Post on 12-Jan-2016
description
Privacy Framework for RDF Data Mining
Master’s Thesis Project ProposalBy: Yotam Aron
OverviewMotivation and GoalBackgroundProposed Solution and DesignExampleConclusion
MotivationData mining continues to become
more widespread.◦Useful for research, public policy,
etc.Want to maintain privacy of
participants in the database.Little work has been done for
privacy for semantic web data.
Previous WorkAnonymizationK-Anonimity1
Differential Privacy systems: PINQ2, AIRAVAT3.
Drawbacks:◦Do not apply to semantic web data.◦Do not support SPARQL.
GoalDevelop a system to protect
dataset participants’ personal data in SPARQL.
Integrates well with existing SPARQL endpoints.
Relatively easy for the user and the administrator to use.
BackgroundRule-based Privacy Policies in AIRDifferential Privacy
Rule-based Privacy Policies in AIR4
Rules define patterns in a SPARQL query.
If pattern is matched, rule infers compliance or non-compliance of incoming SPARQL query.
AIR Example5
air:if {:W s:TriplePattern :T . :T log:includes { :X type:F :V }.
}; air:then [ air:description (“type:F was selected in " q:QUERY) ; air:assert { q:QUERY air:non-compliant-with q:Policy4 . } ] .
SELECT ?s WHERE {?s type:F ?p}
AIR Policy (extract)
Query
AIR will show that the query is non-compliant with Policy4.
Differential Privacy OverviewMinimize probability of privacy
breach.Maximize statistical accuracy.Definition requires that given two
similar datasets, a function query on those two datasets give similar results with high probability.
Makes no assumptions on the underlying dataset.
Differential PrivacyDefinition: We say a randomized
computation M provides ɛ-differential privacy if for any two data sets A and B, and any set of possible outputs S ⊆ Range(M),
Pr[M(A) ∈ S] ≤ Pr[M(B) ∈ S] × exp( ɛ × |A ⊕ B|).
Differential Privacy in PracticeEach user is given an ɛ value that
cannot be exceeded.Each query qi has some noise value ɛi . In
total, the user’s queries must satisfy the property
Noise (usually Laplace), which depends on the aggregate function, is added with variance
Limitations of Differential PrivacyOnly statistical data protected.High variance in data yields poor
query results.Theory not always perfect in
practice.◦Assume no collusion among users.◦Covert channel attacks.6
◦What value of ɛ to choose?
Example, No DPName Salary
Alice 31,000
Bob 47,000
Charlie 20,000
David 21,000
SELECT COUNT(Name) WHERE (Age < 25)
2
Example, No DPName Salary
Alice 31,000
Bob 47,000
Charlie 20,000
SELECT COUNT(Name) WHERE (Age < 25)
1 Big difference in answers!!
Example, With DPName Salary
Alice 31,000
Bob 47,000
Charlie 20,000
David 21,000
SELECT COUNT(Name) WHERE (Age < 25)
2 + noise = ~2 (with high probability)
Example, With DPName Salary
Alice 31,000
Bob 47,000
Charlie 20,000
SELECT COUNT(Name) WHERE (Age < 25)
1+ noise = ~2 (with high probability)
With high probability, records are indistinguishable!
Practical Consequences of DPAn individual’s inclusion in the
dataset is not likely a privacy risk.
The answers to the queries can still be useful.
Achieving Differential Privacy in RDFCurrent techniques for
differential privacy are developed for relational databases.
As a first approximation, reduce triple-store to a relational database.
Improved mechanism as project progresses.
Example of RDF-RDBS Reduction:Person1 foaf:name “Alice”;
foaf:member :DIGfoaf:age “21”foaf:knows :Person2 :Person3.
:Person2 foaf:name “Bob”;foaf:member :DIG;foaf:knows :Person3.
:Person3 foaf:name “Charlie”;foaf:age “22”.
