Organizing stuff
This commit is contained in:
@ -1,9 +1,8 @@
|
||||
\section{Microdata}
|
||||
\label{sec:micro}
|
||||
|
||||
|
||||
Table~\ref{tab:micro} summarizes the literature for the Microdata category.
|
||||
Each reviewed work is abstractly described in this table, by its category (finite or infintite), its publishing mode (batch or streaming) and scheme(global or local), the level of privacy achieved (user, event, w-event), the attacks addressed, the privacy operation applied, and the base method it is built upon.
|
||||
Each reviewed work is abstractly described in this table, by its category (finite or infinite), its publishing mode (batch or streaming) and scheme(global or local), the level of privacy achieved (user, event, $w$-event), the attacks addressed, the privacy operation applied, and the base method it is built upon.
|
||||
We observe that privacy-preserving algorithms for microdata rely mostly on $k$-anonymity or derivatives of it.
|
||||
Ganta et al.~\cite{ganta2008composition} revealed that $k$-anonymity methods are vulnerable to complementary release attacks (or \emph{composition attacks} in the original publication).
|
||||
Consequently, the research community proposed solutions based on $k$-anonymity, focusing on different threats linked to continuous publication, as we review later on.
|
||||
@ -16,7 +15,8 @@ to account for the extra privacy loss entailed by them.
|
||||
\bigskip
|
||||
|
||||
We begin the discussion with the works designed for microdata as finite observations (Section~\ref{subsec:micro-finite}), to continue with the infinite observations setting (Section~\ref{subsec:micro-infinite}).
|
||||
\includetable{micro}
|
||||
|
||||
\includetable{related/micro}
|
||||
|
||||
|
||||
\subsection{Finite observation}
|
||||
@ -460,4 +460,4 @@ Setting privacy to ON, the user obfuscates their original query by randomly send
|
||||
Although this randomization step makes the original query indistinguishable while making sure that the users always get the information that they need, there is no clear quantification of the privacy guarantee that the scheme offers over time.
|
||||
\bigskip
|
||||
|
||||
\kat{Add here the comparison/contrast paragraph of microdata techniques shown previously, and your work}
|
||||
\kat{Add here the comparison/contrast paragraph of microdata techniques shown previously, and your work}
|
||||
|
||||
@ -2,14 +2,15 @@
|
||||
\label{sec:statistical}
|
||||
|
||||
As in Section~\ref{sec:micro}, we summarize the literature for the Statistical Data category in Table~\ref{tab:statistical}, which we structure identically as Table~\ref{tab:micro}.
|
||||
For a reminder, each reviewed work is abstractly described in this table, by its category (finite or infintite), its publishing mode (batch or streaming) and scheme(global or local), the level of privacy achieved (user, event, w-event), the attacks addressed, the privacy operation applied, and the base method it is built upon.
|
||||
For a reminder, each reviewed work is abstractly described in this table, by its category (finite or infinite), its publishing mode (batch or streaming) and scheme(global or local), the level of privacy achieved (user, event, $w$-event), the attacks addressed, the privacy operation applied, and the base method it is built upon.
|
||||
|
||||
As witnessed in Table~\ref{tab:statistical}, when continuously publishing statistical data, usually in the form of counts, the most widely used privacy method is differential privacy, or derivatives of it.
|
||||
In theory differential privacy makes no assumptions about the background knowledge available to the adversary.
|
||||
In practice, data dependencies (e.g.,~correlations) arising in the continuous publication setting are frequently (but without it being the rule) considered as attacks in the proposed algorithms.
|
||||
|
||||
We begin the discussion with the works designed for microdata as finite observations (Section~\ref{subsec:statistical-finite}), to continue with the infinite observations setting (Section~\ref{subsec:statistical-infinite}).
|
||||
\includetable{statistical}
|
||||
|
||||
\includetable{related/statistical}
|
||||
|
||||
|
||||
\subsection{Finite observation}
|
||||
@ -368,7 +369,7 @@ The combination of the Perturber and the Grouper follows the sequential composit
|
||||
% - w-event
|
||||
% - differential privacy
|
||||
% - perturbation (randomized response, Laplace)
|
||||
\hypertarget{errounda2018continuous}{Errounda et al.}~\cite{errounda2018continuous} proposed a algorithm for sharing w-event local differentially private statistics over infinite streams of location data.
|
||||
\hypertarget{errounda2018continuous}{Errounda et al.}~\cite{errounda2018continuous} proposed a algorithm for sharing $w$-event local differentially private statistics over infinite streams of location data.
|
||||
The decision mechanism determines the similarity between the current data of every individual and the most recent release, with respect to a predefined threshold.
|
||||
Using the randomized response mechanism, it perturbs the result of this comparison and decides whether to perform an approximation based on the most recent release or calculate and release the current statistics after injecting to them Laplacian noise.
|
||||
Within the sliding window of size $w$, the privacy budget allocation mechanism estimates the overall privacy budget that the algorithm has allocated at any timestamp and decides how to optimally allocate the remaining budget in the future timestamps.
|
||||
|
||||
Reference in New Issue
Block a user