liftings for differential privacy and f divergences
play

-Liftings for Differential Privacy and f -Divergences Gilles - PowerPoint PPT Presentation

Jun 15, 2023 •169 likes •668 views

-Liftings for Differential Privacy and f -Divergences Gilles Barthe, Thomas Espitau, Justin Hsu, Tetsuya Sato, Pierre-Yves Strub 1 Differential privacy: probabilistic program property 2 Differential privacy: probabilistic program property

  1. ⋆ -Liftings for Differential Privacy and f -Divergences Gilles Barthe, Thomas Espitau, Justin Hsu, Tetsuya Sato, Pierre-Yves Strub 1

  2. Differential privacy: probabilistic program property 2

  3. Differential privacy: probabilistic program property 2

  4. Differential privacy: probabilistic program property Output depends only a little on any single individual’s data 2

  5. More formally Definition (Dwork, McSherry, Nissim, Smith) An algorithm is ( ǫ, δ ) -differentially private if, for every two adjacent inputs, the output distributions µ 1 , µ 2 satisfy: ∆ ǫ ( µ 1 , µ 2 ) ≤ δ � for all sets S , µ 1 ( S ) ≤ e ǫ · µ 2 ( S ) + δ 3

  6. More formally Definition (Dwork, McSherry, Nissim, Smith) An algorithm is ( ǫ, δ ) -differentially private if, for every two adjacent inputs, the output distributions µ 1 , µ 2 satisfy: ∆ ǫ ( µ 1 , µ 2 ) ≤ δ � for all sets S , µ 1 ( S ) ≤ e ǫ · µ 2 ( S ) + δ Behaves well under composition: “ ǫ and δ add up” Sequentially composing an ( ǫ, δ ) -private program and an ( ǫ ′ , δ ′ ) -private program is ( ǫ + ǫ ′ , δ + δ ′ ) -private. 3

  7. How to verify this property? Use ideas from probabilistic bisimulation ◮ ∆ ǫ ( µ 1 , µ 2 ) ≤ δ means “approximately similar” ◮ Composition ⇐ ⇒ approximate probabilistic bisimulation 4

  8. How to verify this property? Use ideas from probabilistic bisimulation ◮ ∆ ǫ ( µ 1 , µ 2 ) ≤ δ means “approximately similar” ◮ Composition ⇐ ⇒ approximate probabilistic bisimulation Foundation for many styles of program verification ◮ Linear and dependent type systems ◮ Product program constructions ◮ Relational program logics 4

  9. Review: Probabilistic Liftings and Approximate Liftings 5

  10. Probabilistic liftings Lift a binary relation R on pairs S × T to a relation � R � on distributions Distr ( S ) × Distr ( T ) Definition (Larsen and Skou) Let R ⊆ S × T be a relation. Two distributions are related µ 1 � R � µ 2 if there exists a witness η ∈ Distr ( S × T ) such that: 1. π 1 ( η ) = µ 1 and π 2 ( η ) = µ 2 , 2. η ( s, t ) > 0 only when ( s, t ) ∈ R . 6

  11. Probabilistic liftings Lift a binary relation R on pairs S × T to a relation � R � on distributions Distr ( S ) × Distr ( T ) Definition (Larsen and Skou) Let R ⊆ S × T be a relation. Two distributions are related µ 1 � R � µ 2 if there exists a witness η ∈ Distr ( S × T ) such that: 1. π 1 ( η ) = µ 1 and π 2 ( η ) = µ 2 , 2. η ( s, t ) > 0 only when ( s, t ) ∈ R . Example µ 1 � = � µ 2 is equivalent to µ 1 = µ 2 . 6

  12. An equivalent definition via Strassen’s theorem Theorem (Strassen 1965) Let R ⊆ S × T be a relation. Then µ 1 � R � µ 2 if and only if: for all subsets A ⊆ S , µ 1 ( A ) ≤ µ 2 ( R ( A )) 7

