Privacy-Aware Computing

advertisement
Privacy-Aware Computing
Introduction
Outline
 Brief introduction
 Motivating applications
 Major research issues




Tentative schedule
Reading assignments
Project
Grading
Parties concerning privacy
 Individual privacy






Customer data
Public data: census data, voting record
Health record
locations
Online activities
…
 Organization privacy




Owning collections of personal data
Business secrets
Legal issues prevent data sharing
…
Cases of privacy aware
computing
 Public use of private data
 Data mining enables knowledge discovery on large
populations, but people are reluctant to release
personal information due to the privacy concern
 The Centers for Disease Control want to identify
disease outbreaks by pooling multiple datasets
that contain patient information
 Insurance companies have data on disease
incidents, and patient background, etc.. Personal
medical records help them maximize profits – but
customers will not be happy with that.
More Examples
 Industry Collaborations / Trade Groups.
 An industry trade group may want to identify best
practices to help members, but some practices are
trade secrets.
 How do we provide “commodity” results to all
(Manufacturing using chemical supplies from supplier X
have high failure rates), while still preserving secrets
(manufacturing process Y gives low failure rates)?
 Multinational corps
 Multinational corps may want to pool data from
different countries for analysis, but national
laws may prevent transborder data sharing
More examples
 Web search
 Search engine companies keep the
cookies and search history, which can be
used to derive personal information (AOL
dataset)
 Social networking
 When you use social networks, you leave a
trace of personal data and interactions
 Companies can use the data for Ads targeting
– there is a risk of privacy breach and personal
data abuse
More examples
 Mobile computing
 When you allow google latitude to trace your
locations, you loose location privacy
 Life style, clinic visits, political tendency, domestic
violence
 Cloud computing
 Users have to outsource data to the
cloud
 Data can be sensitive (personal
information, customer records, patient
info…)
Major research areas
 Micro data publishing
 Anonymize data for statistical analysis and
modeling
 Privacy preserving data mining
 Data outsourcing
 Cloud computing
 Outsource data to untrusted parties for using data
intensive services
 Databases
 Statistical databases
 Private information retrieval
Major areas
 Social networks
 Personal bio data, preferences, friends,
interactions
 How to design mechanisms for users to
conveniently control private data
 Mobile computing
 Location privacy
 Collaborative computing
 Collaborative data mining – share model but not
individual records
Major technical challenges
 Techniques
 Data perturbation
 Change data values while preserving global
information
 Data anonymization
 Make sure at least k records have the same
“virtual identifiers”, while preserving info
 Cryptographic techniques
 Secure multiparty computation
 Private information retrieval
 crypto-protocols for privacy preserving DM
 Privacy evaluation
 Tradeoff between privacy and data utility
Differences between Security
and privacy
 Privacy: decisions on what personal
information is released and who can
access it.
 Security makes sure these decisions
are respected
 Security is often a necessary method to
implement privacy
National security and privacy
 They are conflicting…
 Enhance national security
 Surveillance devices are everywhere
 US PATROIT Act 2001
 … the Act dramatically reduced restrictions
on law enforcement agencies' ability to
search telephone, e-mail communications,
medical, financial, and other records …
 Big Brother is watching you –
individuals have to sacrifice privacy
Tentative Schedule
 Data perturbation
 Data anonymization
 Privacy metrics and differential
privacy
 Privacy preserving data mining
 Private information retrieval
 Secure data outsourcing
 Privacy in online social networks
 Other privacy issues
Reading assignments
 One selected paper from the reading list for
most weeks ~10
 Submit reading summary
 Before Monday noon
 How to write reading summary?
 Five parts:




Title
Research problems
Major contributions
Strengths
 Weaknesses or missing points
 Length: a few paragraphs to one page
Paper presentation
 Choose one paper from the reading
list, or recent major conferences
 Finish in 15 minutes
 Maximum two students per class
 Signup sheet
 When: office hours: 3-4:30pm MW, first
two week
 Make sure you pick a slot asap
Course Project
 1~2 person per team
 Types
 Experimental study on existing techniques (from the
paper list)
 Propose new algorithms
 Apply the learned techniques to some applications
 Your research
 Note
 You are encouraged to propose your own project
 The goal is to help you better understand problems
and techniques and get some hands-on experience
Project Schedule
 Proposal
 About 2 pages
 Problem description and what you plan
to do
 By the end of January
 Final deliverables
 Report
 Code
Class discussion
 You are encouraged to ask questions
or present different opinions in the
class
 Many of the topics are active research
topics
 You have chances to generate
publishable ideas
Grading






Reading summaries – 35%
Paper presentation – 10%
Project proposal – 10%
Project final report – 15%
Code – 10%
Final exam – 20%
Communication
 Announcements by emails
 Other issues, keke.chen@wright.edu
 Office: Joshi 385
 Office hours: 3-4:30pm MW or by
appointment.
 Slides will be posted on
www.cs.wright.edu/keke.chen/privacy/
Download