Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Distributed Framework for Achieving -Differential Privacy Dima Alhadidi, Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi Concordia Institute.

Similar presentations


Presentation on theme: "Secure Distributed Framework for Achieving -Differential Privacy Dima Alhadidi, Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi Concordia Institute."— Presentation transcript:

1 Secure Distributed Framework for Achieving -Differential Privacy Dima Alhadidi, Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi Concordia Institute for Information Systems Engineering Concordia University, Montreal, Quebec, Canada {dm_alhad,no_moham,fung,debbabi}@encs.concordia.ca

2 2 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

3 3 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

4 4 6/24/2012 Motivation IndividualsData PublisherAnonymization Algorithm Data Recipients Centralized Distributed

5 5 6/24/2012 Motivation Distributed: Vertically-Partitioned IDJob 1Writer 2Dancer 3Writer 4Dancer 5Engineer 6 7 8Dancer 9Lawyer 10Lawyer IDSexSalary 1M30K 2M25K 3M35K 4F37K 5F65K 6F35K 7M30K 8F44K 9M 10F44K

6 6 6/24/2012 Motivation Distributed: Vertically-Partitioned IDJobSexSalary 1WriterM30K 2DancerM25K 3WriterM35K 4DancerF37K 5EngineerF65K 6EngineerF35K 7EngineerM30K 8DancerF44K 9LawyerM44K 10LawyerF44K

7 7 6/24/2012 Motivation Distributed: Horizontally-Partitioned IDJobSexAgeSurgery 1JanitorM34Transgender 2LawyerF58Plastic 3MoverM58Urology 4LawyerM24Vascular 5MoverM34Transgender 6JanitorM44Plastic 7DoctorF44Vascular IDJobSexAgeSurgery 8DoctorM58Plastic 9DoctorM24Urology 10JanitorF63Vascular 11MoverF63Plastic

8 8 6/24/2012 Motivation Distributed: Horizontally-Partitioned IDJobSexAgeSurgery 1JanitorM34Transgender 2LawyerF58Plastic 3MoverM58Urology 4LawyerM24Vascular 5MoverM34Transgender 6JanitorM44Plastic 7DoctorF44Vascular 8DoctorM58Plastic 9DoctorM24Urology 10JanitorF63Vascular 11MoverF63Plastic

9 9 6/24/2012 Motivation Distributed: Horizontally-Partitioned IDJobSexAgeSurgery 1JanitorM34Transgender 2LawyerF58Plastic 3MoverM58Urology 4LawyerM24Vascular 5MoverM34Transgender 6JanitorM44Plastic 7DoctorF44Vascular 8DoctorM58Plastic 9DoctorM24Urology 10JanitorF63Vascular 11MoverF63Plastic

10 10 6/24/2012 Motivation Distributed: Horizontally-Partitioned IDJobSexAgeSurgery 1JanitorM34Transgender 2LawyerF58Plastic 3MoverM58Urology 4LawyerM24Vascular 5MoverM34Transgender 6JanitorM44Plastic 7DoctorF44Vascular 8DoctorM58Plastic 9DoctorM24Urology 10JanitorF63Vascular 11MoverF63Plastic

11 11 6/24/2012 Motivation Distributed: Horizontally-Partitioned IDJobSexAgeSurgery 1JanitorM34Transgender 2LawyerF58Plastic 3MoverM58Urology 4LawyerM24Vascular 5MoverM34Transgender 6JanitorM44Plastic 7DoctorF44Vascular 8DoctorM58Plastic 9DoctorM24Urology 10JanitorF63Vascular 11MoverF63Plastic

12 12 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

13 13 6/24/2012 Problem Statement Desideratum to develop a two-party data publishing algorithm for horizontally-partitioned data which : –achieves differential privacy and –satisfies the security definition of secure multiparty computation (SMC).

14 14 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

15 15 6/24/2012 Related Work Algorithms Data OwnerPrivacy Model Centralized Distributed Differential Privacy Partition- based Privacy HorizontallyVertically LeFevre et al., Fung et al., etc  Xiao et al., Mohammed et al., etc.  Jurczyk and Xiong, Mohammed et al.  Jiang and Clifton, Mohammed et al.  Our proposal 

16 16 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

17 17 6/24/2012 k-Anonymity

18 18 6/24/2012 k-Anonymity Quasi-identifier (QID)

19 19 6/24/2012 k-Anonymity 3-anonymous patient table JobSexAgeDisease ProfessionalMale[36-40]Fever ProfessionalMale[36-40]Fever ProfessionalMale[36-40]Hepatitis ArtistFemale[30-35]Flu ArtistFemale[30-35]Hepatitis ArtistFemale[30-35]Hepatitis ArtistFemale[30-35]Hepatitis

20 20 6/24/2012 Differential Privacy D D

21 21 6/24/2012 Laplace Mechanism D

22 22 6/24/2012 Exponential Mechanism McSherry and Talwar have proposed the exponential mechanism that can choose an output that is close to the optimum with respect to a utility function while preserving differential privacy.