  13. An equivalent definition via Strassen’s theorem Theorem (Strassen 1965) Let R ⊆ S × T be a relation. Then µ 1 � R � µ 2 if and only if: for all subsets A ⊆ S , µ 1 ( A ) ≤ µ 2 ( R ( A )) 7

  14. Approximate liftings Intuition ◮ Approximately relate two distributions µ 1 and µ 2 ◮ Add numeric indexes ( ǫ, δ ) to lifting Want: ◮ Given R ⊆ S × T , lift to � R � ( ǫ,δ ) ⊆ Distr ( S ) × Distr ( T ) ◮ µ 1 � = � ( ǫ,δ ) µ 2 should be equivalent to ∆ ǫ ( µ 1 , µ 2 ) ≤ δ 8

  15. Approximate liftings Intuition ◮ Approximately relate two distributions µ 1 and µ 2 ◮ Add numeric indexes ( ǫ, δ ) to lifting Want: ◮ Given R ⊆ S × T , lift to � R � ( ǫ,δ ) ⊆ Distr ( S ) × Distr ( T ) ◮ µ 1 � = � ( ǫ,δ ) µ 2 should be equivalent to ∆ ǫ ( µ 1 , µ 2 ) ≤ δ 8

  16. Approximate liftings Intuition ◮ Approximately relate two distributions µ 1 and µ 2 ◮ Add numeric indexes ( ǫ, δ ) to lifting Want: ◮ Given R ⊆ S × T , lift to � R � ( ǫ,δ ) ⊆ Distr ( S ) × Distr ( T ) ◮ µ 1 � = � ( ǫ,δ ) µ 2 should be equivalent to ∆ ǫ ( µ 1 , µ 2 ) ≤ δ 8

  17. Previous definitions: “Existential” Let R ⊆ S × T be a binary relation. Two distributions are related by µ 1 � R � ( ǫ,δ ) µ 2 if: 9

  18. Previous definitions: “Existential” Let R ⊆ S × T be a binary relation. Two distributions are related by µ 1 � R � ( ǫ,δ ) µ 2 if: One witness (Barthe, Köpf, Olmedo, Zanella-Béguelin) There exists η ∈ Distr ( S × T ) such that 1. π 1 ( η ) = µ 1 and π 2 ( η ) ≤ µ 2 , 2. η ( s, t ) > 0 only when ( s, t ) ∈ R , 3. ∆ ǫ ( µ 1 , π 1 ( η )) ≤ δ . 9

  19. Previous definitions: “Existential” Let R ⊆ S × T be a binary relation. Two distributions are related by µ 1 � R � ( ǫ,δ ) µ 2 if: One witness (Barthe, Köpf, Olmedo, Zanella-Béguelin) There exists η ∈ Distr ( S × T ) such that 1. π 1 ( η ) = µ 1 and π 2 ( η ) ≤ µ 2 , 2. η ( s, t ) > 0 only when ( s, t ) ∈ R , 3. ∆ ǫ ( µ 1 , π 1 ( η )) ≤ δ . Two witnesses (Barthe and Olmedo) There exists η L , η R ∈ Distr ( S × T ) such that 1. π 1 ( η L ) = µ 1 and π 2 ( η R ) = µ 2 , 2. η L ( s, t ) , η R ( s, t ) > 0 only when ( s, t ) ∈ R , 3. ∆ ǫ ( η L , η R ) ≤ δ . 9

  20. Previous definitions: “Universal” Let R ⊆ S × T be a binary relation. Two distributions are related by µ 1 � R � ( ǫ,δ ) µ 2 if: 10

  21. Previous definitions: “Universal” Let R ⊆ S × T be a binary relation. Two distributions are related by µ 1 � R � ( ǫ,δ ) µ 2 if: No witnesses (Sato) For all subsets A ⊆ S , we have µ 1 ( A ) ≤ e ǫ · µ 2 ( R ( A )) + δ 10

