystyle b}$ is ${\displaystyle {\mathcal {E}}(b)=x^{b}r^{2}\;{\bmod {\;}}n}$, for some random ${\displaystyle r\in \{0,\ldots ,n-1\}}$. The homomorphic property is then

${\displaystyle {\begin{aligned}{\mathcal {E}}(b_{1})\cdot {\mathcal {E}}(b_{2})&=x^{b_{1}}r_{1}^{2}x^{b_{2}}r_{2}^{2}\;{\bmod {\;}}n\\[6pt]&=x^{b_{1}+b_{2}}(r_{1}r_{2})^{2}\;{\bmod {\;}}n\\[6pt]&={\mathcal {E}}(b_{1}\oplus b_{2}).\end{aligned}}}$

where ${\displaystyle \oplus }$ denotes addition modulo 2, (i.e. exclusive-or). 

Benaloh

In the Benaloh cryptosystem, if the public key is the modulus ${\displaystyle n}$ and the base ${\displaystyle g}$ with a blocksize of ${\displaystyle c}$, then the encryption of a message ${\displaystyle m}$ is ${\displaystyle {\mathcal {E}}(m)=g^{m}r^{c}\;{\bmod {\;}}n}$, for some random ${\displaystyle r\in \{0,\ldots ,n-1\}}$. The homomorphic property is then

${\displaystyle {\begin{aligned}{\mathcal {E}}(m_{1})\cdot {\mathcal {E}}(m_{2})&=(g^{m_{1}}r_{1}^{c})(g^{m_{2}}r_{2}^{c})\;{\bmod {\;}}n\\[6pt]&=g^{m_{1}+m_{2}}(r_{1}r_{2})^{c}\;{\bmod {\;}}n\\[6pt]&={\mathcal {E}}(m_{1}+m_{2}).\end{aligned}}}$

Paillier

In the Paillier cryptosystem, if the public key is the modulus ${\displaystyle n}$ and the base ${\displaystyle g}$, then the encryption of a message ${\displaystyle m}$ is ${\displaystyle {\mathcal {E}}(m)=g^{m}r^{n}\;{\bmod {\;}}n^{2}}$, for some random ${\displaystyle r\in \{0,\ldots ,n-1\}}$. The homomorphic property is then

${\displaystyle {\begin{aligned}{\mathcal {E}}(m_{1})\cdot {\mathcal {E}}(m_{2})&=(g^{m_{1}}r_{1}^{n})(g^{m_{2}}r_{2}^{n})\;{\bmod {\;}}n^{2}\\[6pt]&=g^{m_{1}+m_{2}}(r_{1}r_{2})^{n}\;{\bmod {\;}}n^{2}\\[6pt]&={\mathcal {E}}(m_{1}+m_{2}).\end{aligned}}}$

Other partially homomorphic cryptosystems

• Okamoto–Uchiyama cryptosystem
• Naccache–Stern cryptosystem
• Damgård–Jurik cryptosystem
• Sander–Young–Yung encryption scheme
• Boneh–Goh–Nissim cryptosystem
• Ishai–Paskin cryptosystem
• Castagnos–Laguillaumie cryptosystem

Fully Homomorphic Encryption

A cryptosystem that supports arbitrary computation on ciphertexts is known as fully homomorphic encryption (FHE). Such a scheme enables the construction of programs for any desirable functionality, which can be run on encrypted inputs to produce an encryption of the result. Since such a program need never decrypt its inputs, it can be run by an untrusted party without revealing its inputs and internal state. Fully homomorphic cryptosystems have great practical implications in the outsourcing of private computations, for instance, in the context of cloud computing.

Implementations

A list of open-source FHE libraries implementing second-generation and/or third-generation FHE schemes is provided below. An up-to-date list of homomorphic encryption implementations is also maintained by the HomomorphicEncryption.org industry standards consortium.

There are several open-source implementations of second- and third-generation fully homomorphic encryption schemes. Second-generation FHE scheme implementations typically operate in the leveled FHE mode (though bootstrapping is still available in some libraries) and support efficient SIMD-like packing of data; they are typically used to compute on encrypted integers or real/complex numbers. Third-generation FHE scheme implementations often bootstrap after each Boolean gate operation but have limited support for packing and efficient arithmetic computations; they are typically used to compute Boolean circuits over encrypted bits. The choice of using a second-generation vs. third-generation scheme depends on the input data types and the desired computation.