ID Foaf:name
Foaf:member
Foaf:knows
Foaf:age
Person1 “Alice” DIG [Person2,Person3
“21”
Person2 “Bob” DIG [Person3] None
Person3 “Charlie” None None “22”
Proposed SolutionSPARQL Privacy Insurance
Module (SPIM)Build layer between user and
endpoint.Integrate both AIR and
differential privacy.Integrate credential-checking
system.Modify existing differential
privacy framework for use with triple-stores.
ContributionsComplete privacy protection for
triplestores.Differential Privacy sensitivity for
SPARQL 1.1 aggregate functions including count, sum, avg, sum, min, and max.
System Overview
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• TAAC Will:• Verify user has
permission to access
• Send central module data about user
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• SPIM:• Controls order of
privacy operations.
• Interfaces with the SPARQL endpoint.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• AIR:• Reasoner that
uses rule-based policies to check queries for privacy hazards.
• Extracts information for differential privacy.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Policy Files:• Contain the
rules for AIR.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Differential Privacy Module:• Checks to see
for query limits (based off ɛ use.
• Applies noise to statistical data.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• User Data:• Contains user ɛ
data.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• SPIM:• Controls order of
privacy operations.
• Interfaces with the SPARQL endpoint.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Service Description:• Contains
information to be used for the addition of noise.
• Miscellaneous:• Interface to SPARQL
Endpoint• Transaction File• Improved Differential
Privacy Output• Service Description
Generator
• Potential Extensions:• Robustness against
attacks• Concurrency• Optimization for large
systems• Customizable UI• Accountability
Sample ScenarioTriplestore datamining in
biotechnological applications.Biofirm provides data about
hospitals in the US.Alice is a PhD student at MIT.Alice would like to query Biofirm’s
database for research purposes. She just got permissions yesterday and is logging in for the first time.
PreprocessingBiofirm installs SPIM, and runs
the service description generation code.◦May need to create the correct
interface.Makes sure the UI is accessible
online.
Sample Compliant QueryAlice would like to know the total
number of visits that Boston hospitals received.
SELECT (SUM(?s) as ?people) WHERE{?h a biofirm:Hospital.?h biofirm:visits ?s.?h biofirm:location geo:Boston.
}
Epsilon value: 1.0
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Alice enters query into the provided user interface.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• TAAC insures that biofirm has given Alice access to its triple-store.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Query request arrives at SPIM central module.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Policyrunner is called upon to check query for triple patterns that are in violation.
• No violations found. • Since this is Alice’s
first time, AIR extracts what type of permissions Alice has.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• SPIM creates a profile for Alice. • Gives her an ɛ
value (suppose it 2.0).
• Stores it in triple store.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• SPIM extracts which variables will yield statistical results and will have differential privacy applied.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Differential Privacy module assures that query’s results will not exceed given epsilon value.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• This is Alice’s first time, and her epsilon value is 2.0 and the epsilon for this query is 1.0. Everything looks good.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Query is sent to the endpoint.
• Results are received.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Differential privacy module adds noise to appropriate fields, and updates epsilon values.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• SPIM is ready to return the results.
SPIM Privacy Module
TAAC Credential Checking
AIR Rule Based Privacy
Differential Privacy Module
SPARQL Endpoint
User Interface
Policy Files
User Data
Service Descriptio
n
• Alice receives results.
SummarySystem will combine rule-based
privacy with differential privacy.Develop differential privacy
techniques for semantic web data.
Make privacy module client and administrator friendly.
References K-Anonimity: http://spdp.dti.unimi.it/papers/k-Anonymity.pdf PINQ: http://
research.microsoft.com/pubs/80218/sigmod115-mcsherry.pdf
AIRAVAT: http://www.cs.utexas.edu/~shmat/shmat_nsdi10.pdf
AIR: http://dig.csail.mit.edu/TAMI/2008/12/AIR/ AIR Policy Example: http://
dig.csail.mit.edu/2009/IARPA-PIR/usecase1/generic-policies.n3
Differential Privacy Under Fire: http://www.usenix.org/events/sec11/tech/full_papers/Haeberlen.pdf