comments
This commit is contained in:
parent
e96ed6505f
commit
1db17eb90f
@ -185,7 +185,7 @@ Its local variant~\cite{duchi2013local} is compatible with microdata, where $D$
|
||||
|
||||
We refer the interested reader to~\cite{desfontaines2020sok} for a systematic taxonomy of the different variants and extensions of differential privacy.
|
||||
|
||||
\kat{introduce and link to the previous text the following definition }
|
||||
\kat{introduce and link to the previous text the following definition}
|
||||
|
||||
\begin{definition}
|
||||
[Query function sensitivity]
|
||||
@ -199,13 +199,13 @@ The presence/absence of a single record can only change the result slightly\kat{
|
||||
However, sum and max \kat{and average } queries can be problematic since a single (but outlier) value could change the output noticeably, making it necessary to add a lot of noise to the query's answer.
|
||||
\kat{How does the following connects to the query's sensitivity?}Furthermore, asking a series of queries may allow the disambiguation between possible data sets, making it necessary to add even more noise to the outputs.
|
||||
For this reason, after a series of queries exhausts the available privacy budget \kat{you have not talked about the sequential theorem, so this comes out of the blue} the data set has to be discarded.
|
||||
\kat{THe following is an explanation of the previous. When you restate sth in different words for explanation, please say that you do so, otherwise it is not clear what new you want to convey.}Keeping the original guarantee across multiple queries that require different/new answers requires the injection of noise proportional to the number of the executed queries, and thus destroying the utility of the output.
|
||||
\kat{THe following is an explanation of the previous. When you restate sth in different words for explanation, please say that you do so, otherwise it is not clear what new you want to convey.}Keeping the original guarantee across multiple queries that return different/new answers \kat{why only different?even the same query multiple times would have the same results} requires the injection of noise proportional to the number of the executed queries, and thus destroying the utility of the output.
|
||||
|
||||
\paragraph{Privacy mechanisms}
|
||||
\label{subsec:prv-mech}
|
||||
A typical example of a differential privacy mechanism is the \emph{Laplace mechanism}~\cite{dwork2014algorithmic}.
|
||||
It draws randomly a value from the probability distribution of $\textrm{Laplace}(\mu, b)$, where $\mu$ stands for the location parameter and $b > 0$ the scale parameter (Figure~\ref{fig:laplace}).
|
||||
Here, $\mu$ is equal to the original output value of a query function, and $b$ is the sensitivity of the query function divided by $\varepsilon$.
|
||||
It draws randomly a value from the probability distribution of $\textrm{Laplace}(\mu, b)$, where $\mu$ stands for the location parameter and $b > 0$ is the scale parameter (Figure~\ref{fig:laplace}).
|
||||
In our case, $\mu$ is equal to the original output value of a query function, and $b$ is the sensitivity of the query function divided by $\varepsilon$.
|
||||
The Laplace mechanism works for any function with range the set of real numbers.
|
||||
A specialization of this mechanism for location data is the \emph{Planar Laplace mechanism}~\cite{andres2013geo}, which is based on a multivariate Laplace distribution.
|
||||
|
||||
@ -218,7 +218,7 @@ A specialization of this mechanism for location data is the \emph{Planar Laplace
|
||||
|
||||
For query functions that do not return a real number, e.g.,~`What is the most visited country this year?' or in cases where perturbing the value of the output will completely destroy its utility, e.g.,~`What is the optimal price for this auction?', most works in the literature use the \emph{Exponential mechanism}~\cite{mcsherry2007mechanism}.
|
||||
This mechanism utilizes a utility function $u$ that maps (input data set $D$, output value $r$) pairs to utility scores, and selects an output value $r$ from the input pairs, with probability proportional to $\exp(\frac{\varepsilon u(D, r)}{2\Delta u})$,
|
||||
where $\Delta u$ is the sensitivity of the utility function.
|
||||
where $\Delta u$ is the sensitivity of the utility \kat{what is the utility function?} function.
|
||||
|
||||
Another technique for differential privacy mechanisms is the \emph{randomized response}~\cite{warner1965randomized}.
|
||||
It is a privacy-preserving survey method that introduces probabilistic noise to the statistics of a research by randomly instructing respondents to answer truthfully or `Yes' to a sensitive, binary question.
|
||||
|
Loading…
Reference in New Issue
Block a user