FHE libraries

• HElib by IBM implements the BGV scheme with the GHS optimizations, and the CKKS scheme;
• Microsoft SEAL implements the BFV and the CKKS encryption schemes;
• PALISADE by a consortium of DARPA-funded defense contractors and academics, including New Jersey Institute of Technology, Duality Technologies, Raytheon BBN Technologies, MIT, University of California, San Diego and others. PALISADE is a general-purpose lattice cryptography library implementing the BFV, BGV, CKKS, FHEW, and other lattice schemes;
• HEAAN by Seoul National University implements the CKKS scheme along with bootstrapping.
• FHEW by Leo Ducas and Daniele Micciancio implements the FHEW scheme.
• TFHE by Ilaria Chillotti, Nicolas Gama, Mariya Georgieva and Malika Izabachene implements the TFHE scheme.
• FV-NFLlib by CryptoExperts implements the BFV scheme.
• NuFHE by NuCypher provides a GPU implementation of TFHE.
• Lattigo implements the BFV and the CKKS encryption schemes in Go along with their distributed variants enabling Secure multi-party computation.

FHE frameworks

• E3 by MoMA Lab at NYU Abu Dhabi supports TFHE, FHEW, HElib and SEAL libraries.
• SHEEP by Alan Turing Institute supports HElib, SEAL, PALISADE and TFHE libraries.

Standardization

A community standard for homomorphic encryption is maintained by the HomomorphicEncryption.org group, an open industry/government/academia consortium co-founded in 2017 by Microsoft, IBM and Duality Technologies. The current standard document includes specifications of secure parameters for RLWE.

DeepMind

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/DeepMind 

 

DeepMind Technologies Limited

Type of business	Subsidiary
Founded	23 September 2010
Headquarters	6 Pancras Square, London N1C 4AG, UK
Founder(s)	Demis Hassabis, Shane Legg, Mustafa Suleyman
CEO	Demis Hassabis
General manager	Lila Ibrahim
Industry	Artificial Intelligence
Employees	1,000 (as of Dec 2019)
Parent	Independent (2010–2014) Google Inc. (2014–2015) Alphabet Inc. (2015–present)
URL	www.deepmind.com

Entrance of building where Google and DeepMind are located at 6 Pancras Square, London, UK.

DeepMind Technologies is a UK artificial intelligence company founded in September 2010, and acquired by Google in 2014. The company is based in London, with research centres in Canada, France, and the United States. In 2015, it became a wholly owned subsidiary of Alphabet Inc.

The company has created a neural network that learns how to play video games in a fashion similar to that of humans, as well as a Neural Turing machine, or a neural network that may be able to access an external memory like a conventional Turing machine, resulting in a computer that mimics the short-term memory of the human brain.

The company made headlines in 2016 after its AlphaGo program beat a human professional Go player Lee Sedol, the world champion, in a five-game match, which was the subject of a documentary film. A more general program, AlphaZero, beat the most powerful programs playing go, chess and shogi (Japanese chess) after a few days of play against itself using reinforcement learning.

History

The start-up was founded by Demis Hassabis, Shane Legg and Mustafa Suleyman in 2010.^[13][14] Hassabis and Legg first met at University College London's Gatsby Computational Neuroscience Unit.

During one of the interviews, Demis Hassabis said that the start-up began working on artificial intelligence technology by teaching it how to play old games from the seventies and eighties, which are relatively primitive compared to the ones that are available today. Some of those games included Breakout, Pong and Space Invaders. AI was introduced to one game at a time, without any prior knowledge of its rules. After spending some time on learning the game, AI would eventually become an expert in it. “The cognitive processes which the AI goes through are said to be very like those a human who had never seen the game would use to understand and attempt to master it.” The goal of the founders is to create a general-purpose AI that can be useful and effective for almost anything.

Major venture capital firms Horizons Ventures and Founders Fund invested in the company, as well as entrepreneurs Scott Banister, Peter Thiel, and Elon Musk. Jaan Tallinn was an early investor and an adviser to the company. On 26 January 2014, Google announced the company had acquired DeepMind for $500 million, and that it had agreed to take over DeepMind Technologies. The sale to Google took place after Facebook reportedly ended negotiations with DeepMind Technologies in 2013. The company was afterwards renamed Google DeepMind and kept that name for about two years.

In 2014, DeepMind received the "Company of the Year" award from Cambridge Computer Laboratory.

In September 2015, DeepMind and the Royal Free NHS Trust signed their initial Information Sharing Agreement (ISA) to co-develop a clinical task management app, Streams.

After Google's acquisition the company established an artificial intelligence ethics board. The ethics board for AI research remains a mystery, with both Google and DeepMind declining to reveal who sits on the board. DeepMind, together with Amazon, Google, Facebook, IBM and Microsoft, is a founding member of Partnership on AI, an organization devoted to the society-AI interface. DeepMind has opened a new unit called DeepMind Ethics and Society and focused on the ethical and societal questions raised by artificial intelligence featuring prominent philosopher Nick Bostrom as advisor. In October 2017, DeepMind launched a new research team to investigate AI ethics.

