Results 1 - 10
of
669
Optimizing linear counting queries under differential privacy
- In PODS ’10: Proceedings of the twenty-ninth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems of data
, 2010
"... Differential privacy is a robust privacy standard that has been successfully applied to a range of data analysis tasks. But despite much recent work, optimal strategies for answering a collection of related queries are not known. We propose the matrix mechanism, a new algorithm for answering a workl ..."
Abstract
-
Cited by 96 (12 self)
- Add to MetaCart
Differential privacy is a robust privacy standard that has been successfully applied to a range of data analysis tasks. But despite much recent work, optimal strategies for answering a collection of related queries are not known. We propose the matrix mechanism, a new algorithm for answering a
Probabilistic Relational Reasoning for Differential Privacy
"... Differential privacy is a notion of confidentiality that protects the privacy of individuals while allowing useful computations on their private data. Deriving differential privacy guarantees for real programs is a difficult and error-prone task that calls for principled approaches and tool support. ..."
Abstract
-
Cited by 28 (6 self)
- Add to MetaCart
on top of theCoq proof assistant. The central component ofCertiPriv is a quantitative extension of a probabilistic relational Hoare logic that enables one to derive differential privacy guarantees for programs from first principles. We demonstrate the expressiveness of CertiPriv using a number
iReduct: Differential privacy with reduced relative errors
- In SIGMOD
, 2011
"... Prior work in differential privacy has produced techniques for answering aggregate queries over sensitive data in a privacypreserving way. These techniques achieve privacy by adding noise to the query answers. Their objective is typically to minimize absolute errors while satisfying differential pri ..."
Abstract
-
Cited by 32 (4 self)
- Add to MetaCart
Prior work in differential privacy has produced techniques for answering aggregate queries over sensitive data in a privacypreserving way. These techniques achieve privacy by adding noise to the query answers. Their objective is typically to minimize absolute errors while satisfying differential
NProbabilistic Relational Reasoning for Differential Privacy
"... Differential privacy is a notion of confidentiality that allows useful computations on sensible data while protecting the privacy of individuals. Proving differential privacy is a difficult and error-prone task that calls for principled approaches and tool support. Approaches based on linear types a ..."
Abstract
- Add to MetaCart
extension of probabilistic relational Hoare logic that enables one to derive differential privacy guarantees for programs from first principles. We demonstrate the applicability of CertiPriv on a number of examples whose formal analysis is out of the reach of previous techniques. In particular, we provide
Formal Analysis of a Privacy-Preserving Billing Protocol
"... Abstract. We provide a formal model and a security analysis of the Private Billing Protocol. This formal analysis allowed us to spell out precisely the details of the protocol, the security assumptions as well as the expected security goals. For the formal analysis we used SATMC, a model checker for ..."
Abstract
- Add to MetaCart
for security protocol analysis that supports the specifica-tion of security assumptions and goals as LTL formulae. Further analysis that we conducted manually revealed that the protocol allows for imple-mentations that fail to meet the expected privacy goal. We describe the implications of our findings
A firm foundation for private data analysis
- Commun. ACM
"... In the information realm, loss of privacy is usually associated with failure to control access to information, to control the flow of information, or to control the purposes for which information is employed. Differential privacy arose in a context in which ensuring privacy is a challenge even if al ..."
Abstract
-
Cited by 139 (3 self)
- Add to MetaCart
In the information realm, loss of privacy is usually associated with failure to control access to information, to control the flow of information, or to control the purposes for which information is employed. Differential privacy arose in a context in which ensuring privacy is a challenge even
The Limits of Two-Party Differential Privacy
- ELECTRONIC COLLOQUIUM ON COMPUTATIONAL COMPLEXITY, REPORT NO. 106 (2011)
, 2011
"... We study differential privacy in a distributed setting where two parties would like to perform analysis of their joint data while preserving privacy for both datasets. Our results imply almost tight lower bounds on the accuracy of such data analyses, both for specific natural functions (such as Hamm ..."
Abstract
-
Cited by 24 (2 self)
- Add to MetaCart
We study differential privacy in a distributed setting where two parties would like to perform analysis of their joint data while preserving privacy for both datasets. Our results imply almost tight lower bounds on the accuracy of such data analyses, both for specific natural functions (such
On the relation between Differential Privacy and Quantitative Information Flow ⋆
, 2011
"... Abstract. Differential privacy is a notion that has emerged in the community of statistical databases, as a response to the problem of protecting the privacy of the database’s participants when performing statistical queries. The idea is that a randomized query satisfies differential privacy if the ..."
Abstract
-
Cited by 14 (4 self)
- Add to MetaCart
framework provided by the Rényi min information theory. We show that there is a close relation between differential privacy and leakage, due to the graph symmetries induced by the adjacency relation. Furthermore, we consider the utility of the randomized answer, which measures its expected degree
Approximately Optimal Mechanism Design via Differential Privacy ∗
, 1004
"... In this paper we study the implementation challenge in an abstract interdependent values model and an arbitrary objective function. We design a mechanism that allows for approximate optimal implementation of insensitive objective functions in ex-post Nash equilibrium. If, furthermore, values are pri ..."
Abstract
-
Cited by 37 (1 self)
- Add to MetaCart
. Underlying our mechanism is a lottery between two auxiliary mechanisms — with high probability we actuate a mechanism that reduces players influence on the choice of the social alternative, while choosing the optimal outcome with high probability. This is where the recent notion of differential privacy
Publishing SetValued Data via Differential Privacy
"... Set-valued data provides enormous opportunities for various data mining tasks. In this paper, we study the problem of publishing set-valued data for data mining tasks under the rigorous differential privacy model. All existing data publishing methods for set-valued data are based on partitionbased p ..."
Abstract
-
Cited by 31 (13 self)
- Add to MetaCart
Set-valued data provides enormous opportunities for various data mining tasks. In this paper, we study the problem of publishing set-valued data for data mining tasks under the rigorous differential privacy model. All existing data publishing methods for set-valued data are based on partitionbased
Results 1 - 10
of
669