A model for data revelation

Slides:

Advertisements

Similar presentations

Ulams Game and Universal Communications Using Feedback Ofer Shayevitz June 2006.

Advertisements

Nash Equilibrium: Illustrations

CPSC 455/555 Combinatorial Auctions, Continued… Shaili Jain September 29, 2011.

Secure Multiparty Computations on Bitcoin

Auctions. Strategic Situation You are bidding for an object in an auction. The object has a value to you of $20. How much should you bid? Depends on auction.

Bidding Strategy and Auction Design Josh Ruffin, Dennis Langer, Kevin Hyland and Emmet Ferriter.

Game Theory in Wireless and Communication Networks: Theory, Models, and Applications Lecture 6 Auction Theory Zhu Han, Dusit Niyato, Walid Saad, Tamer.

A Prior-Free Revenue Maximizing Auction for Secondary Spectrum Access Ajay Gopinathan and Zongpeng Li IEEE INFOCOM 2011, Shanghai, China.

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.

Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.

Preference Elicitation Partial-revelation VCG mechanism for Combinatorial Auctions and Eliciting Non-price Preferences in Combinatorial Auctions.

Enhancing Secrecy With Channel Knowledge

Bounds on Code Length Theorem: Let l ∗ 1, l ∗ 2,..., l ∗ m be optimal codeword lengths for a source distribution p and a D-ary alphabet, and let L ∗ be.

BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.

Poorvi Vora/CTO/IPG/HP 01/03 1 The channel coding theorem and the security of binary randomization Poorvi Vora Hewlett-Packard Co.

Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.

Chapter Seventeen Auctions. Who Uses Auctions? u Owners of art, cars, stamps, machines, mineral rights etc. u Q: Why auction? u A: Because many markets.

Evaluating Hypotheses

1 Chapter 1 Introduction. 2 Outline 1.1 A Very Abstract Summary 1.2 History 1.3 Model of the Signaling System 1.4 Information Source 1.5 Encoding a Source.

Lecture 2: Basic Information Theory Thinh Nguyen Oregon State University.

and Lecture Notes in Game Theory1 Game Theory Applications: Lecture Notes Course Website u Galina.

Ad Exchanges: Research Issues S. Muthukrishnan Google Inc. Presented by Tova Wiener, CS286r 11/16/2009.

Information Theory and Security Prakash Panangaden McGill University First Canada-France Workshop on Foundations and Practice of Security Montréal 2008.

STATISTIC & INFORMATION THEORY (CSNB134)

Social Networking and On-Line Communities: Classification and Research Trends Maria Ioannidou, Eugenia Raptotasiou, Ioannis Anagnostopoulos.

1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.

Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.

A Few Simple Applications to Cryptography Louis Salvail BRICS, Aarhus University.

Sequences of Take-It-or-Leave-it Offers: Near-Optimal Auctions Without Full Valuation Revelation Tuomas Sandholm and Andrew Gilpin Carnegie Mellon University.

Provable Unlinkability Against Traffic Analysis Amnon Ta-Shma Joint work with Ron Berman and Amos Fiat School of Computer Science, Tel-Aviv University.

Information Coding in noisy channel error protection:-- improve tolerance of errors error detection: --- indicate occurrence of errors. Source.

Error Coding Transmission process may introduce errors into a message.  Single bit errors versus burst errors Detection:  Requires a convention that.

Rei Safavi-Naini University of Calgary Joint work with: Hadi Ahmadi iCORE Information Security.

1 Private codes or Succinct random codes that are (almost) perfect Michael Langberg California Institute of Technology.

Massive Data Sets and Information Theory Ziv Bar-Yossef Department of Electrical Engineering Technion.

1 Lecture 7 System Models Attributes of a man-made system. Concerns in the design of a distributed system Communication channels Entropy and mutual information.

Multi-Party Proofs and Computation Based in part on materials from Cornell class CS 4830.

Quantum Cryptography Antonio Acín

Joshi, Sun, Vora Sumit Joshi, Yu-An Sun, Poorvi Vora The George Washington University The Privacy Cost of the Second Chance Offer.

PROJECT DOMAIN : NETWORK SECURITY Project Members : M.Ananda Vadivelan & E.Kalaivanan Department of Computer Science.

Toward An Understanding of Self-Organization of Markets Yougui Wang Department of Systems Science, School of Management, Beijing Normal University, Beijing.

Chapter 10 Confidence Intervals for Proportions © 2010 Pearson Education 1.

Virtual University of Pakistan

Public Key Encryption Major topics The RSA scheme was devised in 1978

Auctions and Competitive Bidding

Cryptographic Hash Function

Comp/Math 553: Algorithmic Game Theory Lecture 09

Tuomas Sandholm Computer Science Department Carnegie Mellon University

Auction Theory.

Game Theory in Wireless and Communication Networks: Theory, Models, and Applications Lecture 6 Auction Theory Zhu Han, Dusit Niyato, Walid Saad, Tamer.

COT 5611 Operating Systems Design Principles Spring 2012

COT 5611 Operating Systems Design Principles Spring 2014

Qianyi Huang, Yixin Tao, and Fan Wu

A Brief Introduction to Information Theory

Game Theory in Wireless and Communication Networks: Theory, Models, and Applications Lecture 2 Bayesian Games Zhu Han, Dusit Niyato, Walid Saad, Tamer.

Chapter 6 Confidence Intervals.

Using Secret Key to Foil an Eavesdropper

Preference elicitation/ iterative mechanisms

Information-Theoretic Security

Confidence Intervals for Proportions

Interactive Proofs and Secure Multi-Party Computation

One Way Functions Motivation Complexity Theory Review, Motivation

Some open questions: aggregation and privacy protection Coding, information theory and signal processing Du, Kargupta, Vora.

Information Theoretical Analysis of Digital Watermarking

Confidence Intervals for the Mean (Large Samples)

Chapter 6 Confidence Intervals.

CPS Preference elicitation/ iterative mechanisms

Some contents are borrowed from Adam Smith’s slides

A Light-weight Oblivious Transfer Protocol Based on Channel Noise

Presentation transcript:

A model for data revelation Poorvi Vora Dept. of Computer Science George Washington University

“Security” frameworks Binary Divide the world into trusted and untrusted parties Provides complete revelation of information or complete protection E.g. multiparty computation, encrypted data 2/27/2019 Poorvi Vora/CS/GWU

Even a statistic or aggregate reveals “private” information Secure multiparty computation reveals f(x1, x2, .. xn) And nothing more. Yet, this reveals information about all xi Thus, typical security assurances not enough 2/27/2019 Poorvi Vora/CS/GWU

What is privacy Control over information Extent of information revelation Tensions between: Access to aggregate information for community Vs. Individual control reputation vs. predjudice 2/27/2019 Poorvi Vora/CS/GWU

Information is often given up for something in return Individual control requires more than binary security of personal information Information is often given up for something in return Safeway card Monthly charge to be kept of phone books Information for community statistics: Health statistics Collaborative filtering/personalization in virtual communities 2/27/2019 Poorvi Vora/CS/GWU

A model: introduce uncertainty maximum uncertainty (i. e A model: introduce uncertainty maximum uncertainty (i.e. secrecy) corresponds to crypto protocols Alice and Bob determine: a binary data point from Alice’s personal information, x a probability of truth, p a return, y Alice reveals a variable z = x with probability p Bob provides, in return, y z exists in the ether as Alice’s value x with probability p This is not mutually exclusive with cryptographic protection (p=0.5 is cryptographic) Used in public health community for twenty odd years 2/27/2019 Poorvi Vora/CS/GWU

Outcome Protocol is a mathematical game between Alice and Bob Optimal situation not when no information is revealed, but when Alice gets maximum benefit for her information Think about this: should women in Africa test for HIV when they will certainly not obtain any treatment for it? 2/27/2019 Poorvi Vora/CS/GWU

An analogy The protocol is a communication channel The sender is Alice, the receiver (malicious?) Bob The probability of error is the probability of a lie 2/27/2019 Poorvi Vora/CS/GWU

Security properties of randomization Repeated queries Error  0 as n   And n   as Error  0 Cost to attacker increases without bound if error not bounded above zero This is a repetition code over channel 2/27/2019 Poorvi Vora/CS/GWU

Other attacks Query 1: Graying? Query 2: Balding? Query 3: Weight? Query 4: Sports? Really asking about age and gender How does one characterize all such attacks? What can one say about security wrt such attacks? 2/27/2019 Poorvi Vora/CS/GWU

An analogy The attributes that Bob wants to determine form the message The protocol is a communication channel The sender is Alice, the receiver (malicious?) Bob The probability of error is the probability of a lie The attributes that Bob wants to determine form the message 2/27/2019 Poorvi Vora/CS/GWU

A simple attack Query 1: Female? Query 2: Over 40? Query 3: Losing Calcium? Query 3 checks answers to Query 1 and 2 Is a parity-check it 2/27/2019 Poorvi Vora/CS/GWU

An analogy All attacks are communication over channel Good attacks are codes What Bob queries is a codeword bit What he receives is the transmitted codeword that he decodes 2/27/2019 Poorvi Vora/CS/GWU

Shannon’s theorems apply In fact, assuming any functions of Alice’s data points as queries (adaptive, related queries) and error probability  0 as n  The number of queries required per bit of entropy is asymptotically tightly bound below by the inverse of the channel capacity Above this bound, error tends exponentially to 0 Below it, it increases exponentially with n 2/27/2019 Poorvi Vora/CS/GWU

Questions How does one determine the entropy of a particular data set, or a general data set? What kinds of attacks are computationally feasible? This was a very powerful attacker. What are reasonable limits on the attacker’s abilities? Result in itself, independent of model. Partly published at Int. Symp. Info. Theory, 2003 Journal paper in review, at website 2/27/2019 Poorvi Vora/CS/GWU

Value-free model Human rights aspects covered through crypto protocols Necessary health information and community information can be gathered Consumer behaviour treated through this game Criticism: very adversarial model 2/27/2019 Poorvi Vora/CS/GWU

Another application: anonymous delivery Crowds: Reiter and Rubin/Lucent and AT&T At node i+1: node i more likely than any other Receiver: Node i+1 Message: sending node Received symbol: Node i Channel characteristic: Probability that true sender is Node i, Probability that other nodes are senders Traffic analysis/data mining: correlations among senders (communication across channel, less efficient than some error-correcting code) B A E C D N nodes; pf probability of forwarding 2/27/2019 Poorvi Vora/CS/GWU

An example of model use to measure the value of information with Yu-An Sun and Sumit Joshi Auction bids reveal much about an individual’s profile Consider the Vickrey – sealed second highest bid – auction Optimal strategy: to bid one’s valuation Bids (and hence valuations) can be protected with secure multiparty computation But, bids allow determination of market demand (efficient markets) Need for an aggregate value, not well-defined at the moment of the auction 2/27/2019 Poorvi Vora/CS/GWU

Variably Private Vickrey – Bidding Round Introduce uncertainty The seller announces a minimum sale price and a maximum randomization setting. Each bidder submits a sealed interval containing her bid. The size of the interval is her choice. In the running with high end, committed to low 2/27/2019 Poorvi Vora/CS/GWU

Variably Private Vickrey – Revealing Round Bidders not in the running will reveal no more information on their valuations. Largest of the others will reveal which half of their interval contains valuation 2/27/2019 Poorvi Vora/CS/GWU

{ Sale Price Buyer pays Seller gets Divided among all bidders proportional to the interval width 2/27/2019 Poorvi Vora/CS/GWU

Properties? Provides various demand statistics In general, accuracy of future bid estimation lower for more uncertainty Allows for bidder to vary uncertainty, and pay for it Allows seller to obtain more than regular Vickrey, depending on how much information is valued Bidder with highest valuation still wins auction as long as she can tolerate revealing her valuation to the extent required. 2/27/2019 Poorvi Vora/CS/GWU

Summary A model that we hope will: Provide choices not currently typically available to users Extend the security framework to include problems like those in statistical databases Provide a means of measuring uncertainty in situations where there is some not none or complete Include other leakage from security-related protocols such as anonymous delivery and ciphers Be useful for measuring the economic value of information 2/27/2019 Poorvi Vora/CS/GWU