Preserving differential privacy under finite-precision semantics

Ivan Gazeau 1, 2 Dale Miller 2 Catuscia Palamidessi 1
1 COMETE - Concurrency, Mobility and Transactions
LIX - Laboratoire d'informatique de l'École polytechnique [Palaiseau], Inria Saclay - Ile de France, Polytechnique - X, CNRS - Centre National de la Recherche Scientifique : UMR7161
2 PARSIFAL - Proof search and reasoning with logic specifications
LIX - Laboratoire d'informatique de l'École polytechnique [Palaiseau], Inria Saclay - Ile de France, Polytechnique - X, CNRS - Centre National de la Recherche Scientifique : UMR7161
Abstract : The approximation introduced by finite-precision representation of continuous data can induce ar- bitrarily large information leaks even when the computation using exact semantics is secure. Such leakage can thus undermine design efforts aimed at protecting sensitive information. We focus here on differential privacy, an approach to privacy that emerged from the area of statistical databases and is now widely applied also in other domains. In this approach, privacy is protected by the addition of noise to a true (private) value. To date, this approach to privacy has been proved correct only in the ideal case in which computations are made using an idealized, infinite-precision semantics. In this paper, we analyze the situation at the implementation level, where the semantics is necessarily finite- precision, i.e. the representation of real numbers and the operations on them, are rounded according to some level of precision. We show that in general there are violations of the differential privacy property, and we study the conditions under which we can still guarantee a limited (but, arguably, totally acceptable) variant of the property, under only a minor degradation of the privacy level. Fi- nally, we illustrate our results on two cases of noise-generating distributions: the standard Laplacian mechanism commonly used in differential privacy, and a bivariate version of the Laplacian recently introduced in the setting of privacy-aware geolocation.
Type de document :
Communication dans un congrès
Luca Bortolussi and Herbert Wiklicky. QAPL - 11th International Workshop on Quantitative Aspects of Programming Languages and Systems, Mar 2013, Rome, Italy. Open Publishing Association, 117, pp.1-18, 2013, Electronic Proceedings in Theoretical Computer Science. 〈10.4204/EPTCS.117.1〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00780774
Contributeur : Catuscia Palamidessi <>
Soumis le : lundi 16 juin 2014 - 03:41:59
Dernière modification le : jeudi 9 février 2017 - 15:05:57
Document(s) archivé(s) le : mardi 16 septembre 2014 - 11:00:27

Fichier

diff_priv.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Ivan Gazeau, Dale Miller, Catuscia Palamidessi. Preserving differential privacy under finite-precision semantics. Luca Bortolussi and Herbert Wiklicky. QAPL - 11th International Workshop on Quantitative Aspects of Programming Languages and Systems, Mar 2013, Rome, Italy. Open Publishing Association, 117, pp.1-18, 2013, Electronic Proceedings in Theoretical Computer Science. 〈10.4204/EPTCS.117.1〉. 〈hal-00780774v2〉

Partager

Métriques

Consultations de
la notice

383

Téléchargements du document

105