Practical Privacy: The SuLQ Framework

  • Avrim Blum ,
  • Cynthia Dwork ,
  • Frank McSherry ,
  • Kobbi Nissim

24th ACM SIGMOD International Conference on Management of Data / Principles of Database Systems, Baltimore (PODS 2005) |

We consider a statistical database in which a trusted administrator introduces noise to the query responses with the goal of maintaining privacy of individual database entries. In such a database, a query consists of a pair (S, f) where S is a set of rows in the database and f is a function mapping database rows to {0, 1}. The true response is r∈S f(DBr), a noisy version of which is released. Results of Dinur, Dwork, and Nissim show that a strong form of privacy can be maintained using a surprisingly small amount of noise – much less than the sampling error – provided the total number of queries is sublinear in the number of database rows. We call this query and (slightly) noisy reply the SuLQ (Sub-Linear Queries) primitive. The assumption of sublinearity becomes reasonable as databases grow increasingly large. We extend this work in two ways. First, we modify the privacy analysis to real-valued functions f. Second, we examine the computational power of the SuLQ primitive. We show that it is very powerful indeed, in that slightly noisy versons of the following computations can be carried out with very few invocations of the primitive: principal component analysis, k means clustering, the ID3 algorithm, the perceptron algorithm, and (apparently!) all algorithms in the statistical queries learning model.