Differentially Private SQL with Bounded User Contribution-Reference-Cited by-同舟云学术

Differentially Private SQL with Bounded User Contribution

Published:2020-04-01 Issue:2 Volume:2020 Page:230-250
ISSN:2299-0984
Container-title:Proceedings on Privacy Enhancing Technologies
language:en
Short-container-title:

Author:

Wilson Royce J,Zhang Celia Yuxin,Lam William,Desfontaines Damien,Simmons-Marengo Daniel,Gipson Bryant

Abstract

Abstract Differential privacy (DP) provides formal guarantees that the output of a database query does not reveal too much information about any individual present in the database. While many differentially private algorithms have been proposed in the scientific literature, there are only a few end-to-end implementations of differentially private query engines. Crucially, existing systems assume that each individual is associated with at most one database record, which is unrealistic in practice. We propose a generic and scalable method to perform differentially private aggregations on databases, even when individuals can each be associated with arbitrarily many rows. We express this method as an operator in relational algebra, and implement it in an SQL engine. To validate this system, we test the utility of typical queries on industry benchmarks, and verify its correctness with a stochastic test framework we developed. We highlight the promises and pitfalls learned when deploying such a system in practice, and we publish its core components as open-source software.

Publisher

Walter de Gruyter GmbH

Subject

General Medicine

Link

https://www.sciendo.com/pdf/10.2478/popets-2020-0025

Reference42 articles.

1. [1] Kareem Amin, Alex Kulesza, Andres Munoz, and Sergei Vassilvtiskii. Bounding user contributions: A bias-variance trade-off in differential privacy. In Proceedings of the 36th International Conference on Machine Learning, PMLR 97, pages 263–271, 2019.

2. [2] Johes Bater, Xi He, William Ehrich, Ashwin Machanavajjhala, and Jennie Rogers. Shrinkwrap: Differentially-private query processing in private data federations. arXiv preprint arXiv:1810.01816, 2018.

3. [3] Michael Ben-Or and Avinatan Hassidim. The Bayesian learner is optimal for noisy binary search (and pretty good for quantum as well). In 2008 49th Annual IEEE Symposium on Foundations of Computer Science, pages 221–230. IEEE, 2008.

4. [4] Benjamin Bichsel, Timon Gehr, Dana Drachsler-Cohen, Petar Tsankov, and Martin Vechev. DP-finder: Finding differential privacy violations by sampling and optimization. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 508–524. ACM, 2018.

5. [5] Vincent Bindschaedler, Reza Shokri, and Carl A Gunter. Plausible deniability for privacy-preserving data synthesis. Proceedings of the VLDB Endowment, 10(5):481–492, 2017.

Cited by 58 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Secure Noise Sampling for DP in MPC with Finite Precision;Proceedings of the 19th International Conference on Availability, Reliability and Security;2024-07-30

2. Uldp-FL: Federated Learning with Across-Silo User-Level Differential Privacy;Proceedings of the VLDB Endowment;2024-07

3. Menhir: An Oblivious Database with Protection against Access and Volume Pattern Leakage;Proceedings of the 19th ACM Asia Conference on Computer and Communications Security;2024-07

4. SLIM-View: Sampling and Private Publishing of Multidimensional Databases;Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy;2024-06-19

5. Comparing lagged impacts of mobility changes and environmental factors on COVID-19 waves in rural and urban India: a Bayesian spatiotemporal modelling study;2024-06-14