Filters








1,365 Hits in 5.9 sec

Quantifying Privacy Leakage through Answering Database Queries [chapter]

Hsu Tsan-sheng, Liau Churn-Jung, Wang Da-Wei, Jeremy K.-P. Chen
2002 Lecture Notes in Computer Science  
The value of information is then defined as the expected gain of the privacy receiver and the privacy is protected by imposing costs on the answers of the queries for balancing the gain.  ...  Inspired by decision theory, we present a quantitative model for the privacy protection problem in such a database query or linkage environment in this paper.  ...  To avoid the leakage of privacy, the data center may correspondingly raise the cost of answering a query so that the information value for the company is counter-balanced.  ... 
doi:10.1007/3-540-45811-5_12 fatcat:ee5fwucgz5d3lhr4cjtzmawsvm

A Differentially Private Mechanism of Optimal Utility for a Region of Priors [chapter]

Ehab ElSalamouny, Konstantinos Chatzikokolakis, Catuscia Palamidessi
2013 Lecture Notes in Computer Science  
Differential privacy is usually achieved by using mechanisms that add random noise to the query answer.  ...  The notion of differential privacy has emerged in the area of statistical databases as a measure of protection of the participants' sensitive information, which can be compromised by selected queries.  ...  Section 4 shows that for all -regular priors on the exact answers (resp. databases), -differential privacy induces an upper bound on the utility (resp. on the min-entropy leakage).  ... 
doi:10.1007/978-3-642-36830-1_3 fatcat:sl4w5yzowzacxmxjj5yngdispm

Unexpected Information Leakage of Differential Privacy Due to Linear Property of Queries [article]

Wen Huang, Shijie Zhou, Yongjian Liao
2020 arXiv   pre-print
By different divisions of one query, attackers can obtain multiple different answers for the query from differential privacy mechanisms.  ...  In this paper, we find that the differential privacy does not take liner property of queries into account, resulting in unexpected information leakage.  ...  Theâ i is an answer of the target query q({x} ∪ D know ), which will be proved in next subsection. Through another subset D j ⊂ D know , attackers can get another answer of the target query.  ... 
arXiv:2010.08958v1 fatcat:5b6sc5py7ff75ld6si5lmshvou

Quantitative Approaches to the Protection of Private Information: State of the Art and Some Open Challenges [chapter]

Catuscia Palamidessi
2015 Lecture Notes in Computer Science  
Second, it should not be possible for the adversary to distinguish, from the answer to the query, whether a certain individual is present or not in the database.  ...  The idea is that, first, the access to the data should be allowed only through a query-based interface.  ...  Such techniques aim at quantifying the leakage of secret information through the observation of some public event, and have been successfully applied in several application contexts, such as programs,  ... 
doi:10.1007/978-3-662-46666-7_1 fatcat:zzfb52ih55az5hrxbcjgafzzvi

On the Relation between Differential Privacy and Quantitative Information Flow [chapter]

Mário S. Alvim, Miguel E. Andrés, Konstantinos Chatzikokolakis, Catuscia Palamidessi
2011 Lecture Notes in Computer Science  
The idea is that a randomized query satisfies differential privacy if the likelihood of obtaining a certain answer for a database x is not too different from the likelihood of obtaining the same answer  ...  Nowadays, one of the most established approaches to quantify and to reason about leakage is based on the Rényi min entropy version of information theory.  ...  A query is a function f : X → Y, where X is the set of all possible databases, and Y is the domain of the answers.  ... 
doi:10.1007/978-3-642-22012-8_4 fatcat:ao2anze3zfazvekfzm7j7l4lme

On the relation between identifiability, differential privacy, and mutual-information privacy

Weina Wang, Lei Ying, Junshan Zhang
2014 2014 52nd Annual Allerton Conference on Communication, Control, and Computing (Allerton)  
Under a privacy-distortion framework, where the distortion is defined to be the expected Hamming distance between the input and output databases, we establish some fundamental connections between these  ...  This paper investigates the relation between three different notions of privacy: identifiability, differential privacy and mutual-information privacy.  ...  Under our setting, the information leakage we need to quantify is between the input database X and the output database Y .  ... 
doi:10.1109/allerton.2014.7028576 dblp:conf/allerton/WangYZ14 fatcat:njgqkad7ezfefcpiynuzt6ysmu

On the Relation Between Identifiability, Differential Privacy, and Mutual-Information Privacy

Weina Wang, Lei Ying, Junshan Zhang
2016 IEEE Transactions on Information Theory  
Under a privacy-distortion framework, where the distortion is defined to be the expected Hamming distance between the input and output databases, we establish some fundamental connections between these  ...  This paper investigates the relation between three different notions of privacy: identifiability, differential privacy and mutual-information privacy.  ...  Under our setting, the information leakage we need to quantify is between the input database X and the output database Y .  ... 
doi:10.1109/tit.2016.2584610 fatcat:shucuy6uxzfrfkib6zdoj4krri

On the information leakage of differentially-private mechanisms

Mário S. Alvim, Miguel E. Andrés, Konstantinos Chatzikokolakis, Pierpaolo Degano, Catuscia Palamidessi
2015 Journal of Computer Security  
Differentially-private mechanisms are often oblivious: first the query is processed on the database to produce a true answer, and then this answer is adequately randomized before being reported to the  ...  Differential privacy aims at protecting the privacy of participants in statistical databases.  ...  On one hand, privacy demands the minimization of the amount of information about the database (and, in particular, about individuals) revealed through the randomized answers.  ... 
doi:10.3233/jcs-150528 fatcat:c4yap72w4bgp7izl7w2cddrtyi

Generalized Differential Privacy: Regions of Priors That Admit Robust Optimal Mechanisms [chapter]

Ehab ElSalamouny, Konstantinos Chatzikokolakis, Catuscia Palamidessi
2014 Lecture Notes in Computer Science  
Differential privacy is a notion of privacy that was initially designed for statistical databases, and has been recently extended to a more general class of domains.  ...  In this paper we consider the problem of identifying optimal mechanisms for generalized differential privacy, i.e. mechanisms that maximize the utility for a given level of privacy.  ...  Section 4 shows that for all d Y -regular priors on the true answers (resp. databases), d Y -privacy induces an upper bound on the utility (resp. on the min-entropy leakage).  ... 
doi:10.1007/978-3-319-06880-0_16 fatcat:ebpmcsap7feqdookuc3howdice

User-centric Privacy Engineering for the Internet of Things

Mahmoud Barhamgi, Charith Perera, Chirine Ghedira, Djamal Benslimane
2018 IEEE Cloud Computing  
In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users.  ...  User privacy concerns are widely regarded as a key obstacle to the success and the wide adoption of modern smart cyber-physical systems.  ...  The trade-off decision is taken based on two factors: the privacy risks associated with answering the query q of the data consumer d, and the benefits generated by the query answering.  ... 
doi:10.1109/mcc.2018.053711666 fatcat:hn2geveuh5dvbinpivsmv6lpeq

A Distributed Privacy-Utility Tradeoff Method Using Distributed Lossy Source Coding with Side Information

2017 KSII Transactions on Internet and Information Systems  
The first result is that both the source rate and the privacy leakage decrease with the increase of source distortion.  ...  This paper proposes a distributed privacy-utility tradeoff method using distributed lossy source coding with side information, and quantitatively gives the privacy-utility tradeoff region and Rate-Distortion-Leakage  ...  Differential privacy requires that the answer to any query be "probabilistically indistinguishable" with or without a particular row in the database.  ... 
doi:10.3837/tiis.2017.05.026 fatcat:atducffy35f3rm7i46ekevso4e

Access control over uncertain data

Vibhor Rastogi, Dan Suciu, Evan Welbourne
2008 Proceedings of the VLDB Endowment  
Privacy Policy 821 Permission to make digital or hard copies of portions of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or  ...  The definition is not constructive: in order to answer a query ψ on a probabilistic database P DB, A(P DB, ψ), a direct application of the definition requires us to quantify over all other probabilistic  ...  The privacy metric P measures the amount of systematic leakage: it is the mean leakage for all tuples ti for which the context ci is 0.  ... 
doi:10.14778/1453856.1453945 fatcat:d2yhscilvffwvd2rxedpak7iee

Quantitative Security Analysis (Dagstuhl Seminar 12481)

Boris Köpf, Paquale Malacaria, Catuscia Palamidessi, Marc Herbstritt
2013 Dagstuhl Reports  
Finally I show that the same analysis implies tight upper-bounds for the min-entropy leakage about the database through any differentially private mechanism.  ...  Differential privacy is a formal privacy guarantee that ensures that sensitive information relative to individuals cannot be easily inferred by disclosing answers to aggregate queries.  ... 
doi:10.4230/dagrep.2.11.135 dblp:journals/dagstuhl-reports/KopfMP12 fatcat:zlrdsjynqnfv3ehvlybivdnwre

Quantifying Membership Privacy via Information Leakage [article]

Sara Saeidian
2020 arXiv   pre-print
The Schur-concavity of this leakage implies that increased consensus among teachers in labeling a query reduces its associated privacy cost.  ...  Specifically, we propose to use a conditional form of the notion of maximal leakage to quantify the information leaking about individual data entries in a dataset, i.e., the entrywise information leakage  ...  Another potential application is in privacy thresholding schemes where queries which are expensive in terms of privacy will not be answered at all.  ... 
arXiv:2010.05965v1 fatcat:bpr3yntllrfqnj4ekd5cmc22ne

The Capacity of Single-Server Weakly-Private Information Retrieval [article]

Hsuan-Yin Lin, Siddhartha Kumar, Eirik Rosnes, Alexandre Graell i Amat, Eitan Yaakobi
2021 arXiv   pre-print
Existing information-theoretic PIR protocols ensure perfect privacy, i.e., zero information leakage to the servers storing the database, but at the cost of high download.  ...  We study the tradeoff between the download cost and information leakage in terms of mutual information (MI) and maximal leakage (MaxL) privacy metrics.  ...  This is a valid query design, since for each m ∈ [M], we have q∈Qw P Qw|M (q|m) = q∈Qw : m∈χ(q) P Qw|M (q|m) = 1. 2) Answer Construction: The answer function ϕ maps the query q ∈ Q w onto A = ϕ(q, X [M  ... 
arXiv:2001.08727v3 fatcat:4c5k7elly5hgpkrl7dhytmkzay
« Previous Showing results 1 — 15 out of 1,365 results