In December 2019, Co-founder Suleyman announced he would be leaving DeepMind to join Google, working in a policy role.

Machine learning

DeepMind Technologies' goal is to "solve intelligence", which they are trying to achieve by combining "the best techniques from machine learning and systems neuroscience to build powerful general-purpose learning algorithms". They are trying to formalize intelligence in order to not only implement it into machines, but also understand the human brain, as Demis Hassabis explains:

[...] attempting to distil intelligence into an algorithmic construct may prove to be the best path to understanding some of the enduring mysteries of our minds.

Google Research has released a paper in 2016 regarding AI Safety and avoiding undesirable behaviour during the AI learning process. Deepmind has also released several publications via its website. In 2017 DeepMind released GridWorld, an open-source testbed for evaluating whether an algorithm learns to disable its kill switch or otherwise exhibits certain undesirable behaviours.

To date, the company has published research on computer systems that are able to play games, and developing these systems, ranging from strategy games such as Go^[45] to arcade games. According to Shane Legg, human-level machine intelligence can be achieved "when a machine can learn to play a really wide range of games from perceptual stream input and output, and transfer understanding across games[...]."

Research describing an AI playing seven different Atari 2600 video games (the Pong game in Video Olympics, Breakout, Space Invaders, Seaquest, Beamrider, Enduro, and Q*bert) reportedly led to the company's acquisition by Google. Hassabis has mentioned the popular e-sport game StarCraft as a possible future challenge, since it requires a high level of strategic thinking and handling imperfect information. The first demonstration of the DeepMind progress in StarCraft II occurred on 24 January 2019, on StarCrafts Twitch channel and DeepMind's YouTube channel.

In July 2018, researchers from DeepMind trained one of its systems to play the famous computer game Quake III Arena.

Deep reinforcement learning

As opposed to other AIs, such as IBM's Deep Blue or Watson, which were developed for a pre-defined purpose and only function within its scope, DeepMind claims that its system is not pre-programmed: it learns from experience, using only raw pixels as data input. Technically it uses deep learning on a convolutional neural network, with a novel form of Q-learning, a form of model-free reinforcement learning. They test the system on video games, notably early arcade games, such as Space Invaders or Breakout. Without altering the code, the AI begins to understand how to play the game, and after some time plays, for a few games (most notably Breakout), a more efficient game than any human ever could.

In 2013, DeepMind demonstrated an AI system could surpass human abilities in games such as Pong, Breakout and Enduro, while surpassing state of the art performance on Seaquest, Beamrider, and Q*bert. DeepMind's AI had been applied to video games made in the 1970s and 1980s; work was ongoing for more complex 3D games such as Doom, which first appeared in the early 1990s.

In 2020, DeepMind published Agent57, an AI Agent which surpasses human level performance on all 57 games of the Atari2600 suite.

AlphaGo and successors

In October 2015, a computer Go program called AlphaGo, developed by DeepMind, beat the European Go champion Fan Hui, a 2 dan (out of 9 dan possible) professional, five to zero. This is the first time an artificial intelligence (AI) defeated a professional Go player. Previously, computers were only known to have played Go at "amateur" level. Go is considered much more difficult for computers to win compared to other games like chess, due to the much larger number of possibilities, making it prohibitively difficult for traditional AI methods such as brute-force.

In March 2016 it beat Lee Sedol—a 9th dan Go player and one of the highest ranked players in the world—with a score of 4-1 in a five-game match. 

In the 2017 Future of Go Summit, AlphaGo won a three-game match with Ke Jie, who at the time continuously held the world No. 1 ranking for two years. It used a supervised learning protocol, studying large numbers of games played by humans against each other.

In 2017, an improved version, AlphaGo Zero, defeated AlphaGo 100 games to 0. AlphaGo Zero's strategies were self-taught. AlphaGo Zero was able to beat its predecessor after just three days with less processing power than AlphaGo; in comparison, the original AlphaGo needed months to learn how to play.

Later that year, AlphaZero, a modified version of AlphaGo Zero but for handling any two-player game of perfect information, gained superhuman abilities at chess and shogi. Like AlphaGo Zero, AlphaZero learned solely through self-play.

