STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
Concentration of non-Lipschitz functions and applications
Random Structures & Algorithms - Probabilistic methods in combinatorial optimization
Limiting privacy breaches in privacy preserving data mining
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
A formal analysis of information disclosure in data exchange
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
\ell -Diversity: Privacy Beyond \kappa -Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Proceedings of the 16th international conference on World Wide Web
Smooth sensitivity and sampling in private data analysis
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
The boundary between privacy and utility in data publishing
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Towards identity anonymization on graphs
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Composition attacks and auxiliary information in data privacy
Proceedings of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining
Resisting structural re-identification in anonymized social networks
Proceedings of the VLDB Endowment
Preserving Privacy in Social Networks Against Neighborhood Attacks
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Preserving the privacy of sensitive relationships in graph data
PinKDD'07 Proceedings of the 1st ACM SIGKDD international conference on Privacy, security, and trust in KDD
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Calibrating noise to sensitivity in private data analysis
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Privacy-Preserving Data Publishing
Foundations and Trends in Databases
Optimal random perturbation at multiple privacy levels
Proceedings of the VLDB Endowment
Towards an axiomatization of statistical privacy and utility
Proceedings of the twenty-ninth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Differentially private aggregation of distributed time-series with transformation and encryption
Proceedings of the 2010 ACM SIGMOD International Conference on Management of data
Privacy issues in scientific workflow provenance
Proceedings of the 1st International Workshop on Workflow Approaches to New Data-centric Science
Resisting structural re-identification in anonymized social networks
The VLDB Journal — The International Journal on Very Large Data Bases
Proceedings of the 14th International Conference on Database Theory
Privacy-preserving publishing microdata with full functional dependencies
Data & Knowledge Engineering
Provenance views for module privacy
Proceedings of the thirtieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Privacy-aware data management in information networks
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Hiding data and structure in workflow provenance
DNIS'11 Proceedings of the 7th international conference on Databases in Networked Information Systems
A rigorous and customizable framework for privacy
PODS '12 Proceedings of the 31st symposium on Principles of Database Systems
A workflow for differentially-private graph synthesis
Proceedings of the 2012 ACM workshop on Workshop on online social networks
Privacy preservation of user history graph
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Differentially private data analysis of social networks via restricted sensitivity
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Analyzing graphs with node differential privacy
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
On Learning Cluster Coefficient of Private Networks
ASONAM '12 Proceedings of the 2012 International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2012)
A privacy framework: indistinguishable privacy
Proceedings of the Joint EDBT/ICDT 2013 Workshops
Recursive mechanism: towards node differential privacy and unrestricted joins
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Pufferfish: A framework for mathematical privacy definitions
ACM Transactions on Database Systems (TODS)
Dynamic enforcement of knowledge-based security policies using probabilistic abstract interpretation
Journal of Computer Security
Hi-index | 0.00 |
We study privacy-preserving query answering over data containing relationships. A social network is a prime example of such data, where the nodes represent individuals and edges represent relationships. Nearly all interesting queries over social networks involve joins, and for such queries, existing output perturbation algorithms severely distort query answers. We propose an algorithm that significantly improves utility over competing techniques, typically reducing the error bound from polynomial in the number of nodes to polylogarithmic. The algorithm is, to the best of our knowledge, the first to answer such queries with acceptable accuracy, even for worst-case inputs. The improved utility is achieved by relaxing the privacy condition. Instead of ensuring strict differential privacy, we guarantee a weaker (but still quite practical) condition based on adversarial privacy. To explain precisely the nature of our relaxation in privacy, we provide a new result that characterizes the relationship between ε-indistinguishability~(a variant of the differential privacy definition) and adversarial privacy, which is of independent interest: an algorithm is ε-indistinguishable iff it is private for a particular class of adversaries (defined precisely herein). Our perturbation algorithm guarantees privacy against adversaries in this class whose prior distribution is numerically bounded.