TY - GEN
T1 - Private Multi-Group Aggregation
AU - Naim, Carolina
AU - D'Oliveira, Rafael G.L.
AU - El Rouayheb, Salim
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/7/12
Y1 - 2021/7/12
N2 - We study the differentially private multi-group aggregation (PMGA) problem. This setting involves a single server and n users. Each user belongs to one of k distinct groups and holds a discrete value representing his data. The goal is to design schemes that allow the server to find the aggregate (sum) of the values in each group (with high accuracy), under communication and local differential privacy constraints. The privacy constraint guarantees that the user's group remains private. This is motivated by applications where a user's group can reveal sensitive information, such as his religious and political beliefs, health condition, or race. We propose a novel scheme, dubbed Query and Aggregate (QA) for PMGA. The novelty of QA is that it is an interactive aggregation scheme. In QA, each user is assigned a random query matrix, to which he sends the server an answer based on his group and value. We characterize the QA scheme's performance in terms of accuracy (MSE), privacy, and communication. Private aggregation schemes for related settings in the literature are predominantly non-interactive and based on randomized response. We compare QA to the Randomized Group (RG) scheme, which adapts existing schemes to the PMGA setting. We observe that typically QA outperforms RG, in terms of utility vs. privacy, in the high privacy regime. Moreover, an attractive property of QA is that its communication cost per user does not depend on the number of groups.
AB - We study the differentially private multi-group aggregation (PMGA) problem. This setting involves a single server and n users. Each user belongs to one of k distinct groups and holds a discrete value representing his data. The goal is to design schemes that allow the server to find the aggregate (sum) of the values in each group (with high accuracy), under communication and local differential privacy constraints. The privacy constraint guarantees that the user's group remains private. This is motivated by applications where a user's group can reveal sensitive information, such as his religious and political beliefs, health condition, or race. We propose a novel scheme, dubbed Query and Aggregate (QA) for PMGA. The novelty of QA is that it is an interactive aggregation scheme. In QA, each user is assigned a random query matrix, to which he sends the server an answer based on his group and value. We characterize the QA scheme's performance in terms of accuracy (MSE), privacy, and communication. Private aggregation schemes for related settings in the literature are predominantly non-interactive and based on randomized response. We compare QA to the Randomized Group (RG) scheme, which adapts existing schemes to the PMGA setting. We observe that typically QA outperforms RG, in terms of utility vs. privacy, in the high privacy regime. Moreover, an attractive property of QA is that its communication cost per user does not depend on the number of groups.
UR - http://www.scopus.com/inward/record.url?scp=85115053494&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115053494&partnerID=8YFLogxK
U2 - 10.1109/ISIT45174.2021.9518142
DO - 10.1109/ISIT45174.2021.9518142
M3 - Conference contribution
AN - SCOPUS:85115053494
T3 - IEEE International Symposium on Information Theory - Proceedings
SP - 1391
EP - 1396
BT - 2021 IEEE International Symposium on Information Theory, ISIT 2021 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2021 IEEE International Symposium on Information Theory, ISIT 2021
Y2 - 12 July 2021 through 20 July 2021
ER -