Differentially Private Processing and Database Storage
First Claim
1. A hardware database privacy device, the hardware database privacy device communicatively coupled to a private database system, and configured to:
- receive a request from a client device to perform a query of the private database system and identifying a level of differential privacy corresponding to the request, the identified level of differential privacy comprising privacy parameters ∈ and
δ
;
identify a set of data stored in the private database system and a set of operations to be performed on the set of data corresponding to the requested query, wherein the set of operations comprises
1) identifying a loss function for the set of data, the loss function comprising a function of a set of parameters θ
describing correlations in the set of data, and
2) minimizing a perturbed loss function over the set of parameters θ
;
access the set of data from the private database system;
modify the set of operations based on the identified level of differential privacy such that a performance of the modified set of operations produces a result set that is (∈
,δ
)-differentially private, wherein modifying the set of operations comprises perturbing the loss function by a factor defined by;
4 Assignments
0 Petitions
Accused Products
Abstract
A hardware database privacy device is communicatively coupled to a private database system. The hardware database privacy device receives a request from a client device to perform a query of the private database system and identifies a level of differential privacy corresponding to the request. The identified level of differential privacy includes privacy parameters (∈,δ) indicating the degree of information released about the private database system. The hardware database privacy device identifies a set of operations to be performed on the set of data that corresponds to the requested query. After the set of data is accessed, the set of operations is modified based on the identified level of differential privacy such that a performance of the modified set of operations produces a result set that is (∈,δ)-differentially private.
-
Citations
16 Claims
-
1. A hardware database privacy device, the hardware database privacy device communicatively coupled to a private database system, and configured to:
-
receive a request from a client device to perform a query of the private database system and identifying a level of differential privacy corresponding to the request, the identified level of differential privacy comprising privacy parameters ∈ and
δ
;identify a set of data stored in the private database system and a set of operations to be performed on the set of data corresponding to the requested query, wherein the set of operations comprises
1) identifying a loss function for the set of data, the loss function comprising a function of a set of parameters θ
describing correlations in the set of data, and
2) minimizing a perturbed loss function over the set of parameters θ
;access the set of data from the private database system; modify the set of operations based on the identified level of differential privacy such that a performance of the modified set of operations produces a result set that is (∈
,δ
)-differentially private, wherein modifying the set of operations comprises perturbing the loss function by a factor defined by; - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for implementing differential privacy in a private database system, comprising:
-
receiving, by a hardware database privacy device communicatively coupled to the privacy database system, a request from a client device to perform a query of the private database system and identifying a level of differential privacy corresponding to the request, the identified level of differential privacy comprising privacy parameters ∈ and
δ
;identifying, by the hardware database privacy device, a set of data stored in the private database system and a set of operations to be performed on the set of data corresponding to the requested query, wherein the set of operations comprises
1) identifying a loss function for the set of data, the loss function comprising a function of a set of parameters θ
describing correlations in the set of data, and
2) minimizing a perturbed loss function over the set of parameters θ
;accessing, by the hardware database privacy device, the set of data from the private database system; modifying, by the hardware database privacy device, the set of operations based on the identified level of differential privacy such that a performance of the modified set of operations produces a result set that is (∈
,δ
)-differentially private, wherein modifying the set of operations comprises perturbing the loss function by a factor defined by; - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification