research-article

Public Access

Differentially Private Bayesian Programming

Authors:

Gian Pietro Farina,

Marco Gaboardi,

Emilio Jesus Gallego Arias,

Pierre-Yves StrubAuthors Info & Claims

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Pages 68 - 79

https://doi.org/10.1145/2976749.2978371

Published: 24 October 2016 Publication History

Abstract

We present PrivInfer, an expressive framework for writing and verifying differentially private Bayesian machine learning algorithms. Programs in PrivInfer are written in a rich functional probabilistic programming language with constructs for performing Bayesian inference. Then, differential privacy of programs is established using a relational refinement type system, in which refinements on probability types are indexed by a metric on distributions. Our framework leverages recent developments in Bayesian inference, probabilistic programming languages, and in relational refinement types. We demonstrate the expressiveness of PrivInfer by verifying privacy for several examples of private Bayesian inference.

References

[1]

R. Adams and B. Jacobs. A type theory for probabilistic and bayesian reasoning. CoRR, abs/1511.09230, 2015.

[2]

G. Barthe and F. Olmedo. Beyond differential privacy: Composition theorems and relational logic for f-divergences between probabilistic programs. In ICALP, 2013.

Digital Library

[3]

G. Barthe, B. Kopf, F. Olmedo, and S. Zanella-Beguelin. Probabilistic Relational Reasoning for Differential Privacy. In POPL, 2012.

Digital Library

[4]

G. Barthe, G. Danezis, B. Gregoire, C. Kunz, and S. Zanella Beguelin. Veri ed computational di erential privacy with applications to smart metering. In CSF, 2013.

Digital Library

[5]

G. Barthe, M. Gaboardi, E. J. Gallego Arias, J. Hsu, C. Kunz, and P.-Y. Strub. Proving differential privacy in Hoare logic. In CSF, 2014.

Digital Library

[6]

G. Barthe, M. Gaboardi, E. J. G. Arias, J. Hsu, A. Roth, and P. Strub. Higher-order approximate relational refinement types for mechanism design and differential privacy. In POPL, 2015.

Digital Library

[7]

G. Barthe, M. Gaboardi, B. Gregoire, J. Hsu, and P.-Y. Strub. Proving differential privacy via probabilistic couplings. In LICS, 2016.

Digital Library

[8]

G. Barthe, M. Gaboardi, J. Hsu, and B. Pierce. Programming language techniques for differential privacy. ACM SIGLOG News, 2016.

Digital Library

[9]

C. M. Bishop. Pattern Recognition and Machine Learning (Information Science and Statistics). 2006. ISBN 0387310738.

Digital Library

[10]

A. Blum, C. Dwork, F. McSherry, and K. Nissim. Practical privacy: The SuLQ framework. In PODS, 2005.

Digital Library

[11]

J. Borgstrom, U. D. Lago, A. D. Gordon, and M. Szymczak. A lambda-calculus foundation for universal probabilistic programming. In ICFP, 2016.

Digital Library

[12]

K. Chaudhuri, C. Monteleoni, and A. D. Sarwate. Differentially private empirical risk minimization. 2011.

[13]

I. Csiszar and P. Shields. Information theory and statistics: A tutorial. Foundations and Trends in Communications and Information Theory, 2004.

Digital Library

[14]

D. K. Dey and L. R. Birmiwal. Robust Bayesian analysis using divergence measures. Statistics & Probability Letters, 1994.

[15]

C. Dimitrakakis, B. Nelson, A. Mitrokotsa, and B. I. P. Rubinstein. Robust and Private Bayesian Inference. In ALT, 2014.

[16]

C. Dwork and A. Roth. The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science, 2014.

Digital Library

[17]

C. Dwork, F. McSherry, K. Nissim, and A. Smith. Calibrating noise to sensitivity in private data analysis. In TCC, 2006.

Digital Library

[18]

C. Dwork, G. N. Rothblum, and S. P. Vadhan. Boosting and differential privacy. In FOCS, 2010.

Digital Library

[19]

H. Ebadi, D. Sands, and G. Schneider. Differential privacy: Now it's getting personal. POPL, 2015.

Digital Library

[20]

F. Eigner and M. Ma ei. Differential privacy by typing in security protocols. In CSF, 2013.

Digital Library

[21]

M. Gaboardi, A. Haeberlen, J. Hsu, A. Narayan, and B. C. Pierce. Linear dependent types for differential privacy. In POPL, 2013.

