Filters








15,289 Hits in 4.8 sec

Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential Privacy

Gilles Barthe, Marco Gaboardi, Emilio Jesús Gallego Arias, Justin Hsu, Aaron Roth, Pierre-Yves Strub
2015 Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL '15  
We introduce a relational refinement type system, called HOARe^2, for verifying mechanism design and differential privacy.  ...  We show that HOARe^2 is sound w.r.t. a denotational semantics, and correctly models (ϵ,δ)-differential privacy; moreover, we show that it subsumes DFuzz, an existing linear dependent type system for differential  ...  Verifying MD and DP 28 Differential Privacy Formal Definition A probabilistic function F : T → S is ( , δ)-Differentially Private if for all pairs of adjacent t 1 , t 2 ∈ T and for every E ⊆ S: Pr x←F  ... 
doi:10.1145/2676726.2677000 dblp:conf/popl/BartheGAHRS15 fatcat:gsa74vurzngrjfgnbmp5fqcrae

Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential Privacy

Gilles Barthe, Marco Gaboardi, Emilio Jesús Gallego Arias, Justin Hsu, Aaron Roth, Pierre-Yves Strub
2015 SIGPLAN notices  
Verifying MD and DP 28 Differential Privacy Formal Definition A probabilistic function F : T → S is ( , δ)-Differentially Private if for all pairs of adjacent t 1 , t 2 ∈ T and for every E ⊆ S: Pr x←F  ...  Verifying MD and DP 28 Differential Privacy Formal Definition A probabilistic function F : T → S is ( , δ)-Differentially Private if for all pairs of adjacent t 1 , t 2 ∈ T and for every E ⊆ S: Pr x←F  ...  {br * :: R → A | ∀s, a. pay * (br * s) s ≥ pay * a s} → {dev * :: Extended type for Laplace lap with a refinement type capturing accuracy:  ... 
doi:10.1145/2775051.2677000 fatcat:qp7lquuxszgujnwigwpoblgpb4

Differentially Private Bayesian Programming

Gilles Barthe, Gian Pietro Farina, Marco Gaboardi, Emilio Jesus Gallego Arias, Andy Gordon, Justin Hsu, Pierre-Yves Strub
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
Then, differential privacy of programs is established using a relational refinement type system, in which refinements on probability types are indexed by a metric on distributions.  ...  Our framework leverages recent developments in Bayesian inference, probabilistic programming languages, and in relational refinement types.  ...  To address this challenge, we use an approach based on approximate relational higher-order refinement type system called HOARe 2 [6] .  ... 
doi:10.1145/2976749.2978371 dblp:conf/ccs/BartheFGAGHS16 fatcat:lrfmbhtqvbfhbm3bwafgdlpvmu

Solo: A Lightweight Static Analysis for Differential Privacy [article]

Chike Abuah, David Darais, Joseph P. Near
2021 arXiv   pre-print
All current approaches for statically enforcing differential privacy in higher order languages make use of either linear or relational refinement types.  ...  We propose a new type system that enforces differential privacy, avoids the use of linear and relational refinement types, and can be easily embedded in mainstream richly typed programming languages such  ...  Type Systems for Differential Privacy. The first static approach for verifying differential privacy in the context of higher-order programming constructs was F [Reed and Pierce 2010] .  ... 
arXiv:2105.01632v2 fatcat:2fd2pfx3ibaullw7z75a5otyqu

Contextual Linear Types for Differential Privacy [article]

Matías Toro, David Darais, Chike Abuah, Joe Near, Damián Árquez, Federico Olmedo, Éric Tanter
2021 arXiv   pre-print
We present Jazz, a language and type system which uses linear types and latent contextual effects to support both advanced variants of differential privacy and higher-order programming.  ...  Since the seminal design of Fuzz, which is restricted to ϵ-differential privacy, a lot of effort has been made to support more advanced variants of differential privacy, like (ϵ,δ)-differential privacy  ...  Overall, the J design makes differential privacy by typing in the presence of higher-order programming possible for advanced differential privacy variants.  ... 
arXiv:2010.11342v2 fatcat:gwgcsvx2mzewlpui56256g4noa

