TY - GEN
T1 - Explaining ∈ in local differential privacy through the lens of quantitative information flow
AU - Fernandes, Natasha
AU - McIver, Annabelle
AU - Sadeghi, Parastoo
PY - 2024
Y1 - 2024
N2 - The study of leakage measures for privacy has been a subject of intensive research and is an important aspect of understanding how privacy leaks occur in computer systems. Differential privacy has been a focal point in the privacy community for some years and yet its leakage characteristics are not completely understood. In this paper we bring together two areas of research -information theory and the g-leakage framework of quantitative information flow (QIF)- to give an operational interpretation for the epsilon parameter of local differential privacy. We find that epsilon emerges as a capacity measure in both frameworks; via (log)-lift, a popular measure in information theory; and via max-case g-leakage, which we introduce to describe the leakage of any system to Bayesian adversaries modelled using 'worst-case' assumptions under the QIF framework. Our characterisation resolves an important question of interpretability of epsilon and consolidates a number of disparate results covering the literature of both information theory and Quantitative information flow.
AB - The study of leakage measures for privacy has been a subject of intensive research and is an important aspect of understanding how privacy leaks occur in computer systems. Differential privacy has been a focal point in the privacy community for some years and yet its leakage characteristics are not completely understood. In this paper we bring together two areas of research -information theory and the g-leakage framework of quantitative information flow (QIF)- to give an operational interpretation for the epsilon parameter of local differential privacy. We find that epsilon emerges as a capacity measure in both frameworks; via (log)-lift, a popular measure in information theory; and via max-case g-leakage, which we introduce to describe the leakage of any system to Bayesian adversaries modelled using 'worst-case' assumptions under the QIF framework. Our characterisation resolves an important question of interpretability of epsilon and consolidates a number of disparate results covering the literature of both information theory and Quantitative information flow.
UR - http://www.scopus.com/inward/record.url?scp=85205820233&partnerID=8YFLogxK
UR - http://purl.org/au-research/grants/arc/FT190100429
U2 - 10.1109/CSF61375.2024.00012
DO - 10.1109/CSF61375.2024.00012
M3 - Conference proceeding contribution
AN - SCOPUS:85205820233
SN - 9798350362046
SP - 419
EP - 432
BT - 2024 IEEE 37th Computer Security Foundations Symposium CSF 2024
PB - Institute of Electrical and Electronics Engineers (IEEE)
CY - Piscataway, NJ
T2 - 37th IEEE Computer Security Foundations Symposium, CSF 2024
Y2 - 8 July 2024 through 12 July 2024
ER -