论文信息 - Oblivious Mechanisms in Differential Privacy: Experiments, Conjectures, and Open Questions

Oblivious Mechanisms in Differential Privacy: Experiments, Conjectures, and Open Questions

Differential privacy (DP) is a framework to quantify to what extent individual privacy in a statistical database is preserved while releasing useful aggregate information about the database. In this work, we aim an exploratory study to understand questions related to the optimality of noise generation mechanisms (NGMs) in differential privacy by taking into consideration the (i) query sensitivity, (ii) query side information, and (iii) the presence of longitudinal and collusion attacks. The results/observations from our study serve three important purposes: (i) provide us with conjectures on appropriate (in the sense of privacy-utility tradeoffs) oblivious NGM selection for scalar queries in both non-Bayesian as well as Bayesian user settings, (ii) provide supporting evidence and counterexamples to existing theory results on the optimality of NGMs when they are tested on a relaxed assumption set, and (ii) lead to a string of interesting open questions for the theory community in relation to the design and analysis of provably optimal oblivious differential privacy mechanisms.

[1] S. Stigler. Studies in the History of Probability and Statistics. XXXII Laplace, Fisher, and the discovery of the concept of sufficiency , 1973 .

[2] Pramod Viswanath,et al. The Staircase Mechanism in Differential Privacy , 2015, IEEE Journal of Selected Topics in Signal Processing.

[3] Moni Naor,et al. Our Data, Ourselves: Privacy Via Distributed Noise Generation , 2006, EUROCRYPT.

[4] Pramod Viswanath,et al. The optimal mechanism in differential privacy , 2012, 2014 IEEE International Symposium on Information Theory.

[5] 강승택. 2006 IEEE International Symposium on EMC를 다녀와서 , 2006 .

[6] Uriel Feige,et al. Proceedings of the thirty-ninth annual ACM symposium on Theory of computing , 2007, STOC 2007.

[7] Kobbi Nissim,et al. Impossibility of Differentially Private Universally Optimal Mechanisms , 2010, FOCS.

[8] Sofya Raskhodnikova,et al. Smooth sensitivity and sampling in private data analysis , 2007, STOC '07.

[9] Mukund Sundararajan,et al. Universally optimal privacy mechanisms for minimax agents , 2010, PODS '10.

[10] Cynthia Dwork,et al. Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[11] Pramod Viswanath,et al. The Composition Theorem for Differential Privacy , 2013, IEEE Transactions on Information Theory.

[12] Vitaly Shmatikov,et al. Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).