research-article

Residual Sensitivity for Differentially Private Multi-Way Joins

Authors:

Ke YiAuthors Info & Claims

SIGMOD '21: Proceedings of the 2021 International Conference on Management of Data

Pages 432 - 444

https://doi.org/10.1145/3448016.3452813

Published: 18 June 2021 Publication History

Abstract

A general-purpose query engine that supports a large class of SQLs under differential privacy is the holy grail in privacy-preserving query release. The join operator presents a major difficulty towards realizing this goal, since a single tuple may affect a large number of query results, and the problem worsens as more relations are involved in the join. The traditional approach of global sensitivity fails to work as it assumes pessimistically that every pair of tuples from two different relations may join. To address the issue, instance-dependent sensitivity measures have been proposed, but so far none has met the following three desiderata for it to be truly practical: (1) the released answer should have low noise levels (i.e., high utility); (2) it can be computed efficiently; and (3) the method can be easily integrated into an existing relational database. This paper presents the first differentially private mechanism for multi-way joins that satisfies all three desiderata while supporting any number of private relations, moving us one step closer to a full-featured query engine for private relational data.

Supplementary Material

MP4 File (3448016.3452813.mp4)

A general-purpose query engine that supports a large class of SQLs under differential privacy is the holy grail in privacy-preserving query release. The join operator presents a major difficulty towards realizing this goal, since a single tuple may affect a large number of query results, and the problem worsens as more relations are involved in the join. The traditional approach of global sensitivity fails to work as it assumes pessimistically that every pair of tuples from two different relations may join. To address the issue, instance-dependent sensitivity measures have been proposed, but so far none has met the following three desiderata for it to be truly practical: (1) the released answer should have low noise levels (i.e., high utility); (2) it can be computed efficiently; and (3) the method can be easily integrated into an existing relational database. This paper presents the first differentially private mechanism for multi-way joins that satisfies all three desiderata while supporting any number of private relations, moving us one step closer to a full-featured query engine for private relational data.

Download
157.47 MB

References

[1]

Serge Abiteboul, Richard Hull, and Victor Vianu. 1995. Foundations of databases . Vol. 8. Addison-Wesley Reading.

Digital Library

[2]

Myrto Arapinis, Diego Figueira, and Marco Gaboardi. 2016. Sensitivity of Counting Queries. In International Colloquium on Automata, Languages, and Programming (ICALP) .

[3]

Boaz Barak, Kamalika Chaudhuri, Cynthia Dwork, Satyen Kale, Frank McSherry, and Kunal Talwar. 2007. Privacy, accuracy, and consistency too: a holistic solution to contingency table release. In Proceedings of the twenty-sixth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems . 273--282.

Digital Library

[4]

Jeremiah Blocki, Avrim Blum, Anupam Datta, and Or Sheffet. 2013. Differentially private data analysis of social networks via restricted sensitivity. In Proceedings of the 4th conference on Innovations in Theoretical Computer Science. 87--96.

Digital Library

[5]

Shixi Chen and Shuigeng Zhou. 2013. Recursive mechanism: towards node differential privacy and unrestricted joins. In Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data . 653--664.

Digital Library

[6]

Wei-Yen Day, Ninghui Li, and Min Lyu. 2016. Publishing graph degree distribution with node differential privacy. In Proceedings of the 2016 International Conference on Management of Data. 123--138.

Digital Library

[7]

Xiaofeng Ding, Xiaodong Zhang, Zhifeng Bao, and Hai Jin. 2018. Privacy-preserving triangle counting in large graphs. In Proceedings of the 27th ACM International Conference on Information and Knowledge Management . 1283--1292.

Digital Library

[8]

Wei Dong and Ke Yi. 2021. Residual Sensitivity for Deferentially Private Multi-Way Joins . Technical Report. http://www.cse.ust.hk/ yike/ResidualSensitivity-full.pdf

[9]

Cynthia Dwork and Jing Lei. 2009. Differential privacy and robust statistics. In Proceedings of the forty-first annual ACM symposium on Theory of computing. 371--380.

Digital Library

[10]

Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. Calibrating noise to sensitivity in private data analysis. In Theory of cryptography conference . Springer, 265--284.

[11]

Cynthia Dwork and Aaron Roth. 2014. The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science, Vol. 9, 3--4 (2014), 211--407.

[12]

Moritz Hardt, Katrina Ligett, and Frank McSherry. 2012. A simple and practical algorithm for differentially private data release. In Advances in Neural Information Processing Systems. 2339--2347.

