Extending Differential Privacy for Treating Dependent Records via Information Theory

Differential privacy is a strong privacy notion based on indistinguishability of outputs of two neighboring datasets, which represent two states of one’s information is within or without of a dataset. However, when facing dependent records, the representation would lose its foundation. Motivated by the observation, we introduce a variant of differential privacy notion based on the influence of outputs to an individual’s inputs. The new notion accurately captures the the weakening of the dependent records to the privacy guarantee of differential privacy. Our new privacy notion gets on well with the differential privacy. When the individuals are independent, the differential privacy model would be one spatial case of our model. When the individuals are dependent, the group privacy method to achieve differential privacy in dependent case can be used to achieve new privacy model. This fits in well with the results of differential privacy. Finally, our new privacy model fits in well with the information theory. We prove that if one mechanism satisfies the new privacy notion, the mutual information of one individual to the mechanism’s outputs would be upper bounded by a small valued. This implies that the rationality of our new model is based on the information theory.

[1]  Ninghui Li,et al.  Membership privacy: a unifying framework for privacy definitions , 2013, CCS.

[2]  Aleksandar Nikolov,et al.  The geometry of differential privacy: the sparse and approximate cases , 2012, STOC '13.

[3]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[4]  Adam D. Smith,et al.  Composition attacks and auxiliary information in data privacy , 2008, KDD.

[5]  Hiroshi Nakagawa,et al.  Bayesian Differential Privacy on Correlated Data , 2015, SIGMOD Conference.

[6]  Flávio du Pin Calmon,et al.  Privacy against statistical inference , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[7]  Ashwin Machanavajjhala,et al.  Blowfish privacy: tuning privacy-utility trade-offs using policies , 2013, SIGMOD Conference.

[8]  Claude Castelluccia,et al.  I Have a DREAM! (DiffeRentially privatE smArt Metering) , 2011, Information Hiding.

[9]  Philip S. Yu,et al.  Correlated network data publication via differential privacy , 2013, The VLDB Journal.

[10]  Ashwin Machanavajjhala,et al.  Pufferfish , 2014, ACM Trans. Database Syst..

[11]  Paul W. Cuff,et al.  Differential Privacy as a Mutual Information Constraint , 2016, CCS.

[12]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[13]  Tim Roughgarden,et al.  Universally utility-maximizing privacy mechanisms , 2008, STOC '09.

[14]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[15]  Prateek Mittal,et al.  Dependence Makes You Vulnberable: Differential Privacy Under Dependent Tuples , 2016, NDSS.

[16]  Jon M. Kleinberg,et al.  Networks, Crowds, and Markets: Reasoning about a Highly Connected World [Book Review] , 2013, IEEE Technol. Soc. Mag..

[17]  Linyuan Lu,et al.  Complex Graphs and Networks (CBMS Regional Conference Series in Mathematics) , 2006 .

[18]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[19]  J. Manyika Big data: The next frontier for innovation, competition, and productivity , 2011 .

[20]  Ashwin Machanavajjhala,et al.  A rigorous and customizable framework for privacy , 2012, PODS.

[21]  Ali Makhdoumi,et al.  Privacy-utility tradeoff under statistical uncertainty , 2013, 2013 51st Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[22]  Chris Clifton,et al.  Differential identifiability , 2012, KDD.

[23]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[24]  Gilles Barthe,et al.  Information-Theoretic Bounds for Differentially Private Mechanisms , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[25]  Darakhshan J. Mir Information-Theoretic Foundations of Differential Privacy , 2012, FPS.

[26]  Tianqing Zhu,et al.  Correlated Differential Privacy: Hiding Information in Non-IID Data Set , 2015, IEEE Transactions on Information Forensics and Security.

[27]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[28]  Prithviraj Sen,et al.  Representing and Querying Correlated Tuples in Probabilistic Databases , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[29]  Ashwin Machanavajjhala,et al.  No free lunch in data privacy , 2011, SIGMOD '11.

[30]  Lei Ying,et al.  On the relation between identifiability, differential privacy, and mutual-information privacy , 2014, 2014 52nd Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[31]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[32]  Andrew McGregor,et al.  The matrix mechanism: optimizing linear counting queries under differential privacy , 2015, The VLDB Journal.

[33]  Johannes Gehrke,et al.  Towards Privacy for Social Networks: A Zero-Knowledge Based Definition of Privacy , 2011, TCC.

[34]  Toniann Pitassi,et al.  The Limits of Two-Party Differential Privacy , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.