Forward and backward simulations I.: untimed systems
Information and Computation
Deciding bisimilarity and similarity for probabilistic processes
Journal of Computer and System Sciences
Communication and Concurrency
Probabilistic simulations for probabilistic processes
Nordic Journal of Computing
Bisimulation and Unwinding for Verifying Possibilistic Security Properties
VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
Computational Probabilistic Non-interference
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Weak Bisimulation for Probabilistic Systems
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
Decision Algorithms for Probabilistic Bisimulation
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Probabilistic weak simulation is decidable in polynomial time
Information Processing Letters
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Assessing security threats of looping constructs
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Smooth sensitivity and sampling in private data analysis
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Quantitative analysis of leakage for multi-threaded programs
Proceedings of the 2007 workshop on Programming languages and analysis for security
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Approximated Computationally Bounded Simulation Relations for Probabilistic Automata
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Journal of Computer Security - Special issue on WITS'02
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Mechanism Design via Differential Privacy
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Analyzing Security Protocols Using Time-Bounded Task-PIOAs
Discrete Event Dynamic Systems
Observing Branching Structure through Probabilistic Contexts
SIAM Journal on Computing
A static analysis for quantifying information flow in a simple imperative language
Journal of Computer Security
A learning theory approach to non-interactive database privacy
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
The Differential Privacy Frontier (Extended Abstract)
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Universally utility-maximizing privacy mechanisms
Proceedings of the forty-first annual ACM symposium on Theory of computing
Privacy integrated queries: an extensible platform for privacy-preserving data analysis
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
Computational Differential Privacy
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Differential privacy for collaborative security
Proceedings of the Third European Workshop on System Security
Differential privacy: a survey of results
TAMC'08 Proceedings of the 5th international conference on Theory and applications of models of computation
Differential privacy under continual observation
Proceedings of the forty-second ACM symposium on Theory of computing
Airavat: security and privacy for MapReduce
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Distance makes the types grow stronger: a calculus for differential privacy
Proceedings of the 15th ACM SIGPLAN international conference on Functional programming
Differential privacy in new settings
SODA '10 Proceedings of the twenty-first annual ACM-SIAM symposium on Discrete Algorithms
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Computing the leakage of information-hiding systems
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Calibrating noise to sensitivity in private data analysis
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Probabilistic relational reasoning for differential privacy
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Differentially private iterative synchronous consensus
Proceedings of the 2012 ACM workshop on Privacy in the electronic society
Probabilistic Relational Reasoning for Differential Privacy
ACM Transactions on Programming Languages and Systems (TOPLAS)
| Hi-index | 0.00 |
Differential privacy is a promising approach to privacy preserving data analysis with a well-developed theory for functions. Despite recent work on implementing systems that aim to provide differential privacy, the problem of formally verifying that these systems have differential privacy has not been adequately addressed. We develop a formal probabilistic automaton model of differential privacy for systems by adapting prior work on differential privacy for functions. We present the first sound verification technique for proving differential privacy of interactive systems. The technique is based on a form of probabilistic bisimulation relation. The novelty lies in the way we track quantitative privacy leakage bounds using a relation family instead of a single relation. We illustrate the proof technique on a representative automaton motivated by PINQ, an implemented system that is intended to provide differential privacy. Surprisingly, our analysis yields a privacy leakage bound of (2t@?@e) rather than (t@?@e) when @e-differentially private functions are called t times. The extra leakage arises from accounting for bounded memory constraints of real computers.