formulation of privacy
play

Formulation of Privacy What information can be published? Average - PowerPoint PPT Presentation

Mar 14, 2024 •170 likes •513 views

Zhenjie Zhang Advanced Digital Sciences Center, Singapore (Thanks to Xiaokui Xiao for contributing slides) Formulation of Privacy What information can be published? Average height of US people Height of an individual Intuition:

  1. Zhenjie Zhang Advanced Digital Sciences Center, Singapore (Thanks to Xiaokui Xiao for contributing slides)

  2. Formulation of Privacy  What information can be published?  Average height of US people  Height of an individual  Intuition:  If something is insensitive to the change of any individual tuple, then it should not be considered private  Example:  Assume that we arbitrarily change the height of an individual in the US  The average height of US people would remain roughly the same  i.e., The average height reveals little information about the exact height of any particular individual

  3. 𝜻 -Differential Privacy  Definition:  Neighboring datasets: Two datasets 𝑬 and 𝑬′ , such that 𝑬′ can be obtained by changing one single tuple in 𝑬  A randomized algorithm 𝑩 satisfies 𝛇 -differential privacy, iff for any two neighboring datasets 𝑬 and 𝑬′ and for any output 𝑷 of 𝑩 , Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷 Name Gender Age Diabetes Name Gender Age Diabetes Alice F 28 Y Alice F 28 Y Bob M 19 Y Bob M 19 Y Chris M 25 N Chris M 23 Y Doug M 30 N Doug M 30 N

  4. 𝜻 -Differential Privacy Probabilities ≤ exp (𝜻) ratio Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷  Intuition:  It is OK to publish information that is insensitive to changes of any particular tuple # of diabetes patients  Definition:  Neighboring datasets: Two datasets 𝑬 and 𝑬′ , such that 𝑬′ can be obtained by changing one single tuple in 𝑬  A randomized algorithm 𝑩 satisfies 𝛇 -differential privacy, iff for any two neighboring datasets 𝑬 and 𝑬′ and for any output 𝑷 of 𝑩 , Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  The value of 𝜻 decides the degree of privacy protection

  5. Achieving 𝜻 -Differential Privacy Name Gender Age Diabetes Name Gender Age Diabetes Alice F 28 Y Alice F 28 Y Bob M 19 Y Bob M 19 Y Chris M 25 N Chris M 23 Y Doug M 30 N Doug M 30 N  It won’t work if we release the number directly:  𝑬 : the original dataset  𝑬′ : modify an arbitrary patient in 𝑬  Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷 does not hold for any 𝜻 Pr 𝑩 𝑬 = 𝒊 Pr 𝑩 𝑬′ = 𝒊′ 100% 𝒊 ′ = 𝟒 𝟏 𝟐 𝒊 = 𝟑 # of diabetes patients

  6. Achieving 𝜻 -Differential Privacy Name Gender Age Diabetes Name Gender Age Diabetes Alice F 28 Y Alice F 28 Y Bob M 19 Y Bob M 19 Y Chris M 25 N Chris M 23 Y Doug M 30 N Doug M 30 N  Idea:  Perturb the number of diabetes patients to obtain a smooth distribution Pr 𝑩 𝑬 = 𝒊 Pr 𝑩 𝑬′ = 𝒊′ 100% 𝒊 ′ = 𝟒 𝟏 𝟐 𝒊 = 𝟑 # of diabetes patients

  7. Achieving 𝜻 -Differential Privacy Name Gender Age Diabetes Name Gender Age Diabetes Alice F 28 Y Alice F 28 Y Bob M 19 Y Bob M 19 Y Chris M 25 N Chris M 23 Y Doug M 30 N Doug M 30 N  Idea:  Perturb the number of diabetes patients to obtain a smooth distribution Pr 𝑩 𝑬 = 𝒊 Pr 𝑩 𝑬′ = 𝒊′ 100% 𝒊 ′ = 𝟒 𝟏 𝟐 𝒊 = 𝟑 # of diabetes patients

