METHOD AND APPARATUS FOR UTILITY-AWARE PRIVACY PRESERVING MAPPING AGAINST INFERENCE ATTACKS

US 20160203333A1
Filed: 11/21/2013
Published: 07/14/2016
Est. Priority Date: 08/20/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method for processing user data for a user, comprising:

accessing the user data, which includes private data and public data, the private data corresponding to a first category of data, and the public data corresponding to a second category of data;

decoupling dependencies between the first category of data and the second category of data, from dependencies between the second category of data and released data;

determining a privacy preserving mapping that maps the second category of data to the released data responsive the dependencies between the second category of data and the released data;

modifying the public data for the user based on the privacy preserving mapping; and

releasing the modified data to at least one of a service provider and a data collecting agency.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present principles focus on the privacy-utility tradeoff encountered by a user who wishes to release some public data (denoted by X) to an analyst, that is correlated with his private data (denoted by S), in the hope of getting some utility. The public data is distorted before its release according to a probabilistic privacy preserving mapping mechanism, which limits information leakage under utility constraints. In particular, this probabilistic privacy mechanism is modeled as a conditional distribution, P_(Y|X), where Y is the actual released data to the analyst. The present principles design utility-aware privacy preserving mapping mechanisms against inference attacks, when only partial, or no, statistical knowledge of the prior distribution, P_(S,X), is available. Specifically, using maximal correlation techniques, the present principles provide a separability result on the information leakage that leads to the design of the privacy preserving mapping.

37 Citations

View as Search Results

21 Claims

1. A method for processing user data for a user, comprising:
- accessing the user data, which includes private data and public data, the private data corresponding to a first category of data, and the public data corresponding to a second category of data;
  
  decoupling dependencies between the first category of data and the second category of data, from dependencies between the second category of data and released data;
  
  determining a privacy preserving mapping that maps the second category of data to the released data responsive the dependencies between the second category of data and the released data;
  
  modifying the public data for the user based on the privacy preserving mapping; and
  
  releasing the modified data to at least one of a service provider and a data collecting agency.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the public data comprises data that the user has indicated can be publicly released, and the private data comprises data that the user has indicated is not to be publicly released.
  - 3. The method of claim 1, further comprising the step of:
    - determining the dependencies between the first category of data and the second category of data responsive to mutual information between the first category of data and the second category of data.
  - 4. The method of claim 1, wherein the steps of decoupling and determining a privacy preserving mapping are based on maximal correlation techniques.
  - 5. The method of claim 1, further comprising the step of:
    - accessing a constraint on utility, the utility being responsive to the second category of data and the released data, wherein the step of determining a privacy preserving mapping is further responsive to the utility constraint.
  - 6. The method of claim 1, wherein the determining a privacy preserving mapping comprises:
    - minimizing the maximum information leakage between the first category of data and the released data.
  - 7. The method of claim 1, further comprising the step of:
    - accessing statistical information based on the second category of data from other users, wherein the statistical information is used to determine the privacy preserving mapping.
  - 8. The method of claim 7, wherein the step of determining comprises determining independently of a joint distribution between the first category of data and the second category of data.
  - 9. The method of claim 7, wherein the step of determining comprises determining independently of a marginal distribution of the second category of data.
  - 10. The method of claim 1, further comprising the step of receiving service based on the released distorted data.

11. An apparatus for processing user data for a user, comprising:
- a processor configured to access the user data, which includes private data and public data, the private data corresponding to a first category of data, and the public data corresponding to a second category of dataa privacy preserving mapping decision module coupled to the processor and configured todecouple dependencies between the first category of data and the second category of data, from dependencies between the second category of data and released data, anddetermine a privacy preserving mapping that maps the second category of data to the released data responsive the dependencies between the second category of data and released data;
  
  a privacy preserving module configured tomodify the public data for the user based on the privacy preserving mapping, andrelease the modified data to at least one of a service provider and a data collecting agency.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The apparatus of claim 11, wherein the public data comprises data that the user has indicated can be publicly released, and the private data comprises data that the user has indicated is not to be publicly released.
  - 13. The apparatus of claim 11, wherein the privacy preserving mapping decision module determines the dependencies between the first category of data and the second category of data responsive to mutual information between the first category of data and the second category of data.
  - 14. The apparatus of claim 11, wherein the privacy preserving mapping decision module decouple dependencies and determines a privacy preserving mapping based on maximal correlation techniques.
  - 15. The apparatus of claim 11, wherein the privacy preserving mapping decision module accesses a constraint on utility, the utility being responsive to the second category of data and the released data, and determines the privacy preserving mapping responsive to the utility constraint.
  - 16. The apparatus of claim 11, wherein the privacy preserving mapping decision module minimizes the maximum information leakage between the first category of data and the released data.
  - 17. The apparatus of claim 11, wherein the privacy preserving mapping decision module accesses statistical information based on the second category of data from other users, wherein the statistical information is used to determine the privacy preserving mapping.
  - 18. The apparatus of claim 17, wherein the privacy preserving mapping decision module determines the privacy preserving mapping independently of a joint distribution between the first category of data and the second category of data.
  - 19. The method of claim 17, wherein the privacy preserving mapping decision module determines the privacy preserving mapping independently of a marginal distribution of the second category of data.
  - 20. The apparatus of claim 11, further comprising a processor configured to receive service based on the released distorted data.

21. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thomson Licensing (Vantiva SA)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Makhdoumi Kakhaki, Abbasali, Fawaz, Nadia

Application Number

US14/912,639
Publication Number

US 20160203333A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 2221/2145   Inheriting rights or proper...

H04L 63/0407   wherein the identity of one...

H04W 12/02   Protecting privacy or anony...

METHOD AND APPARATUS FOR UTILITY-AWARE PRIVACY PRESERVING MAPPING AGAINST INFERENCE ATTACKS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR UTILITY-AWARE PRIVACY PRESERVING MAPPING AGAINST INFERENCE ATTACKS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links