597,510 research outputs found
PriPeARL: A Framework for Privacy-Preserving Analytics and Reporting at LinkedIn
Preserving privacy of users is a key requirement of web-scale analytics and
reporting applications, and has witnessed a renewed focus in light of recent
data breaches and new regulations such as GDPR. We focus on the problem of
computing robust, reliable analytics in a privacy-preserving manner, while
satisfying product requirements. We present PriPeARL, a framework for
privacy-preserving analytics and reporting, inspired by differential privacy.
We describe the overall design and architecture, and the key modeling
components, focusing on the unique challenges associated with privacy,
coverage, utility, and consistency. We perform an experimental study in the
context of ads analytics and reporting at LinkedIn, thereby demonstrating the
tradeoffs between privacy and utility needs, and the applicability of
privacy-preserving mechanisms to real-world data. We also highlight the lessons
learned from the production deployment of our system at LinkedIn.Comment: Conference information: ACM International Conference on Information
and Knowledge Management (CIKM 2018
Effective Privacy Amplification for Secure Classical Communications
We study the practical effectiveness of privacy amplification for classical
key-distribution schemes. We find that in contrast to quantum key distribution
schemes, the high fidelity of the raw key generated in classical systems allow
the users to always sift a secure shorter key if they have an upper bound on
the eavesdropper probability to correctly guess the exchanged key-bits. The
number of privacy amplification iterations needed to achieve information leak
of 10^-8 in existing classical communicators is 2 or 3 resulting in a
corresponding slowdown 4 to 8. We analyze the inherent tradeoff between the
number of iterations and the security of the raw key. This property which is
unique to classical key distribution systems render them highly useful for
practical, especially for noisy channels where sufficiently low quantum bit
error ratios are difficult to achieve.Comment: 11 pages, 3 figure
Strongly Secure Privacy Amplification Cannot Be Obtained by Encoder of Slepian-Wolf Code
The privacy amplification is a technique to distill a secret key from a
random variable by a function so that the distilled key and eavesdropper's
random variable are statistically independent. There are three kinds of
security criteria for the key distilled by the privacy amplification: the
normalized divergence criterion, which is also known as the weak security
criterion, the variational distance criterion, and the divergence criterion,
which is also known as the strong security criterion. As a technique to distill
a secret key, it is known that the encoder of a Slepian-Wolf (the source coding
with full side-information at the decoder) code can be used as a function for
the privacy amplification if we employ the weak security criterion. In this
paper, we show that the encoder of a Slepian-Wolf code cannot be used as a
function for the privacy amplification if we employ the criteria other than the
weak one.Comment: 10 pages, no figure, A part of this paper will be presented at 2009
IEEE International Symposium on Information Theory in Seoul, Korea. Version 2
is a published version. The results are not changed from version 1.
Explanations are polished and some references are added. In version 3, only
style and DOI are edite
Identity principles in the digital age: a closer view
Identity and its management is now an integral part of web-based services and applications. It is also a live political issue that has captured the interest of organisations, businesses and society generally. As identity management systems assume functionally equivalent roles, their significance for privacy cannot be underestimated. The Centre for Democracy and Technology has recently released a draft version of what it regards as key privacy principles for identity management in the digital age. This paper will provide an overview of the key benchmarks identified by the CDT. The focus of this paper is to explore how best the Data Protection legislation can be said to provide a framework which best maintains a proper balance between 'identity' conscious technology and an individual's expectation of privacy to personal and sensitive data. The central argument will be that increased compliance with the key principles is not only appropriate for a distributed privacy environment but will go some way towards creating a space for various stakeholders to reach consensus applicable to existing and new information communication technologies. The conclusion is that securing compliance with the legislation will prove to be the biggest governance challenge. Standard setting and norms will go some way to ease the need for centralised regulatory oversight
- …