  8. Achieving 𝜻 -Differential Privacy Name Gender Age Diabetes Name Gender Age Diabetes Alice F 28 Y Alice F 28 Y Bob M 19 Y Bob M 19 Y Chris M 25 N Chris M 23 Y Doug M 30 N Doug M 30 N  Idea:  Perturb the number of diabetes patients to obtain a smooth distribution ratio bounded Pr 𝑩 𝑬 = 𝒊 Pr 𝑩 𝑬′ = 𝒊′ 100% 𝒊 ′ = 𝟒 𝟏 𝟐 𝒊 = 𝟑 # of diabetes patients

  9. Laplace Distribution 𝒚  𝑞𝑒𝑔 𝒚 = exp − 2𝝁 ; 𝝁  increase/decrease 𝒚 by 1 1  𝑞𝑒𝑔 𝒚 changes by a factor of exp −  𝝁  𝝁 is referred as the scale 0.5 𝝁 = 1 0.45 𝝁 = 2 0.4 0.35 𝝁 = 4 0.3 0.25 0.2 0.15 0.1 0.05 0 -10 -8 -6 -4 -2 0 2 4 6 8 10

  10. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify a patient in 𝑬 ; # of diabetes patients = 𝒊′ ratio bounded Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷 𝒊 𝒛 𝒊′ # of diabetes patients

  11. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify a patient in 𝑬 ; # of diabetes patients = 𝒊′ Pr 𝑩 𝑬 = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊) = exp(−|𝒛 − 𝒊|/𝝁)/2𝝁 Pr 𝑩 𝑬 = 𝑷 𝒊 𝒛 # of diabetes patients

  12. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify the height of an individual in 𝑬 ; # of diabetes patients = 𝒊′ Pr 𝑩 𝑬′ = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊′) = exp(−|𝒛 − 𝒊′|/𝝁)/2𝝁 Pr 𝑩 𝑬′ = 𝑷 𝒛 𝒊′ # of diabetes patients

  13. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify the height of an individual in 𝑬 ; # of diabetes patients = 𝒊′ Pr 𝑩 𝑬′ = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊′) = exp(−|𝒛 − 𝒊′|/𝝁)/2𝝁 Pr 𝑩 𝑬 = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊) = exp(−|𝒛 − 𝒊|/𝝁)/2𝝁 Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷 𝒊 𝒛 𝒊′ # of diabetes patients

  14. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify the height of an individual in 𝑬 ; # of diabetes patients = 𝒊′ Pr 𝑩 𝑬′ = 𝒛 Pr 𝑩 𝑬 = 𝒛 Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷 𝒊 𝒛 𝒊′ # of diabetes patients

  15. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify the height of an individual in 𝑬 ; # of diabetes patients = 𝒊′ Pr 𝑩 𝑬 = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊 ′ ) Pr 𝑩 𝑬′ = 𝒛 𝑞𝑒𝑔(𝒛 − 𝒊) Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷 𝒊 𝒛 𝒊′ # of diabetes patients

  16. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify the height of an individual in 𝑬 ; # of diabetes patients = 𝒊′ Pr 𝑩 𝑬 = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊 ′ ) 𝑞𝑒𝑔(𝒛 − 𝒊) = exp(−|𝒛 − 𝒊′|/𝝁)/2𝝁 Pr 𝑩 𝑬′ = 𝒛 exp(−|𝒛 − 𝒊|/𝝁)/2𝝁 Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷 𝒊 𝒛 𝒊′ # of diabetes patients

  17. Differential Privacy via Laplace Noise  Dataset: A set of patients Release # of diabetes patients with 𝜻 -differential privacy  Objective: Pr 𝑩 𝑬 = 𝑷 ≤ exp (𝜻) ∙ Pr 𝑩 𝑬′ = 𝑷  Method: Release the number + Laplace noise 𝑞𝑒𝑔 𝒚 = exp − 𝒚 2𝝁 𝝁  Rationale:  𝑬 : the original dataset; # of diabetes patients = 𝒊  𝑬′ : modify the height of an individual in 𝑬 ; # of diabetes patients = 𝒊′ 𝒊 − 𝒊 ′ Pr 𝑩 𝑬 = 𝒛 = 𝑞𝑒𝑔(𝒛 − 𝒊 ′ ) Pr 𝑩 𝑬′ = 𝒛 𝑞𝑒𝑔(𝒛 − 𝒊) ≤ exp 𝝁 Pr 𝑩 𝑬 = 𝑷 Pr 𝑩 𝑬′ = 𝑷 𝒊 𝒛 𝒊′ # of diabetes patients

Recommend

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
14 mg HEALTHY BLOOD TONIC Why this formulation? Formulation used to help maintain healthy

14 mg HEALTHY BLOOD TONIC Why this formulation? Formulation used to help maintain healthy

14 mg HEALTHY BLOOD TONIC Why this formulation? Formulation used to help maintain healthy physiological iron stores. Helps to produce red blood cells. Optimum support to optimize and increase energy reserves. Advantages to use liquids for

1.38k views • 10 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
A New Framework for RFID Privacy Robert H. Deng, Yingjiu Li, Moti Yung, Yunlei Zhao ESORICS 2010

A New Framework for RFID Privacy Robert H. Deng, Yingjiu Li, Moti Yung, Yunlei Zhao ESORICS 2010

A New Framework for RFID Privacy Robert H. Deng, Yingjiu Li, Moti Yung, Yunlei Zhao ESORICS 2010 Outline Introduction. Model of RFID Systems. Adaptive Completeness and Mutual Authentication. zk-Privacy: Formulation, Clarifications

456 views • 35 slides
How to Best Process Data If Formulation of the . . . Recommendation We Have Both Absolute and

How to Best Process Data If Formulation of the . . . Recommendation We Have Both Absolute and

Formulation of the . . . Formulation of the . . . How to Best Process Data If Formulation of the . . . Recommendation We Have Both Absolute and Algorithm Relative Measurement Home Page Errors: A Pedagogical Title Page Comment

308 views • 6 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

ECE598NB Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics Course Structure Privacy Define privacy Privacy History Privacy has always existed Cities / large populations have made

173 views • 14 slides
A semi- -analytical mathematical formulation as a analytical mathematical formulation as a A

A semi- -analytical mathematical formulation as a analytical mathematical formulation as a A

National Technical University of Athens School of Naval Architecture and Marine Engineering Division of Marine Structures A semi- -analytical mathematical formulation as a analytical mathematical formulation as a A semi tool for the dynamic

265 views • 23 slides
European Paediatric Formulation Initiative European Paediatric Formulation Initiative Overview

European Paediatric Formulation Initiative European Paediatric Formulation Initiative Overview

Literature review on swallowability of oral solid dosage forms in children Fang Liu University of Hertfordshire European Paediatric Formulation Initiative European Paediatric Formulation Initiative Overview Outcomes of a systematic

363 views • 20 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy Alexandra Wood Berkman Klein Center for Internet & Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

CS 134 Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire (Image from geekologie.com) Relevant to corporations & government agencies Recently increased awareness However, general public

171 views • 16 slides
PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Todays Menu PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches COMPUTING Definitions Challenges 1. History and legal aspects 1.

264 views • 13 slides
Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Mobile Networks - Module H2 Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; privacy preserving routing in ad hoc networks; Slides adapted from Security and

909 views • 55 slides
Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Simone Fischer-Hbner Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues (LBS, RFID,...) IV. European Privacy Legislation/ Directives I. Definition Warren & Brandeis 1890 The right to

694 views • 30 slides
matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

Government data matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy Assessments 17 May 2018 Brief overview of the OAIC, Privacy Act and Australian Privacy Principles (APPs) OAICs involvement

454 views • 16 slides
Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy, and Data April 18, 2019 The Pessimistic View (or, Privacy is Dead) Internet Privacy A More Realistic View Privacy Monetization Convenience

355 views • 9 slides

More recommend