2016.6.2. - A hospital has a database of patient records, each record containing a binary value indicating whether or not the patient has cancer. -suppose.

Slides:



Advertisements
Similar presentations
I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Advertisements

Publishing Set-Valued Data via Differential Privacy Rui Chen, Concordia University Noman Mohammed, Concordia University Benjamin C. M. Fung, Concordia.
Differentially Private Recommendation Systems Jeremiah Blocki Fall A: Foundations of Security and Privacy.
Simulatability “The enemy knows the system”, Claude Shannon CompSci Instructor: Ashwin Machanavajjhala 1Lecture 6 : Fall 12.
Secure Distributed Framework for Achieving -Differential Privacy Dima Alhadidi, Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi Concordia Institute.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 8 04/04/2011 Security and Privacy in Cloud Computing.
Concepts of Database Management Seventh Edition
1 Privacy in Microdata Release Prof. Ravi Sandhu Executive Director and Endowed Chair March 22, © Ravi Sandhu.
Privacy Enhancing Technologies
Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.
Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.
The University of Akron Dept of Business Technology Computer Information Systems The Relational Model: Query-By-Example (QBE) 2440: 180 Database Concepts.
Mutual Information Mathematical Biology Seminar
Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)
Privacy without Noise Yitao Duan NetEase Youdao R&D Beijing China CIKM 2009.
Foundations of Privacy Lecture 11 Lecturer: Moni Naor.
Differential Privacy (2). Outline  Using differential privacy Database queries Data mining  Non interactive case  New developments.
PRIVACY CRITERIA. Roadmap Privacy in Data mining Mobile privacy (k-e) – anonymity (c-k) – safety Privacy skyline.
Preserving Privacy in Clickstreams Isabelle Stanton.
A Guide to SQL, Seventh Edition. Objectives Retrieve data from a database using SQL commands Use compound conditions Use computed columns Use the SQL.
Database Access Control & Privacy: Is There A Common Ground? Surajit Chaudhuri, Raghav Kaushik and Ravi Ramamurthy Microsoft Research.
Database Laboratory Regular Seminar TaeHoon Kim.
Differentially Private Data Release for Data Mining Benjamin C.M. Fung Concordia University Montreal, QC, Canada Noman Mohammed Concordia University Montreal,
Task 1: Privacy Preserving Genomic Data Sharing Presented by Noman Mohammed School of Computer Science McGill University 24 March 2014.
Differentially Private Transit Data Publication: A Case Study on the Montreal Transportation System Rui Chen, Concordia University Benjamin C. M. Fung,
Multiplicative Weights Algorithms CompSci Instructor: Ashwin Machanavajjhala 1Lecture 13 : Fall 12.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.
Foundations of Privacy Lecture 6 Lecturer: Moni Naor.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 16 10/11/2011 Security and Privacy in Cloud Computing.
Differential Privacy - Apps Presented By Nikhil M Chandrappa 1.
APPLYING EPSILON-DIFFERENTIAL PRIVATE QUERY LOG RELEASING SCHEME TO DOCUMENT RETRIEVAL Sicong Zhang, Hui Yang, Lisa Singh Georgetown University August.
CS573 Data Privacy and Security Statistical Databases
Data Publishing against Realistic Adversaries Johannes Gerhrke Cornell University Ithaca, NY Michaela Götz Cornell University Ithaca, NY Ashwin Machanavajjhala.
Computer Security: Principles and Practice
Differentially Private Data Release for Data Mining Noman Mohammed*, Rui Chen*, Benjamin C. M. Fung*, Philip S. Yu + *Concordia University, Montreal, Canada.
Differentially Private Marginals Release with Mutual Consistency and Error Independent of Sample Size Cynthia Dwork, Microsoft TexPoint fonts used in EMF.
Refined privacy models
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 5 – Database Security.
Personalized Social Recommendations – Accurate or Private? A. Machanavajjhala (Yahoo!), with A. Korolova (Stanford), A. Das Sarma (Google) 1.
Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security.
Hybrid l-Diversity* Mehmet Ercan NergizMuhammed Zahit GökUfuk Özkanlı
Access 2007 ® Use Databases How can Microsoft Access 2007 help you structure your database?
Privacy Framework for RDF Data Mining Master’s Thesis Project Proposal By: Yotam Aron.
PRISM: Private Retrieval of the Internet’s Sensitive Metadata Ang ChenAndreas Haeberlen University of Pennsylvania.
Lesson 01: Introduction to Database Software. At the end of this lesson, students should be able to: State the usage of database software. Start a database.
Privacy vs. Utility Xintao Wu University of North Carolina at Charlotte Nov 10, 2008.
A hospital has a database of patient records, each record containing a binary value indicating whether or not the patient has some form of.
Differential Privacy Some contents are borrowed from Adam Smith’s slides.
Privacy-preserving data publishing
Probabilistic km-anonymity (Efficient Anonymization of Large Set-valued Datasets) Gergely Acs (INRIA) Jagdish Achara (INRIA)
Differential Privacy (1). Outline  Background  Definition.
Differential Privacy Xintao Wu Oct 31, Sanitization approaches Input perturbation –Add noise to data –Generalize data Summary statistics –Means,
1 Differential Privacy Cynthia Dwork Mamadou H. Diallo.
Yang, et al. Differentially Private Data Publication and Analysis. Tutorial at SIGMOD’12 Part 4: Data Dependent Query Processing Methods Yin “David” Yang.
Unraveling an old cloak: k-anonymity for location privacy
Privacy-safe Data Sharing. Why Share Data? Hospitals share data with researchers – Learn about disease causes, promising treatments, correlations between.
Output Perturbation with Query Relaxation By: XIAO Xiaokui and TAO Yufei Presenter: CUI Yingjie.
Sergey Yekhanin Institute for Advanced Study Lower Bounds on Noise.
Reconciling Confidentiality Risk Measures from Statistics and Computer Science Jerry Reiter Department of Statistical Science Duke University.
Privacy-preserving Release of Statistics: Differential Privacy
Designing Private Forums
Differential Privacy in Practice
Current Developments in Differential Privacy
Inference and Flow Control
Differential Privacy (2)
Published in: IEEE Transactions on Industrial Informatics
Some contents are borrowed from Adam Smith’s slides
Differential Privacy (1)
Differential Privacy.
Presentation transcript:

