Next Article in Journal
Password Similarity Using Probabilistic Data Structures
Previous Article in Journal
Investigating Anti-Evasion Malware Triggers Using Automated Sandbox Reconfiguration Techniques
Article

Refinement Orders for Quantitative Information Flow and Differential Privacy

1
Department of Informatics and Telecommunications, National and Kapodistrian University of Athens Campus, Ilisia, 15784 Athens, Greece
2
Department of Computing, Macquarie University, Ryde City 2109, Australia
3
Inria and Institut Polytechnique de Paris, 91120 Palaiseau, France
*
Author to whom correspondence should be addressed.
This paper is an extended version of our paper by Chatzikokolakis, K.; Fernandes, N.; Palamidessi, C. Comparing systems: max-case refinement orders and application to differential privacy. In Proceedings of the 32nd IEEE Computer Security Foundations Symposium, Hoboken, NJ, USA, 25–28 June 2019.
J. Cybersecur. Priv. 2021, 1(1), 40-77; https://doi.org/10.3390/jcp1010004
Received: 27 October 2020 / Revised: 1 December 2020 / Accepted: 7 December 2020 / Published: 12 December 2020
Quantitative Information Flow (QIF) and Differential Privacy (DP) are both concerned with the protection of sensitive information, but they are rather different approaches. In particular, QIF considers the expected probability of a successful attack, while DP (in both its standard and local versions) is a max-case measure, in the sense that it is compromised by the existence of a possible attack, regardless of its probability. Comparing systems is a fundamental task in these areas: one wishes to guarantee that replacing a system A by a system B is a safe operation that is the privacy of B is no worse than that of A. In QIF, a refinement order provides strong such guarantees, while, in DP, mechanisms are typically compared w.r.t. the privacy parameter ε in their definition. In this paper, we explore a variety of refinement orders, inspired by the one of QIF, providing precise guarantees for max-case leakage. We study simple structural ways of characterising them, the relation between them, efficient methods for verifying them and their lattice properties. Moreover, we apply these orders in the task of comparing DP mechanisms, raising the question of whether the order based on ε provides strong privacy guarantees. We show that, while it is often the case for mechanisms of the same “family” (geometric, randomised response, etc.), it rarely holds across different families. View Full-Text
Keywords: quantitative information flow; differential privacy; security refinement orderings quantitative information flow; differential privacy; security refinement orderings
Show Figures

Figure 1

MDPI and ACS Style

Chatzikokolakis, K.; Fernandes, N.; Palamidessi, C. Refinement Orders for Quantitative Information Flow and Differential Privacy. J. Cybersecur. Priv. 2021, 1, 40-77. https://doi.org/10.3390/jcp1010004

AMA Style

Chatzikokolakis K, Fernandes N, Palamidessi C. Refinement Orders for Quantitative Information Flow and Differential Privacy. Journal of Cybersecurity and Privacy. 2021; 1(1):40-77. https://doi.org/10.3390/jcp1010004

Chicago/Turabian Style

Chatzikokolakis, Konstantinos, Natasha Fernandes, and Catuscia Palamidessi. 2021. "Refinement Orders for Quantitative Information Flow and Differential Privacy" Journal of Cybersecurity and Privacy 1, no. 1: 40-77. https://doi.org/10.3390/jcp1010004

Find Other Styles

Article Access Map by Country/Region

1
Back to TopTop