Composition Properties of Bayesian Differential Privacy
share
Differential privacy is a rigorous privacy standard that has been applied to a range of data analysis tasks. To broaden the application scenarios of differential privacy when data records have dependencies, the notion of Bayesian differential privacy has been recently proposed. However, it is unknown whether Bayesian differential privacy preserves three nice properties of differential privacy: sequential composability, parallel composability, and post-processing. In this paper, we provide an affirmative answer to this question; i.e., Bayesian differential privacy still have these properties. The idea behind sequential composability is that if we have m algorithms Y_1, Y_2, ..., Y_m, where Y_ℓ is independently ϵ_ℓ-Bayesian differential private for ℓ=1,2,...,m, then by feeding the result of Y_1 into Y_2, the result of Y_2 into Y_3, and so on, we will finally have an ∑_ℓ=1^m ϵ_ℓ-Bayesian differential private algorithm. For parallel composability, we consider the situation where a database is partitioned into m disjoint subsets. The ℓ-th subset is input to a Bayesian differential private algorithm Y_ℓ, for ℓ=1,2,...,m. Then the parallel composition of Y_1, Y_2, ..., Y_m will be max_ℓ=1^m ϵ_ℓ-Bayesian differential private. The post-processing property means that a data analyst, without additional knowledge about the private database, cannot compute a function of the output of a Bayesian differential private algorithm and reduce its privacy guarantee.
READ FULL TEXT