manos/the-last-thing
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

text: OCD

Browse Source
This commit is contained in:
Manos Katsomallos 2021-10-22 16:29:34 +02:00
parent 9432e8a5ef
commit 31a58c93e1
2 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
text/preliminaries/data.tex
View File

@ -86,44 +86,44 @@ We further define two sub-categories applicable to both finite and infinite data
\subsection{Data processing and publishing}
\label{subsec:data-publishing}
We categorize data processing and publishing based on what entity has access to the raw data in the \emph{global} and \emph{local} models.
We categorize data processing and publishing based on what entity has access to the raw data in the \emph{global} and \emph{local} schemes.
% \kat{what does the implemented scheme refer to?}
% \mk{These are the bullet points... I change it}
\begin{itemize}
\item \emph{Global model} (Figure~\ref{fig:model-global}) dictates the collection, processing and privacy-protection, and then publishing of the data by a central (trusted) entity, e.g.,~\cite{mcsherry2009privacy, blocki2013differentially, johnson2018towards}.
\item \emph{Local model} (Figure~\ref{fig:model-local}) requires the storage, processing and privacy-protection of data on the side of data generators before sending them to any intermediate or final entity, e.g.,~\cite{andres2013geo, erlingsson2014rappor, katsomallos2017open}.
\item \emph{Global scheme} (Figure~\ref{fig:scheme-global}) dictates the collection, processing and privacy-protection, and then publishing of the data by a central (trusted) entity, e.g.,~\cite{mcsherry2009privacy, blocki2013differentially, johnson2018towards}.
\item \emph{Local scheme} (Figure~\ref{fig:scheme-local}) requires the storage, processing and privacy-protection of data on the side of data generators before sending them to any intermediate or final entity, e.g.,~\cite{andres2013geo, erlingsson2014rappor, katsomallos2017open}.
\end{itemize}
\begin{figure}[htp]
\centering
\subcaptionbox{Global model\label{fig:model-global}}{%
\includegraphics[width=\linewidth]{preliminaries/model-global}%
\subcaptionbox{Global scheme\label{fig:scheme-global}}{%
\includegraphics[width=\linewidth]{preliminaries/scheme-global}%
} \\ \bigskip
\subcaptionbox{Local model\label{fig:model-local}}{%
\includegraphics[width=\linewidth]{preliminaries/model-local}%
\subcaptionbox{Local scheme\label{fig:scheme-local}}{%
\includegraphics[width=\linewidth]{preliminaries/scheme-local}%
}
\caption{The usual flow of user-generated data, optionally harvested by data publishers, privacy-protected, and released to data consumers, according to the (a)~global, and (b)~local privacy models.}
\label{fig:privacy-models}
\caption{The usual flow of user-generated data, optionally harvested by data publishers, privacy-protected, and released to data consumers, according to the (a)~global, and (b)~local privacy schemes.}
\label{fig:privacy-schemes}
\end{figure}
In the case of location data privacy,
% the existing literature\kat{do not say literature, but sth related to the data processing and publishing}
data processing and publishing methods are divided in \emph{service-} and \emph{data-}centric~\cite{chow2011trajectory}.
The service-centric methods correspond to scenarios where individuals share their privacy-protected location with a service to get some relevant information (local publishing model).
The data-centric methods relate to the publishing of user-generated data to data consumers (global publishing model).
The service-centric methods correspond to scenarios where individuals share their privacy-protected location with a service to get some relevant information (local publishing scheme).
The data-centric methods relate to the publishing of user-generated data to data consumers (global publishing scheme).
% \kat{I do not get the data-centric methods.. Can't data-centric be also service centric ? E.g., we publish our data to get back some service? Moreover, what is exactly the link between local and global and service and data centric? One to one ?}
% \mk{You've just described service-centric :) }
There is a long-standing debate whether the local or the global architectural model is more efficient with respect to not only privacy, but also organizational, economic, and security factors~\cite{king1983centralized}.
On the one hand, in the global privacy model (Figure~\ref{fig:model-global}), the dependence on third-party entities poses the risk of arbitrary privacy leakage from a compromised data publisher.
There is a long-standing debate whether the local or the global architectural scheme is more efficient with respect to not only privacy, but also organizational, economic, and security factors~\cite{king1983centralized}.
On the one hand, in the global privacy scheme (Figure~\ref{fig:scheme-global}), the dependence on third-party entities poses the risk of arbitrary privacy leakage from a compromised data publisher.
Nonetheless, the expertise of these entities is usually superior to that of the majority of (non-technical) data generators' in terms of understanding privacy permissions/\allowbreak policies and setting-up relevant preferences.
Moreover, in the global architecture, less distortion is necessary before publicly releasing the aggregated data set, naturally because the data sets are larger and users can be `hidden' more easily.
On the other hand, the local privacy model (Figure~\ref{fig:model-local}) facilitates fine-grained data management, offering to every individual better control over their data~\cite{goldreich1998secure}.
On the other hand, the local privacy scheme (Figure~\ref{fig:scheme-local}) facilitates fine-grained data management, offering to every individual better control over their data~\cite{goldreich1998secure}.
Nonetheless, data distortion at an early stage might prove detrimental to the overall utility of the aggregated data set.
The so far consensus is that there is no overall optimal solution among the two designs.
Most service-providing companies prefer the global model, mainly for reasons of better management and control over the data, while several privacy advocates support the local privacy model that offers users full control over what and how data are published.
Although there have been attempts to bridge the gap between them, e.g.,~\cite{bittau2017prochlo}, the global model is considerably better explored and implemented~\cite{satyanarayanan2017emergence}.
Most service-providing companies prefer the global scheme, mainly for reasons of better management and control over the data, while several privacy advocates support the local privacy scheme that offers users full control over what and how data are published.
Although there have been attempts to bridge the gap between them, e.g.,~\cite{bittau2017prochlo}, the global scheme is considerably better explored and implemented~\cite{satyanarayanan2017emergence}.
% For this reason, most of the works in our work span this context.
% \kat{this last sentence is out of context for the thesis dissertation. Please, explain why you said all that, but w.r.t. the thesis.}
% \mk{Omitting it seems to resolve the issue}

1
text/problem/main.tex
View File

@ -1,6 +1,5 @@
\chapter{{\Thething} privacy}
\label{ch:lmdk-prv}
% Crowdsensing applications
The plethora of sensors currently embedded in personal devices and other infrastructures have paved the way for the development of numerous \emph{crowdsensing services} (e.g.,~Ring~\cite{ring}, TousAntiCovid~\cite{tousanticovid}, Waze~\cite{waze}, etc.) based on the collected personal, and usually geotagged and timestamped data.
% Continuously user-generated data