Technology

AlphaGo technology was developed based on the deep reinforcement learning approach. This makes AlphaGo different from the rest of AI technologies on the market. With that said, AlphaGo's ‘brain’ was introduced to various moves based on the historical tournament data. The number of moves was increased gradually until it eventually processed over 30 million of them. The aim was to have the system mimic the human player and eventually become better. It played against itself and learned not only from its own defeats but wins as well; thus, it learned to improve itself over the time and increased its winning rate as a result.

AlphaGo used two deep neural networks: a policy network to evaluate move probabilities and a value network to assess positions. The policy network trained via supervised learning, and was subsequently refined by policy-gradient reinforcement learning. The value network learned to predict winners of games played by the policy network against itself. After training these networks employed a lookahead Monte Carlo tree search (MCTS), using the policy network to identify candidate high-probability moves, while the value network (in conjunction with Monte Carlo rollouts using a fast rollout policy) evaluated tree positions.

Zero trained using reinforcement learning in which the system played millions of games against itself. Its only guide was to increase its win rate. It did so without learning from games played by humans. Its only input features are the black and white stones from the board. It uses a single neural network, rather than separate policy and value networks. Its simplified tree search relies upon this neural network to evaluate positions and sample moves, without Monte Carlo rollouts. A new reinforcement learning algorithm incorporates lookahead search inside the training loop. AlphaGo Zero employed around 15 people and millions in computing resources. Ultimately, it needed much less computing power than AlphaGo, running on four specialized AI processors (Google TPUs), instead of AlphaGo's 48.

AlphaFold

In 2016 DeepMind turned its artificial intelligence to protein folding, one of the toughest problems in science. In December 2018, DeepMind's AlphaFold won the 13th Critical Assessment of Techniques for Protein Structure Prediction (CASP) by successfully predicting the most accurate structure for 25 out of 43 proteins. “This is a lighthouse project, our first major investment in terms of people and resources into a fundamental, very important, real-world scientific problem,” Hassabis said to The Guardian.

WaveNet and WaveRNN

Also in 2016, DeepMind introduced WaveNet, a text-to-speech system. It was originally too computationally intensive for use in consumer products, but in late 2017 it became ready for use in consumer applications such as Google Assistant. In 2018 Google launched a commercial text-to-speech product, Cloud Text-to-Speech, based on WaveNet.

In 2018, DeepMind introduced a more efficient model called WaveRNN co-developed with Google AI. In 2019, Google started to roll it out to Google Duo users.

AlphaStar

In January 2019, DeepMind introduced AlphaStar, a program playing the real-time strategy game StarCraft II. AlphaStar used reinforcement learning based on replays from human players, and then played against itself to enhance its skills. At the time of the presentation, AlphaStar had knowledge equivalent to 200 years of playing time. It won 10 consecutive matches against two professional players, although it had the unfair advantage of being able to see the entire field, unlike a human player who has to move the camera manually. A preliminary version in which that advantage was fixed lost a subsequent match.

In July 2019, AlphaStar began playing against random humans on the public 1v1 European multiplayer ladder. Unlike the first iteration of AlphaStar, which played only Protoss v. Protoss, this one played as all of the game's races, and had earlier unfair advantages fixed. By October 2019, AlphaStar reached Grandmaster level on the StarCraft II ladder on all three StarCraft races, becoming the first AI to reach the top league of a widely popular esport without any game restrictions.

Miscellaneous contributions to Google

Google has stated that DeepMind algorithms have greatly increased the efficiency of cooling its data centers. In addition, DeepMind (alongside other Alphabet AI researchers) assists Google Play's personalized app recommendations. DeepMind has also collaborated with the Android team at Google for the creation of two new features which were made available to people with devices running Android Pie, the ninth installment of Google's mobile operating system. These features, Adaptive Battery and Adaptive Brightness, use machine learning to conserve energy and make devices running the operating system easier to use. It is the first time DeepMind has used these techniques on such a small scale, with typical machine learning applications requiring orders of magnitude more computing power.

DeepMind Health

In July 2016, a collaboration between DeepMind and Moorfields Eye Hospital was announced to develop AI applications for healthcare. DeepMind would be applied to the analysis of anonymised eye scans, searching for early signs of diseases leading to blindness. 

In August 2016, a research programme with University College London Hospital was announced with the aim of developing an algorithm that can automatically differentiate between healthy and cancerous tissues in head and neck areas.

There are also projects with the Royal Free London NHS Foundation Trust and Imperial College Healthcare NHS Trust to develop new clinical mobile apps linked to electronic patient records.^[83] Staff at the Royal Free Hospital were reported as saying in December 2017 that access to patient data through the app had saved a ‘huge amount of time’ and made a ‘phenomenal’ difference to the management of patients with acute kidney injury. Test result data is sent to staff's mobile phones and alerts them to change in the patient's condition. It also enables staff to see if someone else has responded, and to show patients their results in visual form.

In November 2017, DeepMind announced a research partnership with the Cancer Research UK Centre at Imperial College London with the goal of improving breast cancer detection by applying machine learning to mammography. Additionally, in February 2018, DeepMind announced it was working with the U.S. Department of Veterans Affairs in an attempt to use machine learning to predict the onset of acute kidney injury in patients, and also more broadly the general deterioration of patients during a hospital stay so that doctors and nurses can more quickly treat patients in need.

DeepMind developed an app called Streams, which sends alerts to doctors about patients at risk of acute risk injury. On 13 November 2018, DeepMind announced that its health division and the Streams app would be absorbed into Google Health. Privacy advocates said the announcement betrayed patient trust and appeared to contradict previous statements by DeepMind that patient data would not be connected to Google accounts or services. A spokesman for DeepMind said that patient data would still be kept separate from Google services or projects.

NHS data-sharing controversy

In April 2016, New Scientist obtained a copy of a data sharing agreement between DeepMind and the Royal Free London NHS Foundation Trust. The latter operates three London hospitals where an estimated 1.6 million patients are treated annually. The agreement shows DeepMind Health had access to admissions, discharge and transfer data, accident and emergency, pathology and radiology, and critical care at these hospitals. This included personal details such as whether patients had been diagnosed with HIV, suffered from depression or had ever undergone an abortion in order to conduct research to seek better outcomes in various health conditions.

A complaint was filed to the Information Commissioner's Office (ICO), arguing that the data should be pseudonymised and encrypted. In May 2016, New Scientist published a further article claiming that the project had failed to secure approval from the Confidentiality Advisory Group of the Medicines and Healthcare products Regulatory Agency.

In May 2017, Sky News published a leaked letter from the National Data Guardian, Dame Fiona Caldicott, revealing that in her "considered opinion" the data-sharing agreement between DeepMind and the Royal Free took place on an "inappropriate legal basis". The Information Commissioner's Office ruled in July 2017 that the Royal Free hospital failed to comply with the Data Protection Act when it handed over personal data of 1.6 million patients to DeepMind.

DeepMind Ethics and Society

In October 2017, DeepMind announced a new research unit, DeepMind Ethics & Society. Their goal is to fund external research of the following themes: privacy, transparency, and fairness; economic impacts; governance and accountability; managing AI risk; AI morality and values; and how AI can address the world's challenges. As a result, the team hopes to further understand the ethical implications of AI and aid society to seeing AI can be beneficial.

This new subdivision of DeepMind is a completely separate unit from the partnership of leading companies using AI, academia, civil society organizations and nonprofits of the name Partnership on Artificial Intelligence to Benefit People and Society of which DeepMind is also a part.

Personal health record

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Personal_health_record 

 

A personal health record (PHR) is a health record where health data and other information related to the care of a patient is maintained by the patient. This stands in contrast to the more widely used electronic medical record, which is operated by institutions (such as hospitals) and contains data entered by clinicians (such as billing data) to support insurance claims. The intention of a PHR is to provide a complete and accurate summary of an individual's medical history which is accessible online. The health data on a PHR might include patient-reported outcome data, lab results, and data from devices such as wireless electronic weighing scales or (collected passively) from a smartphone.

Definition

The term "personal health record" is not new. The term was used as early as June 1978, and in 1956, there was a reference was made to a "personal health log." The term "PHR" may be applied to both paper-based and computerized systems; usage in the late 2010s usually implies an electronic application used to collect and store health data.

In the early 2000s, healthcare organizations began to propose formal definitions of the term. For example:

The Personal Health Record (PHR) is an Internet-based set of tools that allows people to access and coordinate their lifelong health information and make appropriate parts of it available to those who need it. PHRs offer an integrated and comprehensive view of health information, including information people generate themselves such as symptoms and medication use, information from doctors such as diagnoses and test results, and information from their pharmacies and insurance companies.

— Markle Foundation's Personal Health Working Group, Connecting for Health (2003)

The personal health record (PHR) is an electronic, universally available, lifelong resource of health information needed by individuals to make health decisions. Individuals own and manage the information in the PHR, which comes from healthcare providers and the individual. The PHR is maintained in a secure and private environment, with the individual determining rights of access. The PHR is separate from and does not replace the legal record of any provider.

— AHIMA e-HIM Personal Health Record Work Group (2005)

The industry model personal health record (PHR) is a private, secure web-based tool maintained by an insurer that contains claims and administrative information. PHRs may also include information that is entered by consumers themselves, as well as data from other sources such as pharmacies, labs, and care providers. PHRs enable individual patients and their designated caregivers to view and manage health information and play a greater role in their own health care.

— America's Health Insurance Plans (2006)

It is important to note that PHRs are not the same as electronic health records (EHRs) or electronic medical records (EMRs), which are software systems designed for use by health care providers.^{[5]:19–20[6]} Like the data recorded in paper-based medical records, the data in EHRs are legally mandated notes on the care provided by clinicians to patients. However, generally there is no mandate requiring patients to track their own health data. Like EHRs and EMRs, PHRs may still fall under the regulatory scope of governments, depending on their origin, but rigorous regulatory protection of their data is still lacking in parts of the world.

PHRs can contain a diverse range of data, including but not limited to:

• Allergies and adverse drug reactions,
• Chronic diseases,
• Family medical history,
• Illnesses and hospitalizations,
• Imaging reports (e.g. X-ray),
• Laboratory test results,
• Medications and dosing,
• Prescription record,
• Surgeries and other procedures,
• Vaccinations, and
• Observations of daily living (ODLs)

There are two methods by which data can arrive in a PHR. A patient may enter it directly, either by typing into fields or uploading/transmitting data from a file or another website. The second is when the PHR is tethered to an electronic health record, which automatically updates the PHR. Not all PHRs have the same capabilities, and individual PHRs may support one or all of these methods.

In addition to storing an individual's personal health information, some PHRs provide added-value services such as drug-drug interaction checking, electronic messaging between patients and providers, managing appointments, and reminders.

Benefits

PHRs grant patients access to a wide range of health information sources, best medical practices, and health knowledge. All of an individual’s medical records are stored in one place instead of paper-based files in various doctors’ offices. Upon encountering a medical condition, a patient can better access test results, communicate with their doctors, and share information with others suffering similarly.

Moreover, PHRs can benefit clinicians. PHRs offer patients the opportunity to submit their data to their clinicians' EHRs. This may help clinicians make better treatment decisions by providing more continuous data, resulting in improved efficiency in care. However, some physicians may have concerns about patient-entered information and its accuracy, as well as whether the added patient engagement creates more unreimbursable work.

PHRs have the potential to help analyze an individual’s health profile and identify health threats and improvement opportunities based on an analysis of drug interaction, current best medical practices, gaps in current medical care plans, and identification of medical errors. Patient illnesses can be tracked in conjunction with healthcare providers, and early interventions can be promoted upon encountering deviation of health status. PHRs also make it easier for clinicians to care for their patients by facilitating continuous communication as opposed to episodic. Eliminating communication barriers and allowing documentation flow between patients and clinicians in a timely fashion can save time consumed by face-to-face meetings and telephone communication. Improved communication can also ease the process for patients and caregivers to ask questions, to set up appointments, to request refills and referrals, and to report problems. Additionally, in the case of an emergency a PHR can quickly provide critical information to proper diagnosis or treatment.

Architecture

Like other health information technology, PHR architecture can be roughly organized into three main components:

Data

The information collected, stored, analyzed, and exchanged by the PHR.

Examples: medical history, laboratory results, imaging studies, medications

Infrastructure

The platform that handles data storage, processing, and exchange.

Examples: stand-alone software programs or websites, provider- or payer-connected (tethered) websites

Applications

The information exchange, data analysis, and content delivery capabilities of the system.

Examples: scheduling appointments, medication refill or renewal, decision aids, and patient education materials.

Architecture types remain various. However, in 2017, Roehrs et al. performed a systematic literature review of PHRs and were able to divide architecture types into two groups: model-based and coverage-based. Model architectures represent more traditional takes on PHRs, including health data that is still stored on paper. Coverage architectures represent more hybrid takes on the PHR, "with the PHR distributed inside and outside the health care organizations" based on the data's physical location. The associated architectural types have different costs and benefits. Likewise, stand-alone, provider-tethered, and payer-tethered PHRs have different advantages and disadvantages for patients related to their individual circumstances. Such differences are among the priority areas in PHR research. As PHRs may play a key role in advancing health information exchange, interoperability with other health IT systems is an important consideration for PHR architecture. Additionally, PHR systems requires users to put forth an "'ongoing' effort to keep their account up to date" (maintain an active role in managing their own health), which in turn requires further examination of PHR architecture and adoption models by developers.

Delivery platforms

One of the principal distinguishing features of a PHR is the platform by which it is delivered. The types of platforms include: paper, electronic device, and web.