[13]

Manas R Joglekar, Rohan Puttagunta, and Christopher Ré. 2016. Ajar: Aggregations and joins over annotated relations. In Proceedings of the 35th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems . 91--106.

Digital Library

[14]

Noah Johnson, Joseph P Near, and Dawn Song. 2018. Towards practical differential privacy for SQL queries. Proceedings of the VLDB Endowment, Vol. 11, 5 (2018), 526--539.

Digital Library

[15]

Vishesh Karwa, Sofya Raskhodnikova, Adam Smith, and Grigory Yaroslavtsev. 2011. Private analysis of graph structure. Proceedings of the VLDB Endowment, Vol. 4, 11 (2011), 1146--1157.

Digital Library

[16]

Shiva Prasad Kasiviswanathan, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. 2013. Analyzing graphs with node differential privacy. In Theory of Cryptography Conference. Springer, 457--476.

Digital Library

[17]

Daniel Kifer and Ashwin Machanavajjhala. 2011. No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of data. 193--204.

Digital Library

[18]

Ios Kotsogiannis, Yuchao Tao, Xi He, Maryam Fanaeepour, Ashwin Machanavajjhala, Michael Hay, and Gerome Miklau. 2019. PrivateSQL: a differentially private SQL query engine. Proceedings of the VLDB Endowment, Vol. 12, 11 (2019), 1371--1384.

Digital Library

[19]

Jure Leskovec and Andrej Krevl. 2016. SNAP datasets: Stanford large network dataset collection (2014). URL http://snap. stanford. edu/data (2016), 49.

[20]

Frank D McSherry. 2009. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data. 19--30.

Digital Library

[21]

Arjun Narayan and Andreas Haeberlen. 2012. DJoin: Differentially private join queries over distributed databases. In Presented as part of the 10th $$USENIX$$ Symposium on Operating Systems Design and Implementation ($$OSDI$$ 12). 149--162.

[22]

Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. 2007. Smooth sensitivity and sampling in private data analysis. In Proceedings of the thirty-ninth annual ACM symposium on Theory of computing. 75--84.

Digital Library

[23]

Catuscia Palamidessi and Marco Stronati. 2012. Differential Privacy for Relational Algebra: Improving the Sensitivity Bounds via Constraint Systems. In QAPL .

[24]

Davide Proserpio, Sharon Goldberg, and Frank McSherry. 2014. Calibrating Data to Sensitivity in Private Data Analysis. Proceedings of the VLDB Endowment, Vol. 7, 8 (2014).

Digital Library

[25]

Wahbeh Qardaji, Weining Yang, and Ninghui Li. [n.d.]. Practical differentially private release of marginal contingency tables. In Proceedings of the 2014 ACM SIGMOD international conference on Management of Data . 1435--1446.

[26]

Wahbeh Qardaji, Weining Yang, and Ninghui Li. 2013. Understanding hierarchical methods for differentially private histograms. Proceedings of the VLDB Endowment, Vol. 6, 14 (2013), 1954--1965.

Digital Library

[27]

Vibhor Rastogi, Michael Hay, Gerome Miklau, and Dan Suciu. 2009. Relationship privacy: output perturbation for queries with joins. In Proceedings of the twenty-eighth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems. 107--116.

Digital Library

[28]

Yuchao Tao, Xi He, Ashwin Machanavajjhala, and Sudeepa Roy. 2020. Computing Local Sensitivities of Counting Queries with Joins. In Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data. 479--494.

Digital Library

[29]

Xiaokui Xiao, Guozhang Wang, and Johannes Gehrke. 2010. Differential privacy via wavelet transforms. IEEE Transactions on knowledge and data engineering, Vol. 23, 8 (2010), 1200--1214.

Digital Library

[30]

Jun Zhang, Graham Cormode, Cecilia M Procopiuc, Divesh Srivastava, and Xiaokui Xiao. 2015. Private release of graph statistics using ladder functions. In Proceedings of the 2015 ACM SIGMOD international conference on management of data. 731--745.

Digital Library

[31]

Xiaojian Zhang, Rui Chen, Jianliang Xu, Xiaofeng Meng, and Yingtao Xie. 2014. Towards accurate histogram publication under differential privacy. In Proceedings of the 2014 SIAM international conference on data mining. SIAM, 587--595.