  22. Which definition is the “right” one? Definitions support different properties and constructions PW-Eq Up-to-bad Acc. Bd. Subset Mapping Adv. Comp. 1 -witness ? ? Yes ? ? ? 2 -witness Yes Almost* No Almost* Almost* Yes Universal Yes Yes Yes Yes Yes ? 11

  23. Which definition is the “right” one? Definitions support different properties and constructions PW-Eq Up-to-bad Acc. Bd. Subset Mapping Adv. Comp. 1 -witness ? ? Yes ? ? ? 2 -witness Yes Almost* No Almost* Almost* Yes Universal Yes Yes Yes Yes Yes ? Broad tradeoff: How general? ◮ Less general: less compositional ◮ More general: harder to prove properties about 11

  24. Our work: ⋆ -Liftings, Equivalences, and an approximate Strassen’s theorem 12

  25. New definition: ⋆ -liftings Generalize 2 -witness lifting by adding a new point Let R ⊆ S × T be a binary relation, and let A ⋆ = A ∪ { ⋆ } . Two distributions are related by µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if: There exists η L , η R ∈ Distr ( S ⋆ × T ⋆ ) such that 1. π 1 ( η L ) = µ 1 and π 2 ( η R ) = µ 2 , 2. η L ( s, t ) , η R ( s, t ) > 0 only when ( s, t ) ∈ R or s = ⋆ or t = ⋆ , 3. ∆ ǫ ( η L , η R ) ≤ δ . 13

  26. New definition: ⋆ -liftings Generalize 2 -witness lifting by adding a new point Let R ⊆ S × T be a binary relation, and let A ⋆ = A ∪ { ⋆ } . Two distributions are related by µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if: There exists η L , η R ∈ Distr ( S ⋆ × T ⋆ ) such that 1. π 1 ( η L ) = µ 1 and π 2 ( η R ) = µ 2 , 2. η L ( s, t ) , η R ( s, t ) > 0 only when ( s, t ) ∈ R or s = ⋆ or t = ⋆ , 3. ∆ ǫ ( η L , η R ) ≤ δ . Intuition ◮ ⋆ is a default point for tracking “unimportant” mass 13

  27. Why is ⋆ -lifting a good definition? Previously known (??) ⇒ One-witness Two-witness Universal 14

  28. Why is ⋆ -lifting a good definition? Previously known (??) ⇒ One-witness Two-witness Universal ⋆ -liftings unify known approximate liftings ⇐ ⇒ ⇐ ⇒ One-witness ⋆ -lifting Universal 14

  29. Approximate version of Strassen’s theorem ⋆ -liftings are equivalent to “universal” approximate liftings Theorem Let S, T be discrete (countable) sets, and let R ⊆ S × T be a relation. Then µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if and only if: for all sets A ⊆ S , µ 1 ( A ) ≤ e ǫ · µ 2 ( R ( A )) + δ 15

  30. Approximate version of Strassen’s theorem ⋆ -liftings are equivalent to “universal” approximate liftings Theorem Let S, T be discrete (countable) sets, and let R ⊆ S × T be a relation. Then µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if and only if: for all sets A ⊆ S , µ 1 ( A ) ≤ e ǫ · µ 2 ( R ( A )) + δ Theorem (Strassen 1965) Let R ⊆ S × T be a relation. Then µ 1 � R � µ 2 if and only if: for all subsets A ⊆ S , µ 1 ( A ) ≤ µ 2 ( R ( A )) 15

  31. Approximate version of Strassen’s theorem ⋆ -liftings are equivalent to “universal” approximate liftings Theorem Let S, T be discrete (countable) sets, and let R ⊆ S × T be a relation. Then µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if and only if: for all sets A ⊆ S , µ 1 ( A ) ≤ e ǫ · µ 2 ( R ( A )) + δ Theorem (Strassen 1965) Let R ⊆ S × T be a relation. Then µ 1 � R � µ 2 if and only if: for all subsets A ⊆ S , µ 1 ( A ) ≤ µ 2 ( R ( A )) 15