Paper

Personal health information is recorded and stored in paper format. Printed laboratory reports, copies of clinic notes, and health histories created by the individual may be parts of a paper-based PHR. This method is low cost, reliable, and accessible without the need for a computer or any other hardware. Probably the most successful paper PHR is the hand-held pregnancy record, developed in Milton Keynes in the mid-1980s and now in use throughout the United Kingdom. These include the Scottish Woman-Held Maternity Record, All Wales Maternity Record, and Perinatal Institute notes.

Paper-based PHRs may be difficult to locate, update, and share with others. Paper-based PHRs are subject to physical loss and damage, such as can occur during a natural disaster. Paper records can also be printed from most electronic PHRs. However, Fawdry et al. have shown that paper records are extremely flexible and do have distinct advantages over rigid electronic systems.

Electronic devices

Personal health information is recorded and stored in personal computer-based software that may have the capability to print, backup, encrypt, and import data from other sources such as a hospital laboratory. The most basic form of a PC-based PHR would be a health history created in a word-processing program. The health history created in this way can be printed, copied, and shared with anyone with a compatible word processor.

PHR software can provide more sophisticated features such as data encryption, data importation, and data sharing with health care providers. Some PHR products allow the copying of health records to a mass-storage device such as a CD-ROM, DVD, smart card, or USB flash drive.

PC-based PHRs are subject to physical loss and damage of the personal computer and the data that it contains. Some other methods of device solution may entail cards with embedded chips containing health information that may or may not be linked to a personal computer application or a web solution.

Web applications

Web-based PHR solutions are essentially the same as electronic device PHR solutions, however, web-based solutions have the advantage of being easily integrated with other services. For example, some solutions allow for import of medical data from external sources. Solutions including HealthVault, and PatientsLikeMe allow data to be shared with other applications or specific people. Mobile solutions often integrate themselves with web solutions and use the web-based solution as the platform.

A large number of companies have emerged to provide consumers the opportunity to develop online PHRs. Some have been developed by non-profit organizations, while others have been developed by commercial ventures. These web-based applications allow users to directly enter their information such as diagnosis, medications, laboratory tests, immunizations and other data associated with their health. They generate records that can be displayed for review or transmitted to authorized receivers.

Despite the need for PHRs and the availability of various online PHR providers, there has not been wide adoption of PHR services. In fact, Google, being among the most innovative companies in the world, discontinued its PHR service called Google Health on January 12, 2012. The reason cited for shutting down Google Health was that the service did not translate from its limited usage into widespread usage in the daily health routines of millions of people. Surveys of web-based services have found wide variations in functions between services and only limited data on efficacy and safety concerns. One analyst, describing the public's reluctance to adopt the services, called PHRs "a technology in search of a market."

An emerging standard from HL7, Fast Healthcare Interoperability Resources (FHIR), is designed to make it easier for developers of personal health record applications to access relevant medical records.

EHRs, PHRs, patient portals and UHRs

The terms electronic health records, personal health records, and patient portals are not always used correctly. The generally agreed upon definition of these terms relates mainly to the ownership of the data. Once data is in a PHR it usually owned and controlled by the patient. Most EHRs, however, are the property of the provider, although the content can be co-created by both the provider and patient. A patient has a legal right in most states to request their healthcare data and under recent USA legislation those providers using a certified EHR will be required to provide an electronic copy as well. In the UK, according to the governments's information strategy for the NHS every primary care practice in England will have to offer patients online access to their care records by 2015. In 2012, only 1% did so. Electronic health records and electronic medical records contain clinical data created by and for health professionals in the course of providing care. The data is about the patient but the data resides in a health care provider's system. The patient portal is typically defined as a view into the electronic medical records. In addition, ancillary functions that support a health care provider's interaction with a patient are also found in those systems e.g. prescription refill requests, appointment requests, electronic case management, etc. Finally, PHRs are data that resides with the patient, in a system of the patient's choosing. This data may have been exported directly from an EMR, but the point is it now resides in a location of the patient's choosing. Access to that information is controlled entirely by the patient.

A new concept being discussed is the UHR or "universal health record", which would be a patient-centered and patient-controlled body of information that could be shared in a granular way with particular health care providers at the patient's discretion in support of the patient's work with health care providers. This project would enlist open source contributions and enhancements from developers, with particular emphasis on supporting patient expectations of privacy and responsible patient control of private health information (PHI). 

While PHRs can help patients keep track of their personal health information, the value of PHRs to healthcare organizations is still unclear.