23 23 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

24 24 6/24/2012 Two-Party Differentially Private Data Release Generalizing the raw data Adding noisy count

25 25 6/24/2012 Generalizing the raw data Distributed Exponential Mechanism (DEM)

26 26 6/24/2012 Generalization Distributed Exponential Mechanism (DEM)

27 27 6/24/2012 Adding Noisy Count Each party adds a Laplace noise to its count. Each party sends the result to the other party.

28 28 6/24/2012 Two-Party Protocol for Exponential Mechanism Input: 1.Two raw data sets by two parties 2.Set of candidates 3.Privacy budget Output : Winner candidate

29 29 6/24/2012 Max Utility Function IDClassJobSexAgeSurgery 1NJanitorM34Transgender 2YLawyerF58Plastic 3YMoverM58Urology 4NLawyerM24Vascular 5YMoverM34Transgender 6YJanitorM44Plastic 7YDoctorF44Vascular Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar D1D1

30 30 6/24/2012 Max Utility Function Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar D2D2 IDClassJobSexAgeSurgery 8NDoctorM58Plastic 9YDoctorM24Urology 10YJanitorF63Vascular 11YMoverF63Plastic

31 31 6/24/2012 Max Utility Function Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar IDClassJobSexAgeSurgery 1NJanitorM34Transgender 2YLawyerF58Plastic 3YMoverM58Urology 4NLawyerM24Vascular 5YMoverM34Transgender 6YJanitorM44Plastic 7YDoctorF44Vascular 8NDoctorM58Plastic 9YDoctorM24Urology 10YJanitorF63Vascular 11YMoverF63Plastic D 1 & D 2

32 32 6/24/2012 Computing Max Utility Function Blue-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

33 33 6/24/2012 Computing Max Utility Function max=1 Blue-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

34 34 6/24/2012 Computing Max Utility Function max=1 Blue-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

35 35 6/24/2012 Computing Max Utility Function max=5, sum=5 Blue-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

36 36 6/24/2012 Computing Max Utility Function sum=5 White-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

37 37 6/24/2012 Computing Max Utility Function max=2, sum=5 White-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

38 38 6/24/2012 Computing Max Utility Function max=2, sum=5 White-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar

39 39 6/24/2012 Computing Max Utility Function max=3, sum=8 White-collar Max Class JobData Set YN 531Blue-collar D1D1 21White-collar 320Blue-collar D2D2 11White-collar 851Blue-collar Integrated D 1 and D 2 32White-collar Result: Shares  1 and  2

40 40 6/24/2012 Computing the Exponential Equation Given the scores of all the candidates, exponential mechanism selects the candidate having score u with the following probability: Shares  1 and  2

41 41 6/24/2012 Computing the Exponential Equation = Taylor Series =

42 42 6/24/2012 Computing the Exponential Equation Lowest common multiplier of {2!,…,w!}, no fraction Approximating up to a predetermined number s after the decimal point

43 43 6/24/2012 Computing the Exponential Equation No fraction

44 44 6/24/2012 Computing the Exponential Equation Oblivious Polynomial Evaluation First Party Second Party Result First Party Second Party

45 45 6/24/2012 Computing the Exponential Equation Second Party First Party

46 46 6/24/2012 Computing the Exponential Equation 01 0.5 0.3 0.20.7 Picking a random number [0,1]

47 47 6/24/2012 Computing the Exponential Equation 0 Picking a random number [0, ]

48 48 6/24/2012 Picking a Random Number Second Party Random Value Protocol [Bunn and Ostrovsky 2007] First Party Second Party First Party

49 49 6/24/2012 Picking a Winner

50 50 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

51 51 6/24/2012 Performance Analysis –Adult: is a Census data 6 numerical attributes. 8 categorical attributes. 45,222 census records –Cost Estimates 37.5 minutes of computation 37.3 minutes of communication using T1 line with 1.544 Mbits/second bandwidth.

52 52 6/24/2012 Scaling Impact

53 53 6/24/2012 Outline Motivation Problem Statement Related Work Background Two-Party Differentially Private Data Release Performance Analysis Conclusion

54 54 6/24/2012 Conclusion Data release algorithm –Two-party –Differentially-private –Secure –Horizontally-partitioned –Non-interactive setting

55 55 6/24/2012 Future Work Consider different scenarios –Two parties vs. multiple parties –Semi-honest vs. malicious adversary model –Horizontally vs. Vertically partitioned data For all these scenarios, we need efficient algorithms


Download ppt "Secure Distributed Framework for Achieving -Differential Privacy Dima Alhadidi, Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi Concordia Institute."

Similar presentations


Ads by Google