319 research outputs found
Lossy Compression with Privacy Constraints: Optimality of Polar Codes
A lossy source coding problem with privacy constraint is studied in which two
correlated discrete sources and are compressed into a reconstruction
with some prescribed distortion . In addition, a privacy
constraint is specified as the equivocation between the lossy reconstruction
and . This models the situation where a certain amount of source
information from one user is provided as utility (given by the fidelity of its
reconstruction) to another user or the public, while some other correlated part
of the source information must be kept private. In this work, we show that
polar codes are able, possibly with the aid of time sharing, to achieve any
point in the optimal rate-distortion-equivocation region identified by
Yamamoto, thus providing a constructive scheme that obtains the optimal
tradeoff between utility and privacy in this framework.Comment: Submitted for publicatio
Privacy-Constrained Remote Source Coding
We consider the problem of revealing/sharing data in an efficient and secure
way via a compact representation. The representation should ensure reliable
reconstruction of the desired features/attributes while still preserve privacy
of the secret parts of the data. The problem is formulated as a remote lossy
source coding with a privacy constraint where the remote source consists of
public and secret parts. Inner and outer bounds for the optimal tradeoff region
of compression rate, distortion, and privacy leakage rate are given and shown
to coincide for some special cases. When specializing the distortion measure to
a logarithmic loss function, the resulting rate-distortion-leakage tradeoff for
the case of identical side information forms an optimization problem which
corresponds to the "secure" version of the so-called information bottleneck.Comment: 10 pages, 1 figure, to be presented at ISIT 201
Smart Meter Privacy: A Utility-Privacy Framework
End-user privacy in smart meter measurements is a well-known challenge in the
smart grid. The solutions offered thus far have been tied to specific
technologies such as batteries or assumptions on data usage. Existing solutions
have also not quantified the loss of benefit (utility) that results from any
such privacy-preserving approach. Using tools from information theory, a new
framework is presented that abstracts both the privacy and the utility
requirements of smart meter data. This leads to a novel privacy-utility
tradeoff problem with minimal assumptions that is tractable. Specifically for a
stationary Gaussian Markov model of the electricity load, it is shown that the
optimal utility-and-privacy preserving solution requires filtering out
frequency components that are low in power, and this approach appears to
encompass most of the proposed privacy approaches.Comment: Accepted for publication and presentation at the IEEE SmartGridComm.
201
Competitive Privacy in the Smart Grid: An Information-theoretic Approach
Advances in sensing and communication capabilities as well as power industry
deregulation are driving the need for distributed state estimation in the smart
grid at the level of the regional transmission organizations (RTOs). This leads
to a new competitive privacy problem amongst the RTOs since there is a tension
between sharing data to ensure network reliability (utility/benefit to all
RTOs) and withholding data for profitability and privacy reasons. The resulting
tradeoff between utility, quantified via fidelity of its state estimate at each
RTO, and privacy, quantified via the leakage of the state of one RTO at other
RTOs, is captured precisely using a lossy source coding problem formulation for
a two RTO network. For a two-RTO model, it is shown that the set of all
feasible utility-privacy pairs can be achieved via a single round of
communication when each RTO communicates taking into account the correlation
between the measured data at both RTOs. The lossy source coding problem and
solution developed here is also of independent interest.Comment: Accepted for publication and presentation at the IEEE SmartGridComm
201
Generative Adversarial User Privacy in Lossy Single-Server Information Retrieval
We propose to extend the concept of private information retrieval by allowing
for distortion in the retrieval process and relaxing the perfect privacy
requirement at the same time. In particular, we study the tradeoff between
download rate, distortion, and user privacy leakage, and show that in the limit
of large file sizes this trade-off can be captured via a novel
information-theoretical formulation for datasets with a known distribution.
