Privacy Leakage in Discrete Time Updating Systems

TL;DR

This paper investigates the balance between information privacy and timeliness in discrete-time update systems, analyzing how different server policies affect the age of information and leakage to adversaries.

Contribution

It introduces and compares three server policies for minimizing information leakage while maintaining timely updates in Bernoulli-generated sources.

Findings

DAD policy achieves lower age at the same leakage rate

Trade-off between age and leakage depends on server policy

Discrete age-leakage operating points are limited for DAD

Abstract

A source generates time-stamped update packets that are sent to a server and then forwarded to a monitor. This occurs in the presence of an adversary that can infer information about the source by observing the output process of the server. The server wishes to release updates in a timely way to the monitor but also wishes to minimize the information leaked to the adversary. We analyze the trade-off between the age of information (AoI) and the maximal leakage for systems in which the source generates updates as a Bernoulli process. For a time slotted system in which sending an update requires one slot, we consider three server policies: (1) Memoryless with Bernoulli Thinning (MBT): arriving updates are queued with some probability and head-of-line update is released after a geometric holding time; (2) Deterministic Accumulate-and-Dump (DAD): the most recently generated update (if any) is released after a fixed time; (3) Random Accumulate-and-Dump (RAD): the most recently generated update (if any) is released after a geometric waiting time. We show that for the same maximal leakage rate, the DAD policy achieves lower age compared to the other two policies but is restricted to discrete age-leakage operating points.