Digital Library

[22]

N. D. Goodman, V. K. Mansinghka, D. M. Roy, K. Bonawitz, and J. B. Tenenbaum. Church: a language for generative models. In UAI, 2008.

Digital Library

[23]

A. D. Gordon, M. Aizatulin, J. Borgstrom, G. Claret, T. Graepel, A. V. Nori, S. K. Rajamani, and C. V. Russo. A model-learner pattern for bayesian reasoning. In POPL, 2013.

Digital Library

[24]

A. D. Gordon, T. Graepel, N. Rolland, C. V. Russo, J. Borgstrom, and J. Guiver. Tabular: a schema-driven probabilistic programming language. In POPL, 2014.

Digital Library

[25]

M. Hardt, K. Ligett, and F. McSherry. A simple and practical algorithm for differentially private data release. In NIPS, 2012.

Digital Library

[26]

M. Hicks, G. M. Bierman, N. Guts, D. Leijen, and N. Swamy. Polymonadic programming. In MSFP, 2014.

[27]

S. Katsumata. Parametric effect monads and semantics of effect systems. In POPL, 2014.

Digital Library

[28]

D. J. Lunn, A. Thomas, N. Best, and D. Spiegelhalter. WinBUGS - A bayesian modelling framework: Concepts, structure, and extensibility. Statistics and Computing, 2000.

Digital Library

[29]

F. McSherry. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In International Conference on Management of Data, 2009.

Digital Library

[30]

F. McSherry and K. Talwar. Mechanism design via differential privacy. In FOCS, 2007.

Digital Library

[31]

T. Minka, J. Winn, J. Guiver, and D. Knowles. Infer.NET 2.5, 2012. URL http://research.microsoft.com/infernet. MSR.

[32]

A. Pfeffer. IBAL: A Probabilistic Rational Programming Language. In IJCAI, 2001.

Digital Library

[33]

J. Reed and B. C. Pierce. Distance Makes the Types Grow Stronger: A Calculus for Differential Privacy. In ICFP, 2010.

Digital Library

[34]

T. Sato. Approximate Relational Hoare Logic for Continuous Random Samplings. CoRR, abs/1603.01445.

[35]

S. Staton, H. Yang, C. Heunen, O. Kammar, and F. Wood. Semantics for probabilistic programming: higher-order functions, continuous distributions, and soft constraints. In LICS, 2016.

Digital Library

[36]

D. Tolpin, J. van de Meent, and F. Wood. Probabilistic Programming in Anglican. In ECML PKDD, 2015.

[37]

N. Toronto, J. McCarthy, and D. V. Horn. Running Probabilistic Programs Backwards. In ESOP, 2015.

[38]

O. Williams and F. McSherry. Probabilistic Inference and Differential Privacy. In NIPS, 2010.

Digital Library

[39]

J. Zhang, G. Cormode, C. M. Procopiuc, D. Srivastava, and X. Xiao. PrivBayes: Private data release via bayesian networks. In SIGMOD, 2014.

Digital Library

[40]

Z. Zhang, B. I. P. Rubinstein, and C. Dimitrakakis. On the Differential Privacy of Bayesian Inference. In AAAI, 2016.

[41]

S. Zheng. The differential privacy of Bayesian inference, 2015. URL http://nrs.harvard.edu/urn-3: HUL.InstRepos:14398533. Bachelor's thesis, Harvard College.

Cited By

Lobo-Vesga ERusso AGaboardi MCortiñas C(2024)Sensitivity by ParametricityProceedings of the ACM on Programming Languages10.1145/36897268:OOPSLA2(415-441)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689726
Oakley LHoltzen SOprea A(2024)Synthesizing Tight Privacy and Accuracy Bounds via Weighted Model Counting2024 IEEE 37th Computer Security Foundations Symposium (CSF)10.1109/CSF61375.2024.00048(449-463)Online publication date: 8-Jul-2024
https://doi.org/10.1109/CSF61375.2024.00048
Wu HCui ADeng Y(2024)An Assertion-Based Logic for Local Reasoning about Probabilistic ProgramsDependable Software Engineering. Theories, Tools, and Applications10.1007/978-981-96-0602-3_2(25-45)Online publication date: 25-Nov-2024
https://doi.org/10.1007/978-981-96-0602-3_2
Show More Cited By

Index Terms

Differentially Private Bayesian Programming

Recommendations

Sound probabilistic inference via guide types
PLDI 2021: Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation

Probabilistic programming languages aim to describe and automate Bayesian modeling and inference. Modern languages support programmable inference, which allows users to customize inference algorithms by incorporating guide programs to improve inference ...
Functional programming for modular Bayesian inference

We present an architectural design of a library for Bayesian modelling and inference in modern functional programming languages. The novel aspect of our approach are modular implementations of existing state-of-the-art inference algorithms. Our design ...
Differentially private network data release via structural inference
KDD '14: Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining

Information networks, such as social media and email networks, often contain sensitive information. Releasing such network data could seriously jeopardize individual privacy. Therefore, we need to sanitize network data before the release. In this paper, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

October 2016

1924 pages

ISBN:9781450341394

DOI:10.1145/2976749

General Chairs:
Edgar Weippl
SBA Research, Austria
,
Stefan Katzenbeisser
TU Darmstadt, CYSEC, Germany
,
Program Chairs:
Christopher Kruegel
University of California, Santa Barbara, USA
,
Andrew Myers
Cornell University, USA
,
Shai Halevi
IBM Research, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

CCS'16

Sponsor:

SIGSAC

CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security

October 24 - 28, 2016

Vienna, Austria

Acceptance Rates

CCS '16 Paper Acceptance Rate 137 of 831 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

24
Total Citations
View Citations
1,266
Total Downloads

Downloads (Last 12 months)79
Downloads (Last 6 weeks)13

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Lobo-Vesga ERusso AGaboardi MCortiñas C(2024)Sensitivity by ParametricityProceedings of the ACM on Programming Languages10.1145/36897268:OOPSLA2(415-441)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689726
Oakley LHoltzen SOprea A(2024)Synthesizing Tight Privacy and Accuracy Bounds via Weighted Model Counting2024 IEEE 37th Computer Security Foundations Symposium (CSF)10.1109/CSF61375.2024.00048(449-463)Online publication date: 8-Jul-2024
https://doi.org/10.1109/CSF61375.2024.00048
Wu HCui ADeng Y(2024)An Assertion-Based Logic for Local Reasoning about Probabilistic ProgramsDependable Software Engineering. Theories, Tools, and Applications10.1007/978-981-96-0602-3_2(25-45)Online publication date: 25-Nov-2024
https://doi.org/10.1007/978-981-96-0602-3_2
Liu DWang BFu CZhang L(2023)Model checking differentially private propertiesTheoretical Computer Science10.1016/j.tcs.2022.10.002943(153-170)Online publication date: Jan-2023
https://doi.org/10.1016/j.tcs.2022.10.002
wunder jAmorim ABaillot PGaboardi M(2023)Bunched Fuzz: Sensitivity for Vector MetricsProgramming Languages and Systems10.1007/978-3-031-30044-8_17(451-478)Online publication date: 22-Apr-2023
https://dl.acm.org/doi/10.1007/978-3-031-30044-8_17
Gondara LWang KSilva Carvalho RSelcuk Candan KLiu HAkoglu LLuna Dong XTang J(2022)Differentially Private Ensemble Classifiers for Data StreamsProceedings of the Fifteenth ACM International Conference on Web Search and Data Mining10.1145/3488560.3498498(325-333)Online publication date: 11-Feb-2022
https://dl.acm.org/doi/10.1145/3488560.3498498
Lobo-Vesga ERusso AGaboardi M(2021)A Programming Language for Data Privacy with Accuracy EstimationsACM Transactions on Programming Languages and Systems10.1145/345209643:2(1-42)Online publication date: 8-Jun-2021
https://dl.acm.org/doi/10.1145/3452096
Chowdhury ARekatsinas TJha SDaumé HSingh A(2020)Data-dependent differentially private parameter learning for directed graphical modelsProceedings of the 37th International Conference on Machine Learning10.5555/3524938.3525119(1939-1951)Online publication date: 13-Jul-2020
https://dl.acm.org/doi/10.5555/3524938.3525119
Zhang DMcKenna RKotsogiannis IBissias GHay MMachanavajjhala AMiklau G(2020)ϵKTELOACM Transactions on Database Systems10.1145/336203245:1(1-44)Online publication date: 8-Feb-2020
https://dl.acm.org/doi/10.1145/3362032
Lobo-Vesga ERusso AGaboardi M(2020)A Programming Framework for Differential Privacy with Accuracy Concentration Bounds2020 IEEE Symposium on Security and Privacy (SP)10.1109/SP40000.2020.00086(411-428)Online publication date: May-2020
https://doi.org/10.1109/SP40000.2020.00086
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten