Abstract
We examine the tradeoff between privacy and usability of statistical databases. We model a statistical database by an n-bit string d1, .., dn, with a query being a subset q ⊆ [n] to be answered by Σiq di. Our main result is a polynomial reconstruction algorithm of data from noisy (perturbed) subset sums. Applying this reconstruction algorithm to statistical databases we show that in order to achieve privacy one has to add perturbation of magnitude Ω(√n). That is, smaller perturbation always results in a strong violation of privacy. We show that this result is tight by exemplifying access algorithms for statistical databases that preserve privacy while adding perturbation of magnitude Ō(√n). For time-T bounded adversaries we demonstrate a privacy-preserving access algorithm whose perturbation magnitude is ≈ √T.
Original language | English |
---|---|
Pages | 202-210 |
Number of pages | 9 |
DOIs | |
State | Published - 1 Jan 2003 |
Externally published | Yes |
Event | Twenty second ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS 2003 - San Diego, CA, United States Duration: 9 Jun 2003 → 11 Jun 2003 |
Conference
Conference | Twenty second ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS 2003 |
---|---|
Country/Territory | United States |
City | San Diego, CA |
Period | 9/06/03 → 11/06/03 |
Keywords
- Data Reconstruction
- Integrity and Security
- Subset-sums with noise
ASJC Scopus subject areas
- Software
- Information Systems
- Hardware and Architecture