Privacy Preserving Statistical Analysis on Distributed Databases
First Claim
1. A method for securely determining aggregate statistics on private data, comprising the steps of:
- sampling, at one or more clients, data Xn and Yn to obtain sampled data {tilde over (X)}m and {tilde over (Y)}m, wherein m is a sampling parameter substantially smaller than a length n of the data;
encrypting the sampled data {tilde over (X)}m and {tilde over (Y)}m to obtain encrypted data {hacek over (X)}m and {hacek over (Y)}m;
combining the encrypted data {hacek over (X)}m and {hacek over (Y)}m to obtain combined encrypted data;
randomizing the combined encrypted data to obtain randomized data Xm, Ym;
estimating, at an authorized third-party processor, a joint distribution {circumflex over (T)}Xn,Yn of the data Xn and Yn from the randomized encrypted data Xm, Ym, such that a differential privacy requirement on the data Xn and Yn is satisfied.
1 Assignment
0 Petitions
Accused Products
Abstract
Aggregate statistics are securely determined on private data by first sampling independent first and second data at one or more clients to obtain sampled data, wherein a sampling parameter substantially smaller than a length of the data. The sampled data are encrypted to obtain encrypted data, which are then combined. The combined encrypted data are randomized to obtain randomized data. At an authorized third-party processor, a joint distribution of the first and second data is estimated from the randomized encrypted data, such that a differential privacy requirement of the first and second is satisfied.
-
Citations
12 Claims
-
1. A method for securely determining aggregate statistics on private data, comprising the steps of:
-
sampling, at one or more clients, data Xn and Yn to obtain sampled data {tilde over (X)}m and {tilde over (Y)}m, wherein m is a sampling parameter substantially smaller than a length n of the data; encrypting the sampled data {tilde over (X)}m and {tilde over (Y)}m to obtain encrypted data {hacek over (X)}m and {hacek over (Y)}m; combining the encrypted data {hacek over (X)}m and {hacek over (Y)}m to obtain combined encrypted data; randomizing the combined encrypted data to obtain randomized data X m,Y m;estimating, at an authorized third-party processor, a joint distribution {circumflex over (T)}X n ,Yn of the data Xn and Yn from the randomized encrypted dataX m,Y m, such that a differential privacy requirement on the data Xn and Yn is satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12)
-
-
10. A method for securely determining aggregate statistics on private data, comprising the steps of:
-
sampling, at one or more client processors, first data and second data to obtain sampled data, wherein a sampling parameter is substantially smaller than a length of the data; encrypting the sampled data to obtain encrypted data; combining the encrypted data to obtain combined encrypted data; randomizing the combined encrypted data to obtain randomized data; estimating, at an authorized third-party processor, a joint distribution of the first data and the second data from the randomized encrypted data such that a differential privacy requirement of the first data and the seconds data is satisfied.
-
Specification