Duet: An Expressive Higher-order Language and Linear Type System for Statically Enforcing Differential Privacy [article]

Joseph P. Near, David Darais, Chike Abuah, Tim Stevens, Pranav Gaddamadugu, Lun Wang, Neel Somani, Mu Zhang, Nikhil Sharma, Alex Shan, Dawn Song
2019 arXiv   pre-print
We propose Duet, an expressive higher-order language, linear type system and tool for automatically verifying differential privacy of general-purpose higher-order programs.  ...  We present a core design of the Duet language and linear type system, and complete key proofs about privacy for well-typed programs.  ...  ) is embedded directly in the relational refinements of higher-order function types.  ... 
arXiv:1909.02481v1 fatcat:2yyp5n3chjcqlfwj6hsbqpde2y

Private Graph Data Release: A Survey [article]

Yang Li, Michael Purcell, Thierry Rakotoarivelo, David Smith, Thilina Ranbaduge, Kee Siong Ng
2021 arXiv   pre-print
with the limitations of Differential Privacy.  ...  Many of these mechanisms fall under natural extensions of the Differential Privacy framework to graph data, but we also investigate more general privacy formulations like Pufferfish Privacy that can deal  ...  Beyond Differential Privacy: Limitations and Alternatives As we have seen throughout this paper, differential privacy is by far the most popular framework for analyzing and designing provably private graph  ... 
arXiv:2107.04245v1 fatcat:kixgz52kejarhjt6sbrkfy4cga

Proving Differential Privacy via Probabilistic Couplings [article]

Gilles Barthe, Marco Gaboardi, Benjamin Grégoire, Justin Hsu, Pierre-Yves Strub
2017 arXiv   accepted
This logic extends the existing apRHL logic with more general rules for the Laplace mechanism and the one-sided Laplace mechanism, and new structural rules enabling pointwise reasoning about privacy; all  ...  We verify these examples in a relational program logic apRHL+, which can construct approximate couplings.  ...  We also thank him and Jonathan Ullman for good discussions about challenges and subtleties of the proof of Sparse Vector.  ... 
arXiv:1601.05047v4 fatcat:ebuijcjdzvbalcbqephgryxoyy

Locally private frequency estimation of physical symptoms for infectious disease analysis in Internet of Medical Things

Xiaotong Wu, Mohammad Reza Khosravi, Lianyong Qi, Genlin Ji, Wanchun Dou, Xiaolong Xu
2020 Computer Communications  
As a strong metric for health privacy, local differential privacy (LDP) requires that users should perturb their symptoms to prevent the risk.  ...  Then, we propose four different protocols, i.e., CMS-LDP, FCS-LDP, CS-LDP and FAS-LDP to solve the above problem. Next, we demonstrate that the designed protocols satisfy LDP and unbiased estimation.  ...  Acknowledgments Our thanks to the reviewers for their constructive comments and suggestions to improve the quality of the manuscript.  ... 
doi:10.1016/j.comcom.2020.08.015 pmid:32873996 pmcid:PMC7450982 fatcat:4vrnjhzqfrfbjcgubkejll4ln4

The Laplace Mechanism has optimal utility for differential privacy over continuous queries [article]

Natasha Fernandes and Annabelle McIver and Carroll Morgan
2021 arXiv   pre-print
Yet it has been shown that for discrete data (e.g. counting queries), a mandated degree of privacy and a reasonable interpretation of loss of utility, the Geometric obfuscating mechanism is optimal: it  ...  Differential Privacy protects individuals' data when statistical queries are published from aggregated databases: applying "obfuscating" mechanisms to the query results makes the released information less  ...  Acknowledgements We thank Catuscia Palamidessi for suggesting this problem to us. APPENDIX The appendices may be found at [15] .  ... 
arXiv:2105.07176v2 fatcat:x5rf3s7drfe67etzpacv6d3ffi