Barriers to adoption

Since the National Academy of Medicine (previously the Institute of Medicine) called for greater adoption of PHRs in 1999, the software has faced many barriers to adoption, including economic, technological, regulatory, behavioral, and organizational issues at both the environmental and individual levels. A study from 2002 was carried out in an effort to assess the functionality and utility of the budding online PHR. It found that most people did not keep record of minute details of their healthcare experiences and therefore made it difficult to get full value from web-based PHRs. The PHRs selected for evaluation offered limited functionality to the general public, with limitations in data entry, validation, and information display methods. A 2005 survey found that limited access to computers and the internet access, as well as low computer literacy levels, known as the digital divide, was a barrier for low-income and aged populations. A 2010–11 set of interviews of clinicians and patients found "that both usability concerns and socio-cultural influences are barriers to PHR adoption and use." More recent studies and reviews in the mid- to late 2010s have revealed other issues such as privacy and confidentiality concerns, lack of motivation, low health literacy, health- and disease-related disabilities, and even administrative burdens.

Promotion and usability

Additionally, how the PHR is promoted by healthcare organizations, how useful their features are, and how well the care provider uses it, particularly in the realm of patient communication, can influence adoption and usage rates. Promotion may occur at several steps of the development and implementation process, from developers talking with providers about a proposed system, clinics forming patient focus groups, and providers posting physical and digital news of the PHR to patients. The features and usability of the system also drive adoption, with groups such as Kaiser Permanente and Cleveland Clinic seeing substantial increases in PHR use when adding the features users want. Provider use and communication has also proved important; "[s]ecure communication with the physician is important because the patients will eventually leave (the PHR) if there is no conversation going on with the physician." Additional studies have also show that when put to use, PHR's ability to enhance communication and collaboration can change patient patterns from sporadic visits to steady visits, and more significant PHR use.

Privacy and security

One of the most controversial issues for PHRs is how the technology could threaten the privacy of patient's protected health information (PHI). Network computer break-ins are becoming more common, thus storing medical information online can cause fear of the exposure of health information to unauthorized individuals. In addition to height, weight, blood pressure and other quantitative information about a patient's physical body, medical records can reveal very sensitive information. This includes fertility, surgical procedures, emotional and psychological disorders, and diseases, which many patients are reluctant to share even voluntarily.

Various threats exist to patient information confidentiality:

Accidental disclosure

During multiple electronic transfers of data to various entities, medical personnel can make innocent mistakes to cause disclosure of data.

Insider curiosity

Medical personnel may misuse their access to patient information out of curiosity or for another purpose.

Insider subordination

Medical personnel may leak out personal medical information for spite, profit, revenge, or other purposes.

Uncontrolled secondary usage

Those who are granted access to patient information solely for the purpose of supporting primary care can exploit that permission for reasons not listed in the contract, such as research.

Outsider intrusion

Former employees, network intruders, hackers, or others may access and steal information, steal hardware, damage systems, and disrupt operations.

Technological and regulatory issues play important roles in the privacy, security, and patient concerns surrounding PHI. On the technological side, failures occur at numerous points:

• breach of a patient data server connected to other unsecure systems
• phishing and hacks of company email accounts
• breach of a misconfigured public-facing server
• theft of unencrypted computing devices
• malware intentionally or accidentally installed on a server

The state of PHR regulations are also worth mentioning. A 2018 review and comparison of five legislative jurisdictions around the world found "considerable variances with regards to legal terminology and the degree of compliance required from entities offering PHR services across various jurisdictions." Even in the European Union, which provides some of the most significant protections to PHR data through the General Data Protection Regulation (GDPR), the reviewers found "significant room for interpretation and a degree of ambiguity in key areas." With further questions arising about the security and privacy of PHI that makes its ways to expanding platforms such as smartphones and associated applications, clearer regulations and policies will likely be required.

In public health

PHRs have the potential to benefit the public health sector in areas such as health monitoring, outbreak monitoring, empowerment through information and resources, linking to services, and research. However, tapping into this potential has been a slow process due to both the public health sector not fully engaging with adopters and the adopters themselves exhibiting "reticence to share sensitive information." Several surveys of Americans in the twenty-first century have indicated that anywhere between 63 to 73% would be willing to share at least some personal health information with public health officials for detecting disease outbreaks and other purposes. However, caveats about retaining control of how the information is presented and used remain strong among respondents, with concerns about anonymity, government insensitivity, and discrimination. Given the questionable state of regulatory efforts to protect PHR data from these and other concerns, the standard use of health data from PHRs in public health may still be far away. 

The U.S. Centers for Disease Control and Prevention has taken the idea of PHR integration with public health efforts a step further, in 2016 suggesting a framework for a community health record "for integrating and transforming multisector data into actionable information." Integration of EHR, PHR, and county health data would allow the integration and presentation of data across residential blocks to entire zip codes. However, like PHR, significant social approval would have to occur, and data use agreements would have to be established.