Moreover, for scenarios where the statistics of the dataset is unknown, we
propose a new deep learning framework by leveraging a generative adversarial
network approach, which allows the user to learn efficient schemes from the
data itself, minimizing the download cost. We evaluate the performance of the
scheme on a synthetic Gaussian dataset as well as on both the MNIST and
CIFAR-10 datasets. For the MNIST dataset, the data-driven approach
significantly outperforms a non-learning based scheme which combines source
coding with multiple file download, while the CIFAR-10 performance is notably
better.Comment: Submitted to IEEE for possible publication. This paper was presented
in part at the NeurIPS 2020 Workshop on Privacy Preserving Machine Learning -
PRIML and PPML Joint Editio
The role of Signal Processing in Meeting Privacy Challenges [an overview]
International audienceWith the increasing growth and sophistication of information technology, personal information is easily accessible electronically. This flood of released personal data raises important privacy concerns. However, electronic data sources exist to be used and have tremendous value (utility) to their users and collectors, leading to a tension between privacy and utility. This article aims to quantify that tension by means of an information-theoretic framework and motivate signal processing approaches to privacy problems. The framework is applied to a number of case studies to illustrate concretely how signal processing can be harnessed to provide data privacy
Compressive Privacy for a Linear Dynamical System
We consider a linear dynamical system in which the state vector consists of
both public and private states. One or more sensors make measurements of the
state vector and sends information to a fusion center, which performs the final
state estimation. To achieve an optimal tradeoff between the utility of
estimating the public states and protection of the private states, the
measurements at each time step are linearly compressed into a lower dimensional
space. Under the centralized setting where all measurements are collected by a
single sensor, we propose an optimization problem and an algorithm to find the
best compression matrix. Under the decentralized setting where measurements are
made separately at multiple sensors, each sensor optimizes its own local
compression matrix. We propose methods to separate the overall optimization
problem into multiple sub-problems that can be solved locally at each sensor.
We consider the cases where there is no message exchange between the sensors;
and where each sensor takes turns to transmit messages to the other sensors.
Simulations and empirical experiments demonstrate the efficiency of our
proposed approach in allowing the fusion center to estimate the public states
with good accuracy while preventing it from estimating the private states
accurately
Information Extraction Under Privacy Constraints
A privacy-constrained information extraction problem is considered where for
a pair of correlated discrete random variables governed by a given
joint distribution, an agent observes and wants to convey to a potentially
public user as much information about as possible without compromising the
amount of information revealed about . To this end, the so-called {\em
rate-privacy function} is introduced to quantify the maximal amount of
information (measured in terms of mutual information) that can be extracted
from under a privacy constraint between and the extracted information,
where privacy is measured using either mutual information or maximal
correlation. Properties of the rate-privacy function are analyzed and
information-theoretic and estimation-theoretic interpretations of it are
presented for both the mutual information and maximal correlation privacy
measures. It is also shown that the rate-privacy function admits a closed-form
expression for a large family of joint distributions of . Finally, the
rate-privacy function under the mutual information privacy measure is
considered for the case where has a joint probability density function
by studying the problem where the extracted information is a uniform
quantization of corrupted by additive Gaussian noise. The asymptotic
behavior of the rate-privacy function is studied as the quantization resolution
grows without bound and it is observed that not all of the properties of the
rate-privacy function carry over from the discrete to the continuous case.Comment: 55 pages, 6 figures. Improved the organization and added detailed
literature revie
Successive Refinement of Shannon Cipher System Under Maximal Leakage
We study the successive refinement setting of Shannon cipher system (SCS)
under the maximal leakage constraint for discrete memoryless sources under
bounded distortion measures. Specifically, we generalize the threat model for
the point-to-point rate-distortion setting of Issa, Wagner and Kamath (T-IT
2020) to the multiterminal successive refinement setting. Under mild conditions
that correspond to partial secrecy, we characterize the asymptotically optimal
normalized maximal leakage region for both the joint excess-distortion
probability (JEP) and the expected distortion reliability constraints. Under
JEP, in the achievability part, we propose a type-based coding scheme, analyze
the reliability guarantee for JEP and bound the leakage of the information
source through compressed versions. In the converse part, by analyzing a
guessing scheme of the eavesdropper, we prove the optimality of our
achievability result. Under expected distortion, the achievability part is
established similarly to the JEP counterpart. The converse proof proceeds by
generalizing the corresponding results for the rate-distortion setting of SCS
by Schieler and Cuff (T-IT 2014) to the successive refinement setting. Somewhat
surprisingly, the normalized maximal leakage regions under both JEP and
expected distortion constraints are identical under certain conditions,
although JEP appears to be a stronger reliability constraint
- …