论文标题
通过多个任务和最佳隐私 - 实用性权衡的强大私有化
Robust Privatization with Multiple Tasks and the Optimal Privacy-Utility Tradeoff
论文作者
论文摘要
在这项工作中,研究了旨在最大程度地减少一组多个任务的公用事业约束下的隐私泄漏的隐私数据发布的基本限制和最佳机制。虽然通常会通过消毒剂确定要保护的私人功能,但目标任务通常是未知的。为了解决有关特定任务的缺乏信息,考虑了对一组多个可能任务的公用事业约束。该机制保护了要发布的数据的特定隐私功能,同时满足了集合中所有可能任务的实用性约束。首先,得出了速率 - 渗透区域的单个字母表征,其中每个任务的效用是通过失真函数衡量的。事实证明,与日志损失失真约束有关的最小隐私泄漏问题和无约束的释放速率是一个非凸优化问题。其次,关注原始数据由多个独立组件组成的情况,我们表明上述非凸优化问题可以分解为具有不同权重的多个平行隐私渠道(PF)问题。当私有功能是数据向量的组件确定性函数时,我们会明确地向每个PF问题得出最佳解决方案。解决方案的特征是无泄漏阈值:当实用程序约束低于阈值时,最小泄漏为零;一旦所需的实用程序级别高于阈值,隐私泄漏将线性增加。最后,我们表明,可以通过求解线性程序(LP)找到每个隐私渠道问题的最佳权重。还得出了足够的释放速率来达到最小泄漏。显示数值结果可以说明我们方法与任务非特异性的鲁棒性。
In this work, fundamental limits and optimal mechanisms of privacy-preserving data release that aims to minimize the privacy leakage under utility constraints of a set of multiple tasks are investigated. While the private feature to be protected is typically determined and known by the sanitizer, the target task is usually unknown. To address the lack of information on the specific task, utility constraints laid on a set of multiple possible tasks are considered. The mechanism protects the specific privacy feature of the to-be-released data while satisfying utility constraints of all possible tasks in the set. First, the single-letter characterization of the rate-leakage-distortion region is derived, where the utility of each task is measured by a distortion function. It turns out that the minimum privacy leakage problem with log-loss distortion constraints and the unconstrained released rate is a non-convex optimization problem. Second, focusing on the case where the raw data consists of multiple independent components, we show that the above non-convex optimization problem can be decomposed into multiple parallel privacy funnel (PF) problems with different weightings. We explicitly derive the optimal solution to each PF problem when the private feature is a component-wise deterministic function of a data vector. The solution is characterized by a leakage-free threshold: when the utility constraint is below the threshold, the minimum leakage is zero; once the required utility level is above the threshold, the privacy leakage increases linearly. Finally, we show that the optimal weighting of each privacy funnel problem can be found by solving a linear program (LP). A sufficient released rate to achieve the minimum leakage is also derived. Numerical results are shown to illustrate the robustness of our approach against the task non-specificity.
