Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.820802
Title: Addressing syntactic privacy for privacy-preserving data analysis and data release
Author: Ankele, Robin
ISNI:       0000 0004 9356 7873
Awarding Body: University of Oxford
Current Institution: University of Oxford
Date of Award: 2020
Availability of Full Text:
Access from EThOS:
Full text unavailable from EThOS. Please try the link below.
Access from Institution:
Abstract:
Existing approaches to tackle the challenges of privacy-preserving data analysis and data release are subject to vulnerabilities from certain attacks (which is the case for syntactic privacy models) or suffer in terms of efficiency, scalability or utility (which is the case for techniques based on secure multi-party computation). In addition, definitions of privacy (or any associated properties and notions) remain open to different interpretations among various stakeholders due to privacy’s multi-dimensional and multi-faceted nature. In such environments, individuals who are not necessarily privacy experts, such as software developers or system designers, may struggle to select an appropriate privacy model or mechanism to protect their systems. This dissertation presents simplifications, analyses, considerations and promotions in the context of privacy-preserving data analysis and data release to support utility, flexibility and privacy. As a first step, we facilitate understanding, application and analysis of syntactic privacy notions via abstraction to games. Via these games, we clarify understanding of, and relationships between, different privacy notions. Further, we give an unambiguous understanding of adversarial actions. We analyse previously defined privacy games with regards to their applicability and relationships to each other, and define policies to support predominantly non- experts to establish an overview and to select the ‘fitting’ privacy notion / game for their applications. In this context, we utilise our game-based definitions to analyse and reason about privacy properties in a content-based clustering recommendation system as well as a collaborative-filtering based classification recommender system. The second part is focused on the application to practice. Important in this context is the specification of requirements, which we derive from an analysis of multiple real world applications. Our use cases are predominately placed in distributed multi-party settings, where data remains split between mutually distrustful parties. Given these real world constraints, we adapt and investigate a novel approach (based on trusted computing techniques) that remains resilient to many implementation-specific vulnerabilities, and increases efficiency and scalability. Our investigation comprises an advanced threat analysis covering high-level privacy model attacks to low-level side-channel vulnerabilities; furthermore, we present benchmarking results illustrating the superiority in performance of our approach compared to existing solutions. Overall, we aim to foster understanding of privacy and applicability in data analysis and data release applications.
Supervisor: Simpson, Andrew Sponsor: Intel Corporation
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.820802  DOI: Not available
Keywords: Information Security ; Privacy
Share: