Difference between revisions of "Differential privacy"
From Simson Garfinkel
Jump to navigationJump to search
m |
|||
| Line 25: | Line 25: | ||
* [https://youtu.be/rfI-I3e_LFs SIGMOD 2017 Tutorial Part 1 ( 2 - 3:30pm)] | * [https://youtu.be/rfI-I3e_LFs SIGMOD 2017 Tutorial Part 1 ( 2 - 3:30pm)] | ||
* [https://youtu.be/Uhh7QCbnE9o SIGMOD 2017 Tutorial Part 2 (4 - 5:30 pm)] | * [https://youtu.be/Uhh7QCbnE9o SIGMOD 2017 Tutorial Part 2 (4 - 5:30 pm)] | ||
===Textbook=== | |||
* [https://www.cis.upenn.edu/~aaroth/Papers/privacybook.pdf The Algorithmic Foundations of Differential Privacy] (2014), a textbook by Cynthia Dwork and Aaron Roth. The first two chapters are understable by a person who doesn't have an advanced degree in mathematics or cryptography, and it's free! | |||
===Foundational Papers=== | ===Foundational Papers=== | ||
| Line 33: | Line 37: | ||
* [http://www.cse.psu.edu/~sxr48/pubs/smooth-sensitivity-stoc.pdf Smooth Sensitivity] | * [http://www.cse.psu.edu/~sxr48/pubs/smooth-sensitivity-stoc.pdf Smooth Sensitivity] | ||
== | ==Critical Papers== | ||
===Mechanisms=== | ===Mechanisms=== | ||
* [http://www.cse.psu.edu/~ads22/pubs/NRS07/NRS07-full-draft-v1.pdf Smooth Sensitivity and Sampling in Private Data Analysis, 2007] | * [http://www.cse.psu.edu/~ads22/pubs/NRS07/NRS07-full-draft-v1.pdf Smooth Sensitivity and Sampling in Private Data Analysis, 2007] | ||
| Line 46: | Line 46: | ||
===Public Perception=== | ===Public Perception=== | ||
* Brooke Bullek, Stephanie Garboski, Darakhshan J. Mir, and Evan M. Peck. 2017. [https://dl.acm.org/citation.cfm?id=3025698 Towards Understanding Differential Privacy: When Do People Trust Randomized Response Technique?. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (CHI '17)]. ACM, New York, NY, USA, 3833-3837. DOI: https://doi.org/10.1145/3025453.3025698 | * Brooke Bullek, Stephanie Garboski, Darakhshan J. Mir, and Evan M. Peck. 2017. [https://dl.acm.org/citation.cfm?id=3025698 Towards Understanding Differential Privacy: When Do People Trust Randomized Response Technique?. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (CHI '17)]. ACM, New York, NY, USA, 3833-3837. DOI: https://doi.org/10.1145/3025453.3025698 | ||
===Philosophy=== | ===Philosophy=== | ||
* [http://repository.cmu.edu/jpc/vol7/iss3/1/ How Will Statistical Agencies Operate When All Data Are Private?], John M. Abowd, U.S. Census Bureau, Journal of Privacy and Confidentiality: Vol. 7 : Iss. 3 , Article 1. | * [http://repository.cmu.edu/jpc/vol7/iss3/1/ How Will Statistical Agencies Operate When All Data Are Private?], John M. Abowd, U.S. Census Bureau, Journal of Privacy and Confidentiality: Vol. 7 : Iss. 3 , Article 1. | ||
==Existing Applications== | |||
===On The Map, at the US Census Bureau=== | |||
* [http://www.cse.psu.edu/~duk17/papers/PrivacyOnTheMap.pdf Privacy: Theory meets Practice on the Map], Machanavajjhala, Kifer, Abowd, Gehrke, and Vilhuber, ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering, Pages 277-286 | * [http://www.cse.psu.edu/~duk17/papers/PrivacyOnTheMap.pdf Privacy: Theory meets Practice on the Map], Machanavajjhala, Kifer, Abowd, Gehrke, and Vilhuber, ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering, Pages 277-286 | ||
===RAPPOR, in Google Chrome=== | |||
* [https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/42852.pdf RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response], Erlingsson, PIhur, and Korolova, CCS’14, November 3–7, 2014, Scottsdale, Arizona, USA. | * [https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/42852.pdf RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response], Erlingsson, PIhur, and Korolova, CCS’14, November 3–7, 2014, Scottsdale, Arizona, USA. | ||
===Uber=== | |||
* https://www.wired.com/story/uber-privacy-elastic-sensitivity/ | * https://www.wired.com/story/uber-privacy-elastic-sensitivity/ | ||
== | ===Apple=== | ||
* 2016-06: [https://www.wired.com/2016/06/apples-differential-privacy-collecting-data/ Andy Greenberg's article in Wired about Apple's Differential Privacy] | |||
==Advanced Topics== | |||
| Line 79: | Line 79: | ||
http://repository.cmu.edu/jpc/vol7/iss3/1 | http://repository.cmu.edu/jpc/vol7/iss3/1 | ||
=== The Fool's Gold Controversy === | |||
== The Fool's Gold Controversy == | |||
* http://www.jetlaw.org/wp-content/uploads/2014/06/Bambauer_Final.pdf | * http://www.jetlaw.org/wp-content/uploads/2014/06/Bambauer_Final.pdf | ||
* https://github.com/frankmcsherry/blog/blob/master/posts/2016-05-19.md | * https://github.com/frankmcsherry/blog/blob/master/posts/2016-05-19.md | ||
* https://github.com/frankmcsherry/blog/blob/master/posts/2016-02-03.md | * https://github.com/frankmcsherry/blog/blob/master/posts/2016-02-03.md | ||
== Other attacks == | === Other attacks === | ||
* [http://www.cse.psu.edu/~duk17/papers/definetti.pdf Attacks on Privacy and deFinetti’s Theorem], Daniel Kifer, Penn State University, 2017 | * [http://www.cse.psu.edu/~duk17/papers/definetti.pdf Attacks on Privacy and deFinetti’s Theorem], Daniel Kifer, Penn State University, 2017 | ||
== Math== | === Math=== | ||
p for randomized response rate: | p for randomized response rate: | ||
| Line 98: | Line 95: | ||
== See Also == | == See Also == | ||
* The [https://en.wikipedia.org/wiki/Differential_privacy wikipedia article on Differential Privacy] needs help. Perhaps you would like to improve it. | * The [https://en.wikipedia.org/wiki/Differential_privacy wikipedia article on Differential Privacy] needs help. Perhaps you would like to improve it. | ||
* [[Statistical Disclosure Control]] on this wiki. | * [[Statistical Disclosure Control]] on this wiki. | ||
* [[Secure Multiparty Computation]] on this wiki. | * [[Secure Multiparty Computation]] on this wiki. | ||
* [http://www.di.fc.ul.pt/~jpn/r/noise/noise.html Visualizing Noise] (in R) | * [http://www.di.fc.ul.pt/~jpn/r/noise/noise.html Visualizing Noise] (in R) | ||
Revision as of 07:15, 10 January 2019
A few references on Differential Privacy, for people who don't want to get bogged down with the math.
Introduction
Printed Materials
- Frank McSherry's blog. Especially his 2016 post, Differential privacy for dummies.
- Introductory article by Anthony Tockar, the neustar intern who was behind the re-identificaton of the 2013 NYC taxi data release. (2014)
- Building Blocks of Privacy: Differentially Private Mechanisms (2013), Graham Cormode
Podcasts
- Cynthia Dwork on Science Friday, Crowdsourcing Data, While Keeping Yours Private. 12 minutes.
Videos
- Four Facets of Differential Privacy, Differential Privacy Symposium, Institute for Advanced Study, Princeton, Saturday, November 12. A series of talks by Cynthia Dwork, Helen Nissenbaum, Aaron Roth, Guy Rothblum, Kunal Talwar, and Jonathan Ullman. View all on the IAS YouTube channel.
- Katrina Ligett, California Institute of Technology, explains big data and differential priacy. December 17, 2013.
- Cynthia Dwork explains Differential Privacy, August 11, 2016. 86 minutes
- Christine Task at Purdue teachs the CERIAS Security Seminar on Differential Privacy, May 1, 2012. (40 min)
Textbook
- The Algorithmic Foundations of Differential Privacy (2014), a textbook by Cynthia Dwork and Aaron Roth. The first two chapters are understable by a person who doesn't have an advanced degree in mathematics or cryptography, and it's free!
Foundational Papers
- Revealing Information while Preserving Privacy, Dinur and Nissim 2003.
- Calibrating Noise to Sensitivity in Private Data Analysis, Dwork, McSherry, Nissim and Smith, 2006
Critical Papers
Mechanisms
- Smooth Sensitivity and Sampling in Private Data Analysis, 2007
- Differential Privacy for Statistics: What we Know and What we Want to Learn, 2009
- Towards Practical Differential Privacy for SQL Queries, 2017
- The matrix mechanism: optimizing linear counting queries under differential privacy, Gerome Miklau, Michael Hay, Andrew McGregor, Vibhor Rastogi,The VLDB Journal, August 2015, DOI 10.1007/s00778-015-0398-x.
Public Perception
- Brooke Bullek, Stephanie Garboski, Darakhshan J. Mir, and Evan M. Peck. 2017. Towards Understanding Differential Privacy: When Do People Trust Randomized Response Technique?. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (CHI '17). ACM, New York, NY, USA, 3833-3837. DOI: https://doi.org/10.1145/3025453.3025698
Philosophy
- How Will Statistical Agencies Operate When All Data Are Private?, John M. Abowd, U.S. Census Bureau, Journal of Privacy and Confidentiality: Vol. 7 : Iss. 3 , Article 1.
Existing Applications
On The Map, at the US Census Bureau
- Privacy: Theory meets Practice on the Map, Machanavajjhala, Kifer, Abowd, Gehrke, and Vilhuber, ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering, Pages 277-286
RAPPOR, in Google Chrome
- RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response, Erlingsson, PIhur, and Korolova, CCS’14, November 3–7, 2014, Scottsdale, Arizona, USA.
Uber
Apple
Advanced Topics
Differential Privacy and Floating Point Accuracy
Floating point math is not continuous, and differential privacy implementations that assume it is may experience a variety of errors that result in privacy loss. A discussion of the problems inherently in floating-point arithmetic can be found in Oracle's What Every Computer Scientist Should Know About Floating-Point Arithmetic, an edited reprint of the paper What Every Computer Scientist Should Know About Floating-Point Arithmetic, by David Goldberg, published in the March, 1991 issue of Computing Surveys.
- On Significance of the Least Significant Bits For Differential Privacy, Ilya Mironov, Microsoft Research, October 1, 2012.
- Preserving differential privacy under finite-precision semantics, Ivan Gazeau, Dale Miller, and Catuscia Palamidessi INRIA and LIX, Ecole Polytechnique
"How Will Statistical Agencies Operate When All Data Are Private?" (MS #1142) has been published to Journal of Privacy and Confidentiality. http://repository.cmu.edu/jpc/vol7/iss3/1
The Fool's Gold Controversy
- http://www.jetlaw.org/wp-content/uploads/2014/06/Bambauer_Final.pdf
- https://github.com/frankmcsherry/blog/blob/master/posts/2016-05-19.md
- https://github.com/frankmcsherry/blog/blob/master/posts/2016-02-03.md
Other attacks
- Attacks on Privacy and deFinetti’s Theorem, Daniel Kifer, Penn State University, 2017
Math
p for randomized response rate:
$p = \frac{e^\epsilon}{1+e^\epsilon}$
Probability that randomized response should be flipped.
See Also
- The wikipedia article on Differential Privacy needs help. Perhaps you would like to improve it.
- Statistical Disclosure Control on this wiki.
- Secure Multiparty Computation on this wiki.
- Visualizing Noise (in R)