Mining frequent patterns with differential privacy

Luca Bonomi, Li Xiong
2013 Proceedings of the VLDB Endowment  
For noisy patterns, first we formally define the patterns according to the type of noise and second we provide a set of potential applications that require the mining of these patterns.  ...  Indeed the information from the patterns can be linked with a large amount of data available from other sources creating opportunities for adversaries to break the individual privacy of the users and disclose  ...  A non interactive privacy mechanism M achieves -differential privacy if for any two input sets (databases) DA and DB with symmetric difference of one (neighboring databases), and for any set of outcomes  ... 
doi:10.14778/2536274.2536329 fatcat:4ktp6m6jgzf5bkdefq7s5xbecy

Differential Privacy Preservation in Deep Learning: Challenges, Opportunities and Solutions

Jingwen Zhao, Yunfang Chen, Wei Zhang
2019 IEEE Access  
Second, in order to analyze the existing works that combine differential privacy and deep learning, we classify them by the layers differential privacy mechanism deployed, such as input layer, hidden layer  ...  Differential privacy is widely recognized in the majority of traditional scenarios for its rigorous mathematical guarantee. However, it is uncertain to work effectively in the deep learning model.  ...  Compared with single generative model, the features details will be learned with VOLUME 7, 2019 higher efficiency in each sub-model, and the noise addition will be more refined, so data utility is improved  ... 
doi:10.1109/access.2019.2909559 fatcat:zgbo63onnzcqpmzjvh5mf45gke

Probabilistic Relational Reasoning via Metrics [article]

Arthur Azevedo de Amorim, Marco Gaboardi, Justin Hsu, Shin-ya Katsumata
2019 arXiv   pre-print
We show how to extend Fuzz to capture more general relational properties of probabilistic programs, with approximate, or (ϵ, δ)-differential privacy serving as a leading example.  ...  The Fuzz programming language [Reed and Pierce, 2010] uses an elegant linear type system combined with a monad-like type to express and reason about probabilistic sensitivity properties, most notably ϵ-differential  ...  Recently, variations of differential privacy have been proposed for designing mechanisms with better accuracy.  ... 
arXiv:1807.05091v3 fatcat:rl7rwnqeb5a77h2a3mg3fylvpa

Advanced Probabilistic Couplings for Differential Privacy

Gilles Barthe, Noémie Fong, Marco Gaboardi, Benjamin Grégoire, Justin Hsu, Pierre-Yves Strub
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
Several tools have been developed for the formal verification of differentially private algorithms, including program logics and type systems.  ...  We address these limitations with a new formalism extending apRHL, a relational program logic that has been used for proving differential privacy of non-interactive algorithms, and incorporating aHL, a  ...  Additionally, there is still room for improving the expressivity of apRHL for differential privacy. One interesting example combining accuracy and privacy is the large margin mechanism [15] .  ... 
doi:10.1145/2976749.2978391 dblp:conf/ccs/BartheFGGHS16 fatcat:4ge6fousn5frrkcicmszlniboa

An event driven framework for assistive CPS environments

Fillia Makedon, Zhengyi Le, Heng Huang, Eric Becker, Dimitrios Kosmopoulos
2009 ACM SIGBED Review  
activities with differential privacy and security capabilities, recognizes events, human needs from lifestyle, and processes environmental and longitudinal health data.  ...  We present an event driven framework with event identification mechanisms that drive actuators, transform a substrate and alter human behavior in a feedback loop process that allows a human to control  ...  ACKNOWLEDGEMENT The authors would like to thank the anonymous reviewers for their valuable comments and suggestions.  ... 
doi:10.1145/1859823.1859826 fatcat:iirdtj4eofcyzhb3ywcceoz47e
« Previous Showing results 1 — 15 out of 15,289 results