no free lunch in data privacy
play

No Free Lunch in Data Privacy CompSci 590.03 Instructor: Ashwin - PowerPoint PPT Presentation

Sep 15, 2022 •183 likes •674 views

No Free Lunch in Data Privacy CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 15: 590.03 Fall 12 1 Outline Background: Domain-independent privacy definitions No Free Lunch in Data Privacy [Kifer- M SIGMOD 11]

  1. No Free Lunch in Data Privacy CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 15: 590.03 Fall 12 1

  2. Outline • Background: Domain-independent privacy definitions • No Free Lunch in Data Privacy [Kifer- M SIGMOD ‘11] • Correlations: A case for domain specific privacy definitions [Kifer- M SIGMOD ‘11] • Pufferfish Privacy Framework [Kifer- M PODS’12] • Defining Privacy for Correlated Data [Kifer- M PODS’12 & Ding - M ‘13] – Next class Lecture 15: 590.03 Fall 12 2

  3. Data Privacy Problem Utility: Privacy: No breach about any individual Server D B Individual 1 Individual 2 Individual 3 Individual N r 1 r 2 r 3 r N Lecture 15: 590.03 Fall 12 3

  4. Data Privacy in the real world Application Data Collector Third Party Private Function (utility) (adversary) Information Medical Hospital Epidemiologist Disease Correlation between disease and geography Genome Hospital Statistician/ Genome Correlation between analysis Researcher genome and disease Advertising Google/FB/Y! Advertiser Clicks/Brows Number of clicks on an ad ing by age/region/gender … Social Facebook Another user Friend links Recommend other users Recommen- / profile or ads to users based on dations social network iDASH Privacy Workshop 9/29/2012 4

  5. Semantic Privacy ... nothing about an individual should be learnable from the database that cannot be learned without access to the database. T. Dalenius, 1977 Lecture 15: 590.03 Fall 12 5

  6. Can we achieve semantic privacy? • … or is there one (“precious…”) privacy definition to rule them all? Lecture 15: 590.03 Fall 12 6

  7. Defining Privacy • In order to allow utility, a non-negligible amount of information about an individual must be disclosed to the adversary. • Measuring information disclosed to an adversary involves carefully modeling the background knowledge already available to the adversary. • … but we do not know what information is available to the adversary. Lecture 15: 590.03 Fall 12 7

  8. Many definitions & several attacks • Linkage attack K-Anonymity • Background knowledge attack Sweeney et al. L-diversity IJUFKS ‘02 • Minimality /Reconstruction Machanavajjhala et. al attack TKDD ‘07 T-closeness • de Finetti attack E-Privacy • Composition attack Li et. al ICDE ‘07 Machanavajjhala et. al Diff ifferenti tial VLDB ‘09 Privacy Dw Dwork et. al ICALP ‘06 Lecture 15: 590.03 Fall 12 8

  9. Composability [Dwork et al, TCC 06] Theorem (Composability) : If algorithms A 1 , A 2 , …, A k use independent randomness and each A i satisfies ε i -differential privacy, resp. Then, outputting all the answers together satisfies differential privacy with ε = ε 1 + ε 2 + … + ε k Lecture 15: 590.03 Fall 12 10

  10. Differential Privacy • Domain independent privacy definition that is independent of the attacker. • Tolerates many attacks that other definitions are susceptible to. – Avoids composition attacks – Claimed to be tolerant against adversaries with arbitrary background knowledge. • Allows simple, efficient and useful privacy mechanisms – Used in a live US Census Product [ M et al ICDE ‘08] Lecture 15: 590.03 Fall 12 11

  11. Outline • Background: Domain independent privacy definitions. • No Free Lunch in Data Privacy [Kifer- M SIGMOD ‘11] • Correlations: A case for domain specific privacy definitions [Kifer- M SIGMOD ‘11] • Pufferfish Privacy Framework [Kifer- M PODS’12] • Defining Privacy for Correlated Data [Kifer- M PODS’12 & Ding - M ‘13] – Current research Lecture 15: 590.03 Fall 12 12

  12. No Free Lunch Theorem It is not possible to guarantee any utility in addition to privacy, without making assumptions about [Kifer- Machanavajjhala SIGMOD ‘11] • the data generating distribution • the background knowledge available [Dwork-Naor JPC ‘10] to an adversary Lecture 15: 590.03 Fall 12 13

  13. Discriminant: Sliver of Utility • Does an algorithm A provide any utility? w(k, A) > c if there are k inputs { D 1 , …, D k } such that A(D i ) give different outputs with probability > c . • Example: If A can distinguish between tables of size <100 and size >1000000000, then w(2,A) = 1 . 14

  14. Discriminant: Sliver of Utility Theorem: The discriminant of Laplace mechanism is 1. Proof: • Let Di = a database with n records and n∙i /k cancer patients • Let Si = the range [ n∙i /k – n/3k, n∙i /k + n/3k]. All Si are disjoint • Let M be the laplace mechanism on the query “how many cancer patients are there”. • Pr(M(Di) ε Si) = Pr(Noise < n/3k) > 1 – e -n/3k ε = 1 – δ • Hence, discriminant w(k,M) > 1- δ • As n tends to infinity, discriminant tends to 1. 15

  15. Discriminant: Sliver of Utility • Does an algorithm A provide any utility? w(k, A) > c if there are k inputs { D 1 , …, D k } such that A(D i ) give different outputs with probability > c . • If w(k, A) is close to 1 - we may get some utility after using A . • If w(k, A) is close to 0 - we cannot distinguish any k inputs – no utility. 16

  16. Non-privacy • D is randomly drawn from P data . • q is a sensitive query with k answers, s.t., knows P data but cannot guess value of q • A is not private if: can guess q correctly based on P data and A 17

  17. No Free Lunch Theorem • Let A be a privacy mechanism with w(k,A) > 1- ε • Let q be a sensitive query with k possible outcomes. • There exists a data generating distribution P data , s.t. – q(D) is uniformly distributed, but – wins with probability greater than 1- ε 18

  18. Outline • Background: Domain independent privacy definitions • No Free Lunch in Data Privacy [Kifer- M SIGMOD ‘11] • Correlations: A case for domain specific privacy definitions [Kifer- M SIGMOD ‘11] • Pufferfish Privacy Framework [Kifer- M PODS’12] • Defining Privacy for Correlated Data [Kifer- M PODS’12 & Ding - M ‘13] – Current research Lecture 15: 590.03 Fall 12 19

  19. Correlations & Differential Privacy • When an adversary knows that individuals in a table are correlated, then (s)he can learn sensitive information about individuals even from the output of a differentially private mechanism. • Example 1: Contingency tables with pre-released exact counts • Example 2: Social Networks Lecture 15: 590.03 Fall 12 20

  20. Contingency tables Each tuple takes k=4 different values 2 2 2 8 D Count( , ) Lecture 15: 590.03 Fall 12 21

  21. Contingency tables Want to release counts privately ? ? ? ? D Count( , ) Lecture 15: 590.03 Fall 12 22

  22. Laplace Mechanism 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 8 + Lap(1/ ε ) Mean : 8 D Variance : 2/ ε 2 Guarantees differential privacy. Lecture 15: 590.03 Fall 12 23

  23. Marginal counts 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 4 4 2 + Lap(1/ ε ) 8 + Lap(1/ ε ) 10 10 4 4 10 10 Auxiliary marginals published for following reasons: 1. Legal : 2002 Supreme Court case Utah v. Evans 2. Contractual : Advertisers must know exact D demographics at coarse granularities Does Laplace mechanism still guarantee privacy? Lecture 15: 590.03 Fall 12 24

  24. Marginal counts 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 4 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 8 + Lap(1/ ε ) 10 2 + Lap(1/ ε ) 4 10 Count ( , ) = 8 + Lap(1/ ε ) Count ( , ) = 8 - Lap(1/ ε ) D Count ( , ) = 8 - Lap(1/ ε ) Count ( , ) = 8 + Lap(1/ ε ) Lecture 15: 590.03 Fall 12 25

  25. Marginal counts 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 4 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 2 + Lap(1/ ε ) 8 + Lap(1/ ε ) 10 2 + Lap(1/ ε ) 4 10 Mean : 8 D Variance : 2/ke 2 can reconstruct the table with high precision for large k Lecture 15: 590.03 Fall 12 26

  26. Reason for Privacy Breach • Pairs of tables that differ in one tuple • cannot distinguish them Tables that do not satisfy background knowledge Space of all possible tables Lecture 15: 590.03 Fall 12 27

  27. Reason for Privacy Breach can distinguish between every pair of these tables based on the output Space of all possible tables Lecture 15: 590.03 Fall 12 28

  28. Correlations & Differential Privacy • When an adversary knows that individuals in a table are correlated, then (s)he can learn sensitive information about individuals even from the output of a differentially private mechanism. • Example 1: Contingency tables with pre-released exact counts • Example 2: Social Networks Lecture 15: 590.03 Fall 12 29

  29. A count query in a social network Bob Alice • Want to release the number of edges between blue and green communities. • Should not disclose the presence/absence of Bob-Alice edge. 30

  30. Adversary knows how social networks evolve • Depending on the social network evolution model, (d 2 -d 1 ) is linear or even super-linear in the size of the network. 31

  31. Differential privacy fails to avoid breach Output (d 1 + δ ) δ ~ Laplace(1/ ε ) Output (d 2 + δ ) Adversary can distinguish between the two worlds if d 2 – d 1 is large. 32

  32. Outline • Background: Domain independent privacy definitions • No Free Lunch in Data Privacy [Kifer- M SIGMOD ‘11] • Correlations: A case for domain-specific privacy definitions [Kifer- M SIGMOD ‘11] • Pufferfish Privacy Framework [Kifer- M PODS’12] • Defining Privacy for Correlated Data [Kifer- M PODS’12 & Ding - M ‘13] – Current research Lecture 15: 590.03 Fall 12 33

Recommend

WASTE-FREE LUNCH Day 1 OBJECTIVE Describe how a waste-free lunch at the Olympics could

WASTE-FREE LUNCH Day 1 OBJECTIVE Describe how a waste-free lunch at the Olympics could

WASTE-FREE LUNCH Day 1 OBJECTIVE Describe how a waste-free lunch at the Olympics could minimize our impact on the environment. CHALLENGE A waste-free lunch day will occur on Wednesday at our school. How can we advertise this?

754 views • 27 slides
% Free Lunch by Zip Code 2009-10 (NCES Common Core of Data) LOCATION CHARTER TOTAL FREE LUNCH

% Free Lunch by Zip Code 2009-10 (NCES Common Core of Data) LOCATION CHARTER TOTAL FREE LUNCH

% Free Lunch by Zip Code 2009-10 (NCES Common Core of Data) LOCATION CHARTER TOTAL FREE LUNCH SCHOOL SCHOOL NAME- BY SURVEY YEAR ZIP SCHOOL STUDENTS ELIGIBLE LEVEL CODE LOW GRADE HIGH GRADE (SCHOOL) (SCHOOL) (SCHOOL) (SCHOOL) (SCHOOL)

267 views • 9 slides
Sustaining the Data Ecosystem There is no free lunch but you still need to eat CCDSC 2016

Sustaining the Data Ecosystem There is no free lunch but you still need to eat CCDSC 2016

Sustaining the Data Ecosystem There is no free lunch but you still need to eat CCDSC 2016 Dr . Francine Berman Chair , Research Data Alliance/US Hamilton Distinguished Professor , RPI Fr Fran Berman 1 Why does Sustainability

333 views • 21 slides
2013 rockchalk 1 / 81 K.U. Introduction Data Outreg Plots Free Lunch Conclusions Guessing

2013 rockchalk 1 / 81 K.U. Introduction Data Outreg Plots Free Lunch Conclusions Guessing

Introduction Data Outreg Plots Free Lunch Conclusions Guessing rockchalk package Paul E. Johnson 1 2 &lt; pauljohn@ku.edu &gt; 1 Department of Political Science 2 Center for Research Methods and Data Analysis, University of Kansas 2013

953 views • 81 slides
30. Parallel Programming I Moores Law and the Free Lunch, Hardware Architectures, Parallel

30. Parallel Programming I Moores Law and the Free Lunch, Hardware Architectures, Parallel

30. Parallel Programming I Moores Law and the Free Lunch, Hardware Architectures, Parallel Execution, Flynns Taxonomy, Multi-Threading, Parallelism and Concurrency, C++ Threads, Scalability: Amdahl and Gustafson, Data-parallelism,

879 views • 70 slides
arXiv:2007.10928v1 [cs.LG] 21 Jul 2020 Abstract The No Free Lunch theorems prove that under a

arXiv:2007.10928v1 [cs.LG] 21 Jul 2020 Abstract The No Free Lunch theorems prove that under a

What is important about the No Free Lunch theorems? David H. Wolpert arXiv:2007.10928v1 [cs.LG] 21 Jul 2020 Abstract The No Free Lunch theorems prove that under a uniform distribution over induction problems (search problems or learning

618 views • 15 slides
Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No privacy breaches! Public Data Anonymization Data representation? Privacy breach? Value of data? Data publisher Privacy Analyst Work by: Elena

80 views • 3 slides
EU Art.29 Data Protection Users care about privacy Working Party From: Special Eurobarometer

EU Art.29 Data Protection Users care about privacy Working Party From: Special Eurobarometer

28/05/15 Outline Data privacy and the evolving regulation Privacy threats from LBS to geoSN EveryWare Lab Main (location) privacy protection techniques Data Management for Mobile Protecting geo-tagged resource publication

411 views • 7 slides
Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE

Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE

Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE Privacy Policy Terms &amp; Conditions and Subscriptions Consent Structure and Preferences Meetings, Conferences, and Events

926 views • 36 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
Outline Recap DifferenCal privacy ensures adversary cant

Outline Recap DifferenCal privacy ensures adversary cant

No Free Lunch &amp; Pufferfish Framework CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 11: 590.03 Fall 13 1 Outline Recap DifferenCal

752 views • 46 slides
Data privacy and big Data privacy and big data data Engineering &amp; Public Policy Lorrie

Data privacy and big Data privacy and big data data Engineering &amp; Public Policy Lorrie

CyLab Data privacy and big Data privacy and big data data Engineering &amp; Public Policy Lorrie Faith Cranor November 12, 2015 y &amp; c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 /

658 views • 21 slides
Data Privacy Law Overview Privacy Protections (D) Working Group Jennifer McAdam Senior Counsel

Data Privacy Law Overview Privacy Protections (D) Working Group Jennifer McAdam Senior Counsel

Data Privacy Law Overview Privacy Protections (D) Working Group Jennifer McAdam Senior Counsel DECEMBER 8, 2019 Data Privacy vs. Data Security Data Privacy Data Security How data is collected &amp; How data is stored &amp; used

465 views • 23 slides
Microsoft Research The free lunch is over. Muticores are here. We have to program them.

Microsoft Research The free lunch is over. Muticores are here. We have to program them.

Simon Peyton Jones Microsoft Research The free lunch is over. Muticores are here. We have to program them. This is hard. Yada-yada-yada. Programming parallel computers Plan A . Start with a language whose computational fabric

1.55k views • 65 slides
Privacy and Data Protection Designing for Privacy Tobias Pulls CC-BY-4.0 Privacy is a Human

Privacy and Data Protection Designing for Privacy Tobias Pulls CC-BY-4.0 Privacy is a Human

Privacy and Data Protection Designing for Privacy Tobias Pulls CC-BY-4.0 Privacy is a Human Right (1/2) From the United Nations Universal Declaration of Human Rights: Article 12 No one shall be subjected to arbitrary interference with his

338 views • 7 slides
11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity Being on-line without giving up everything about you Ensuring collected data doesnt reveal its users data Privacy in Structured Data:

766 views • 49 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

455 views • 10 slides
Microservices and OSGi running with Apache Karaf Agenda No free Lunch - microservices

Microservices and OSGi running with Apache Karaf Agenda No free Lunch - microservices

Microservices and OSGi running with Apache Karaf Agenda No free Lunch - microservices microservices or Service? Free Lunch? - OSGi Services Services in the Apache Karaf ecosystem Showcase: https:/

690 views • 44 slides
1476 Students 58% Free &amp; Reduced Lunch 12% English Learners

1476 Students 58% Free &amp; Reduced Lunch 12% English Learners

1476 Students 58% Free &amp; Reduced Lunch 12% English Learners 62% Hispanic or Latino 8% Asian 27% White 3% Other 9 8.5 8 7 6.3 6 5 2011-2012 4 2012-2013 3 2 1 0 Suspension Rate

455 views • 18 slides
No Free Lunch David Cervini, Danica Porobic , Pnar Tzn, Anastasia Ailamaki Why Hardware

No Free Lunch David Cervini, Danica Porobic , Pnar Tzn, Anastasia Ailamaki Why Hardware

Applying HTM to an OLTP System: No Free Lunch David Cervini, Danica Porobic , Pnar Tzn, Anastasia Ailamaki Why Hardware Transactional Memory? Multicores are here to stay Lock-based and lock-free programming is hard Transactional

273 views • 15 slides
Government and Big Data: Privacy Risks and Solutions Ontarios Access and Privacy Laws The

Government and Big Data: Privacy Risks and Solutions Ontarios Access and Privacy Laws The

Brian Beamish Information and Privacy Commissioner of Ontario January 26, 2017 Government and Big Data: Privacy Risks and Solutions Ontarios Access and Privacy Laws The Freedom of Information and Protection of Privacy Act (FIPPA) o

356 views • 17 slides
CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt // http://yxiao.info i i f Outline Outline What is Location Privacy Basic Techniques Private Information Retrieval Probabilistic

415 views • 24 slides

More recommend