  32. Proof sketch (universal lifting implies ⋆ -lifting) Theorem Let S, T be discrete (countable) sets, and let R ⊆ S × T be a relation. Then µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if and only if: for all sets A ⊆ S , µ 1 ( A ) ≤ e ǫ · µ 2 ( R ( A )) + δ 16

  33. Proof sketch (universal lifting implies ⋆ -lifting) Theorem Let S, T be discrete (countable) sets, and let R ⊆ S × T be a relation. Then µ 1 � R ⋆ � ( ǫ,δ ) µ 2 if and only if: for all sets A ⊆ S , µ 1 ( A ) ≤ e ǫ · µ 2 ( R ( A )) + δ Define a flow network ◮ Nodes 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between Probabilistic Programs Gilles Barthe Federico Olmedo IMDEA Software Institute, Madrid, Spain 40 th International Colloquium on Automata, Languages

514 views • 32 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor

Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor

Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor University of Minnesota 1 Differential privacy? Isnt it just adding noise? How to add smart noise to guarantee privacy without sacrificing

592 views • 57 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques

Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques

CS573 Data Privacy and Security Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques Composition theorems Statistical Data Privacy Non-interactive vs interactive Privacy goal: individual is

1.15k views • 64 slides
Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New

Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New

Differential Privacy and Fairness: Foundations and New Frontiers Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New Settings - Pan Privacy - Privacy in multi-party settings - Fairness Outline

947 views • 49 slides
CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong Applying Differential Privacy Real world deployments of differential privacy OnTheMap RAPPOR Module 4 Tutorial: Differential Privacy in the Wild

617 views • 30 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy Alexandra Wood Berkman Klein Center for Internet & Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole Polytechnique 1 Plan of the talk General introduction to privacy issues A naive approach to privacy protection: anonymization Why it

740 views • 44 slides
Implementing Differential Privacy & Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy & Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy & Side-channel attacks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 14 : 590.03 Fall 12 1 Outline Differential Privacy Implementations PINQ: Privacy Integrated Queries [McSherry SIGMOD

1.22k views • 40 slides
Algorithms for Differential Privacy: Exponential & Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential & Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential & Median Mechanism CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 7 : 590.03 Fall 12 1 Recap: Differential Privacy For every pair of inputs For every output that differ in one

445 views • 29 slides
Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka

Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka

Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka Differential Privacy A randomized computation M provides -differential privacy if for any datasets A and B that differ by 1 record and any set of

193 views • 17 slides
Satisfy Legal Definitions of Privacy? The Case of FERPA and Differential Privacy CS

Satisfy Legal Definitions of Privacy? The Case of FERPA and Differential Privacy CS

Do Computer Science Definitions of Privacy Satisfy Legal Definitions of Privacy? The Case of FERPA and Differential Privacy CS LAW Kobbi Nissim Ben-Gurion University Center for Research on Computation and Society

865 views • 62 slides
Mobile Data Collection and Analysis with Local Differential Privacy - Part 1 Ninghui Li (Purdue

Mobile Data Collection and Analysis with Local Differential Privacy - Part 1 Ninghui Li (Purdue

Mobile Data Collection and Analysis with Local Differential Privacy - Part 1 Ninghui Li (Purdue University) 1 Outline Motivation of Differential Privacy and Local Differential Privacy (LDP) Frequency Oracles in LDP Tradeoff between

821 views • 53 slides
Differential Privacy and Applications Marco Gaboardi Boston University Recap Foundamental Law

Differential Privacy and Applications Marco Gaboardi Boston University Recap Foundamental Law

Differential Privacy and Applications Marco Gaboardi Boston University Recap Foundamental Law of Information Reconstruction The release of too many overly accurate statistics gives privacy violations. ( , )-Differential Privacy

1.26k views • 76 slides
Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 ,

Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 ,

Introduction Differential Privacy under Dependent Data Conclusion and Future Work Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 , Supriyo Chakraborty 2 , Prateek Mittal 1 Email: 1 { cl12, pmittal }

512 views • 38 slides
ASTR/PHYS 1060 Final Exam Study Guide Midterm 1 Material (~30%) Sun, Moon, and Earth How

ASTR/PHYS 1060 Final Exam Study Guide Midterm 1 Material (~30%) Sun, Moon, and Earth How

ASTR/PHYS 1060 Final Exam Study Guide Midterm 1 Material (~30%) Sun, Moon, and Earth How does the night sky change based on your location on the Earth? Why do stars rise at different times during the year? What causes the seasons?

525 views • 4 slides
The Ne w Ec onom y Doc t r i ne : W ha t The Cour t Sa i d Re a di ng t he

The Ne w Ec onom y Doc t r i ne : W ha t The Cour t Sa i d Re a di ng t he

I T a nd Publ i c Pol i c y Nov. 4, 2004 Hi s t or y The M i c r os of t Ca s e The Ne w Ec onom y Doc t r i ne : W ha t The Cour t Sa i d Re a di ng t he Le ga l Te a Le a ve s Pol

211 views • 10 slides
Associated Services 1 Agenda Presentation (30 min) Questions (15 min) 2 Mission Statement To

Associated Services 1 Agenda Presentation (30 min) Questions (15 min) 2 Mission Statement To

Supplier Briefing RM6068 Technology Products & Associated Services 1 Agenda Presentation (30 min) Questions (15 min) 2 Mission Statement To be the route of choice that meets our customers commodity technology product needs.

242 views • 23 slides
Thorny Issues in Software Requirements Sponsored by: Karl Wiegers Principal Consultant, Process

Thorny Issues in Software Requirements Sponsored by: Karl Wiegers Principal Consultant, Process

Thorny Issues in Software Requirements Sponsored by: Karl Wiegers Principal Consultant, Process Impact www.processimpact.com Sponsor: iRise iRise is transforming the way businesses around the world define and build software. Interactive

523 views • 27 slides
STACKED STAR FORMATION RATE PROFILES OF BURSTY GALAXIES EXHIBIT COHERENT STAR FORMATION

STACKED STAR FORMATION RATE PROFILES OF BURSTY GALAXIES EXHIBIT COHERENT STAR FORMATION

STACKED STAR FORMATION RATE PROFILES OF BURSTY GALAXIES EXHIBIT COHERENT STAR FORMATION GalFresca 2017, Pasadena, CA August 25, 2017 Matt Orr Dr. Philip F. Hopkins TAPIR | California Institute of Technology At high z (~1), observations

402 views • 21 slides
Chiral Symmetry Restoration and Deconfinement in Neutron Stars Vernica Dexheimer 1.

Chiral Symmetry Restoration and Deconfinement in Neutron Stars Vernica Dexheimer 1.

Chiral Symmetry Restoration and Deconfinement in Neutron Stars Vernica Dexheimer 1. Motivation Having a model that can be used for: small temperatures and high densities neutron stars high temperatures and small densities heavy ion

386 views • 19 slides
Neutralino dark dark matter annihilation matter annihilation Neutralino in the first stars

Neutralino dark dark matter annihilation matter annihilation Neutralino in the first stars

Neutralino dark dark matter annihilation matter annihilation Neutralino in the first stars stars in the first (Divertissement in D # major for stars & DM in the early Universe) Fabio Iocco Institut de Physique Theorique, CEA/Saclay

390 views • 19 slides
Evaluating Variability in the Implementation of Surgical Time-Outs Lawrence, S; Hechenbleikner,

Evaluating Variability in the Implementation of Surgical Time-Outs Lawrence, S; Hechenbleikner,

Evaluating Variability in the Implementation of Surgical Time-Outs Lawrence, S; Hechenbleikner, E; Cane, S; Boyle, L; Al-Refaie, W MedStar-Georgetown Surgical Outcomes Research Center 2016 Academic Surgical Congress 1 2016 Disclosure Slide

180 views • 6 slides

More recommend