Distributed Transition System with Tags and Value-wise Metric, for Privacy Analysis

TL;DR

This paper presents a logical framework called DLTTS for modeling how private information can be progressively inferred through queries, and introduces value-wise metrics for databases that can aid privacy protection.

Contribution

It introduces DLTTS, a novel probabilistic modeling framework, and defines value-wise metrics and adjacency notions for databases to enhance privacy analysis.

Findings

DLTTS effectively models information leakage through queries.

Value-wise metrics enable quantification of database privacy.

New adjacency concepts support differential privacy mechanisms.

Abstract

We introduce a logical framework named Distributed Labeled Tagged Transition System (DLTTS), using concepts from Probabilistic Automata, Probabilistic Concurrent Systems, and Probabilistic labelled transition systems. We show that DLTTS can be used to formally model how a given piece of private information P (e.g., a set of tuples) stored in a given database D can get captured progressively by an adversary A repeatedly querying D, enhancing the knowledge acquired from the answers to these queries with relational deductions using certain additional non-private data. The database D is assumed protected with generalization mechanisms. We also show that, on a large class of databases, metrics can be defined 'value-wise', and more general notions of adjacency between data bases can be defined, based on these metrics. These notions can also play a role in differentially private protection mechanisms.