17,565 research outputs found
Privacy-Preserving Public Information for Sequential Games
In settings with incomplete information, players can find it difficult to
coordinate to find states with good social welfare. For example, in financial
settings, if a collection of financial firms have limited information about
each other's strategies, some large number of them may choose the same
high-risk investment in hopes of high returns. While this might be acceptable
in some cases, the economy can be hurt badly if many firms make investments in
the same risky market segment and it fails. One reason why many firms might end
up choosing the same segment is that they do not have information about other
firms' investments (imperfect information may lead to `bad' game states).
Directly reporting all players' investments, however, raises confidentiality
concerns for both individuals and institutions.
In this paper, we explore whether information about the game-state can be
publicly announced in a manner that maintains the privacy of the actions of the
players, and still suffices to deter players from reaching bad game-states. We
show that in many games of interest, it is possible for players to avoid these
bad states with the help of privacy-preserving, publicly-announced information.
We model behavior of players in this imperfect information setting in two ways
-- greedy and undominated strategic behaviours, and we prove guarantees on
social welfare that certain kinds of privacy-preserving information can help
attain. Furthermore, we design a counter with improved privacy guarantees under
continual observation
Private Decayed Sum Estimation under Continual Observation
In monitoring applications, recent data is more important than distant data.
How does this affect privacy of data analysis? We study a general class of data
analyses - computing predicate sums - with privacy. Formally, we study the
problem of estimating predicate sums {\em privately}, for sliding windows (and
other well-known decay models of data, i.e. exponential and polynomial decay).
We extend the recently proposed continual privacy model of Dwork et al.
We present algorithms for decayed sum which are \eps-differentially
private, and are accurate. For window and exponential decay sums, our
algorithms are accurate up to additive 1/\eps and polylog terms in the range
of the computed function; for polynomial decay sums which are technically more
challenging because partial solutions do not compose easily, our algorithms
incur additional relative error. Further, we show lower bounds, tight within
polylog factors and tight with respect to the dependence on the probability of
error
Differentially Private Stream Processing at Scale
We design, to the best of our knowledge, the first differentially private
(DP) stream processing system at scale. Our system --Differential Privacy SQL
Pipelines (DP-SQLP)-- is built using a streaming framework similar to Spark
streaming, and is built on top of the Spanner database and the F1 query engine
from Google.
Towards designing DP-SQLP we make both algorithmic and systemic advances,
namely, we (i) design a novel DP key selection algorithm that can operate on an
unbounded set of possible keys, and can scale to one billion keys that users
have contributed, (ii) design a preemptive execution scheme for DP key
selection that avoids enumerating all the keys at each triggering time, and
(iii) use algorithmic techniques from DP continual observation to release a
continual DP histogram of user contributions to different keys over the stream
length. We empirically demonstrate the efficacy by obtaining at least
reduction in error over meaningful baselines we consider
- …