Abstract
We prove that, with respect to a database query response privacy mechanism employing output perturbation with i.i.d. random noise addition, an adversary can, allowed a sufficiently large number of queries, exactly determine all records in an n-record database up to overwhelming probability of success, and establish corresponding quantitative confidence bounds for the attack success probability. These confidence bounds do not depend on the cardinality |D| of the data domain DāāāR, where the database \({\mathcal{D}}\) is a member of the set D n, and they even admit some unbounded data domains D of (countably) infinite cardinality. Within the context of differential privacy, we show that our results also imply a lower bound on the variance of independent, Laplace-distributed noise that can be added to user queries if database privacy is to be preserved. Our results do not require the additive noise to be bounded by \(o(\sqrt{n})\) as assumed in Dinur & Nissim (2003) and Dwork & Yekhanin (2008), which, on the other hand, do admit correlated noise.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adam, N.R., Wortmann, J.C.: Security-Control Methods for Statistical Databases: A Comparative Study. ACM Computing Surveys 21(4) (1989)
Cucker, F., Smale, S.: On the Mathematical Foundations of Learning. Bulletin(New Series) of the American Mathematical SocietyĀ 39(1), 1ā49 (2001)
Denning, D.E.: Secure Statistical Databases with Random Sample Queries. ACM Transactions on Database SystemsĀ 5(3), 291ā315 (1980)
Dinur, I., Nissim, K.: Revealing information while preserving privacy. In: Proceedings of the 2nd ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pp. 203ā210 (2003)
Dwork, C.: Differential Privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol.Ā 4052, pp. 1ā12. Springer, Heidelberg (2006)
Dwork, C.: A Firm Foundation for Private Data Analysis. Communications of the ACMĀ 54(1) (2011)
Dwork, C.: Differential Privacy: A Survey of Results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol.Ā 4978, pp. 1ā19. Springer, Heidelberg (2008)
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Proceedings of the 3rd Theory of Cryptography Conference, pp. 265ā284 (2006)
Dwork, C., McSherry, F., Talwar, K.: The Price of Privacy and the Limits of LP Decoding. In: STOC 2007 (2007)
Dwork, C., Smith, S.: Differential Privacy for Statistics: What we Know and What we Want to Learn. Journal of Privacy and ConfidentialityĀ 1(2), 135ā154 (2009)
Dwork, C., Yekhanin, S.: New Efficient Attacks on Statistical Disclosure Control Mechanisms. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol.Ā 5157, pp. 469ā480. Springer, Heidelberg (2008)
Hardt, M., Talwar, K.: On the Geometry of Differential Privacy. In: Proceedings of the 42nd ACM Symposium on Theory of Computing, pp. 705ā714 (2009)
Kifer, D., Machanavajjhala, A.: No Free Lunch in Data Privacy. In: SIGMOD 2011 (2011)
Liew, C.K., Choi, U.J., Liew, C.J.: A Data Distortion by Probability Distribution. ACM Transactions on Database SystemsĀ 10(3), 395ā411 (1985)
Lindell, Y., Omri, E.: A Practical Application of Differential Privacy to Personalized Online Advertising. Technical Report 2011/152, Cryptology ePrint Archive (2011)
Massart, P.: The tight constant in the Dvoretsky-Kiefer-Wolfowitz inequality. The Annals of ProbabilityĀ 18(3), 1269ā1283 (1990)
McDiarmid, C.: Concentration. In: Probabilistic Methods for Algorithmic Discrete Mathematics, pp. 195ā228. Springer, New York (1998)
Merener, M.: Polynomial-time Attack on Output Perturbation Sanitizers for Real-valued Datasets. Journal of Privacy and ConfidentialityĀ 2(2), 65ā81 (2010)
Sarathy, R., Muralidhar, K.: Evaluating Laplace Noise Addition to Satisfy Differential Privacy for Numeric Data. Transactions on Data Privacy Ā 4, 1ā17 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zanger, D.Z. (2012). Security of Random Output Perturbation for Statistical Databases. In: Domingo-Ferrer, J., Tinnirello, I. (eds) Privacy in Statistical Databases. PSD 2012. Lecture Notes in Computer Science, vol 7556. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33627-0_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-33627-0_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33626-3
Online ISBN: 978-3-642-33627-0
eBook Packages: Computer ScienceComputer Science (R0)