Research output per year
Research output per year
Abstract
We study the privacy-utility trade-off in the context of metric differential privacy. Ghosh et al. introduced the idea of universal optimality to characterise the 'best' mechanism for a certain query that simultaneously satisfies (a fixed) \mathcalE- differential privacy constraint whilst at the same time providing better utility compared to any other s-differentially private mechanism for the same query. They showed that the Geometric mechanism is universally optimal for the class of counting queries. On the other hand, Brenner and Nissim showed that outside the space of counting queries, and for the Bayes risk loss function, no such universally optimal mechanisms exist. Except for universal optimality of the Laplace mechanism, there have been no generalisations of these universally optimal results to other classes of differentially-private mechanisms.
In this paper we use metric differential privacy and quantitative information flow as the fundamental principle for studying universal optimality. Metric differential privacy is a generali-sation of both standard (i.e., central) differential privacy and local differential privacy, and it is increasingly being used in various application domains, for instance in location privacy and in privacy preserving machine learning. As do Ghosh et al. and Brenner and Nissim, we measure utility in terms of loss functions, and we interpret the notion of a privacy mechanism as an information-theoretic channel satisfying constraints defined by ϵ-differcntlal privacy and a metric meaningful to the underlying state space. Using this framework we are able to clarify Nissim and Brenner's negative results by (a) that in fact all privacy types contain optimal mechanisms relative to certain kinds of non-trivial loss functions, and (b) extending and generalising their negative results beyond Bayes risk specifically to a wide class of non-trivial loss functions.
Our exploration suggests that universally optimal mechanisms are indeed rare within privacy types. We therefore propose weaker universal benchmarks of utility called privacy type ca-pacities. We show that such capacities always exist and can be computed using a convex optimisation algorithm. We illustrate these ideas on a selection of examples with several different underlying metrics.
| Original language | English |
|---|---|
| Title of host publication | 2022 IEEE 35th Computer Security Foundations Symposium (CSF 2022) |
| Subtitle of host publication | proceedings |
| Place of Publication | Piscataway, NJ |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Pages | 348-363 |
| Number of pages | 16 |
| ISBN (Electronic) | 9781665484176 |
| ISBN (Print) | 9781665484183 |
| DOIs | |
| Publication status | Published - 2022 |
| Event | 35th IEEE Computer Security Foundations Symposium, CSF 2022 - Haifa, Israel Duration: 7 Aug 2022 → 10 Aug 2022 |
Publication series
| Name | |
|---|---|
| ISSN (Print) | 1940-1434 |
Conference
| Conference | 35th IEEE Computer Security Foundations Symposium, CSF 2022 |
|---|---|
| Country/Territory | Israel |
| City | Haifa |
| Period | 7/08/22 → 10/08/22 |
Fingerprint
Dive into the research topics of 'Universal optimality and robust utility bounds for metric differential privacy'. Together they form a unique fingerprint.Research output
- 5 Citations
- 1 Conference paper
-
Universal optimality and robust utility bounds for metric differential privacy
Fernandes, N., McIver, A., Palamidessi, C. & Ding, M., 2023, In: Journal of Computer Security. 31, 5, p. 539-580 42 p.Research output: Contribution to journal › Conference paper › peer-review
2 Citations (Scopus)