- A hospital has a database of patient records, each record containing a binary value indicating whether or not the patient has cancer. -suppose an adversary is only allowed to use a particular form of query S(i) that returns the sum of the first i rows of the second column patienthas cancer Amy0 Tom1 Jack1 Differential privacy address the question of, given the total number of patients with cancer, whether or not an adversary can learn if a particular individual has cancer. -Suppose he also knows Jack is in the last row of the database -If Jack has cancer? S(3)-S(2)

Difference privacy model is derived from a very simple observation: When the dataset D contains an individual, for example, Alice. Then do arbitrary query f (for example, count, sum, average, median, or other queries etc.) and get result f (D). If after deleting Alice from D the result of the query is still f(D). This means Alice’s message won’t be leaked. Differential privacy aims to provide means to maximize the accuracy of queries from datasets while minimizing the chances of identifying its records. Differential Privacy

xi xi’ D1 D2 Database neighbors

k-anonymity and its expansion model (l-diversity 、 t-closeness…) can’t provide enough security Differential privacy doesn’t consider any possible background attackers have

Laplace Mechanism Gaussian Mechanism (probabilistic) Exponential Mechanism

A sports event is going to be held. The items are selected from the set {football, volleyball, basketball, tennis}. Participants voted for this. Now choosing an item and ensure that the entire decision-making process to meet the ε- difference privacy. Set the number of votes as the utility function, obviously Δu = 1. According to the exponential mechanism, given privacy budget ε, we can calculate the output probability of various items, as shown in the Table. itemuε=0ε=0.1ε=1 Football Volleyball Basketball e-05 Tennis e-07

Privacy Preserving Data Release (PPDR)  Interactive data release  Non-interactive data release Query 1 Query i … DP Raw data all query results Purified datasets

Gergely Acs INRIA Claude Castelluccia INRIA

 Record linkage  Attribute linkage  Table linkage  A probabilistic attack

 CDR dataset -- French telecom company Orange  1,992,846 users  1303 towers  989 IRIS cells  10/09/ /09/2007 (one week)

 Aim : Release the time series of IRIS cells without leaking privacy : the number of individuals at L in the (t+1)th hour of the week  Method: time series of all IRIS cells sanitized version satisfies Differential Privacy

for a given privacy level, the magnitude of noise can be substantially reduced by using several optimizations and by customizing the anonymization mechanisms to the public characteristics of datasets and applications.

Pre-sampling = l Computing the largest covering cells select at most l of visits per user

Perturbation  the similarity of geographically close time series → Clustering cells  periodic nature → add Gaussian noise to DCT low-frequency components

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.