Cited By

Li HDi SLi CChen LZhou X(2024)Fight Fire with Fire: Towards Robust Graph Neural Networks on Dynamic Graphs via Actively DefenseProceedings of the VLDB Endowment10.14778/3659437.365945717:8(2050-2063)Online publication date: 31-May-2024
https://dl.acm.org/doi/10.14778/3659437.3659457
Dong WChen ZLuo QShi EYi K(2024)Continual Observation of Joins under Differential PrivacyProceedings of the ACM on Management of Data10.1145/36549312:3(1-27)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654931
Zhao YDu JChen J(2024)Scenario-based Adaptations of Differential Privacy: A Technical SurveyACM Computing Surveys10.1145/365115356:8(1-39)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3651153
Show More Cited By

Index Terms

Residual Sensitivity for Differentially Private Multi-Way Joins

Recommendations

Faster joins, self-joins and multi-way joins using join indices
Differentially Private Data Release over Multiple Tables
PODS '23: Proceedings of the 42nd ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems

We study synthetic data release for answering multiple linear queries over a set of database tables in a differentially private way. Two special cases have been considered in the literature: how to release a synthetic dataset for answering multiple ...
Differentially private top-k query over MapReduce
CloudDB '12: Proceedings of the fourth international workshop on Cloud data management

Discovering that Map-Reduce framework is a popular way to deal with a large scale of data, but there is a significant risk to leak out users' personal information, especially when the data is sensitive, for example, including users' health records, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGMOD '21: Proceedings of the 2021 International Conference on Management of Data

June 2021

2969 pages

ISBN:9781450383431

DOI:10.1145/3448016

General Chairs:
Guoliang Li
Tsinghua University (China)
,
Zhanhuai Li
Northwestern Polytechnical University (China)
,
Program Chairs:
Stratos Idreos
Harvard University (USA)
,
Divesh Srivastava
AT&T (USA)

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOD: ACM Special Interest Group on Management of Data

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 June 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

HKRGC

Conference

SIGMOD/PODS '21

Sponsor:

SIGMOD

SIGMOD/PODS '21: International Conference on Management of Data

June 20 - 25, 2021

Virtual Event, China

Acceptance Rates

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
323
Total Downloads

Downloads (Last 12 months)34
Downloads (Last 6 weeks)2

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li HDi SLi CChen LZhou X(2024)Fight Fire with Fire: Towards Robust Graph Neural Networks on Dynamic Graphs via Actively DefenseProceedings of the VLDB Endowment10.14778/3659437.365945717:8(2050-2063)Online publication date: 31-May-2024
https://dl.acm.org/doi/10.14778/3659437.3659457
Dong WChen ZLuo QShi EYi K(2024)Continual Observation of Joins under Differential PrivacyProceedings of the ACM on Management of Data10.1145/36549312:3(1-27)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654931
Zhao YDu JChen J(2024)Scenario-based Adaptations of Differential Privacy: A Technical SurveyACM Computing Surveys10.1145/365115356:8(1-39)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3651153
Liu SCao YMurakami TLiu JYoshikawa M(2024)CARGO: Crypto-Assisted Differentially Private Triangle Counting Without Trusted Servers2024 IEEE 40th International Conference on Data Engineering (ICDE)10.1109/ICDE60146.2024.00136(1671-1684)Online publication date: 13-May-2024
https://doi.org/10.1109/ICDE60146.2024.00136
Sun DDong WYi K(2023)Confidence Intervals for Private Query ProcessingProceedings of the VLDB Endowment10.14778/3632093.363210217:3(373-385)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.14778/3632093.3632102
Dong WYi K(2023)Query Evaluation under Differential PrivacyACM SIGMOD Record10.1145/3631504.363150652:3(6-17)Online publication date: 2-Nov-2023
https://dl.acm.org/doi/10.1145/3631504.3631506
Zhang SHe X(2023)DProvDB: Differentially Private Query Processing with Multi-Analyst ProvenanceProceedings of the ACM on Management of Data10.1145/36267611:4(1-27)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3626761
Fu CLi HLou JLi HCui J(2023)DP-starJ: A Differential Private Scheme towards Analytical Star-Join QueriesProceedings of the ACM on Management of Data10.1145/36267251:4(1-24)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3626725
Luo QWang YYi KWang SLi F(2023)Secure Sampling for Approximate Multi-party Query ProcessingProceedings of the ACM on Management of Data10.1145/36173391:3(1-27)Online publication date: 13-Nov-2023
https://dl.acm.org/doi/10.1145/3617339
Dong WFang JYi KTao YMachanavajjhala A(2023)R2T: Instance-optimal Truncation for Differentially Private Query Evaluation with Foreign KeysACM SIGMOD Record10.1145/3604437.360446252:1(115-123)Online publication date: 8-Jun-2023
https://dl.acm.org/doi/10.1145/3604437.3604462
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents