JP6747438B2 - Information processing apparatus, information processing method, and program - Google Patents

Description

The present invention relates to information processing, and more particularly, to an information processing device, an information processing method, and a program that handle information about an individual (personal information, personal information, or privacy information).

In recent years, in various services, information about an individual (personal information, personal data, or privacy information) has been accumulated in an information processing device.

Examples of such privacy information include data (information) related to health care (health management). Here, the data relating to health management is, for example, health management data, medical history, or a receipt (medical treatment fee statement).

Alternatively, the privacy information may include position information regarding an individual or a device (for example, a terminal or a passenger car) owned by the individual. Here, the position information is, for example, a movement history or a usage history of a device such as a wireless access point whose position is specified.

Further, the information (attribute) that constitutes the receipt, which is privacy information, includes the year of birth, sex, injury/illness name, drug name, and the like. Therefore, for example, the receipt is configured as information (record) including data regarding the above attributes. Then, the information processing apparatus accumulates the privacy information (for example, a receipt) as a data set (collection) composed of records.

If the privacy information is published or used in a state where the content of the original information (original information) can be discriminated, there is a concern that privacy infringement for individuals related to the privacy information may occur. That is, from the viewpoint of privacy protection, it is not preferable to disclose or use the privacy information in a state where the content of the original information (original information) can be discriminated.

On the other hand, privacy information provides highly useful secondary usage if there is no concern of privacy infringement. Here, the secondary utilization (secondary utilization) means, for example, providing privacy information to a business operator (third party) different from the service business operator who generates or stores the privacy information, and It is to make the service of the person use the privacy information. Alternatively, the secondary utilization is to provide privacy information to a third party and request the third party to analyze the privacy information (outsourcing).

Secondary use of privacy information facilitates analysis or research of privacy information. Then, the analysis result or the research result based on the secondary utilization can be used for strengthening the service using the privacy information. In this way, the third party can enjoy the high benefit of the privacy information based on the secondary utilization.

For example, a pharmaceutical company is assumed as the third party as described above. A pharmaceutical company can analyze the co-occurrence relationship or correlation of drugs based on medical information. That is, the pharmaceutical company can know how the medicine is used by using the medical care information. Further, the pharmaceutical company can analyze the usage status of the drug.

However, a data set including privacy information (for example, medical care information) is difficult to be secondarily used as it is because of concern about privacy infringement. Therefore, the privacy information is provided to a third party after being subjected to privacy protection processing.

As a data providing method for realizing the provision of privacy information to a privacy-protected third party, there is "query response data publishing". Query response type data publishing is a data providing method that provides original data or data obtained by adding noise to aggregate data obtained by aggregating original data in response to a query from a user of the data. is there. That is, query response type data publishing is a data providing method that provides data that hides the details of the original data.

However, as an attacker of privacy information, there is a person who tries to invade privacy based on a change (eg, difference or ratio) of data in different states or times. Hereinafter, the privacy specified based on the change of the privacy information data in different states or times will be collectively referred to as “differential privacy (DP)”.

An information processing device that processes query response type data publishing hides minute changes in data by adding random noise that satisfies a predetermined property in order to guarantee protection of differential privacy (Non-Patent Document 1). And 2). For example, an information processing apparatus that processes such query response type data publishing has almost the same probability that an output is obtained regardless of the presence or absence of the privacy information of any one record, that is, any one individual. Guaranteed to not.

Here, the output in the above is, for example, an output (output value) in which noise is added to the original data or the aggregated data. Further, "the probability is almost unchanged" means a change (difference or ratio) between the generation probability of the output value when the above-mentioned arbitrary one record exists and the generation probability of the output value of the same value when there is no record. Is limited to a predetermined value or less (or within a predetermined range).

As a typical model that guarantees protection of differential privacy, there is ε-Differential Privacy. Here, ε in ε-differential privacy is a parameter that defines the upper bound of the absolute value of the above-described probability change. Then, the information processing device that processes the ε-differential privacy limits the inference ability of the user of the output data with respect to the original data or the aggregated data, based on the parameter (ε). Specifically, the information processing apparatus that processes ε-differential privacy uses Equation 1 shown below.

[Formula 1]

Expression 1 is an expression representing that the difference in the probability of the output (output value) is limited based on the differential privacy. In Expression 1, D and D′ represent databases. The database D is a database of privacy information. Further, the database D'is a database different in one record from the database D. The function q(•) is a function that represents a response to a query to the database. The function M(•) is a function corresponding to a mechanism for randomizing (randomizing) or disturbing the value of the response (q(•)). x is a value (data) output by the function M(•). The function Pr(•) represents the probability that the output value of the function M(•) will be “x”. The function exp(·) is an exponential function whose base is the base (e) of natural logarithm and whose argument is a power exponent. That is, in Equation 1, the ratio of the probability that the result of disturbing the query response to the database D is “x” and the probability that the result of disturbing the query response to the database D′ is “x” is exp( ε) Indicates that it is guaranteed that

FIG. 6 is a diagram illustrating an example of a general information processing apparatus that processes query response type data publishing using ε-differential privacy. As shown in FIG. 6, the data requester operates an inquiry device (not shown) to transmit a data query (inquiry (q)) to the information processing apparatus 90 that holds the data. Here, the inquiry (q) is data processing such as analysis or a request for such data processing. In addition, hereinafter, the “inquiry by the data requester operating the inquiring device” is simply referred to as “inquiry from the requester”.

As shown in FIG. 6, the information processing device 90 includes a personal data storage unit 91 that stores personal data, and a differential privacy processing unit 92.

The personal data storage unit 91 stores the personal data as a database (for example, the above “D” or “D′”).

The differential privacy processing unit 92 processes (randomizes or disturbs) the personal data so as to satisfy a predetermined differential privacy.

The information processing device 90 operates as follows using the above configuration.

The information processing device 90 extracts the personal data corresponding to the inquiry (q) from the database (D) of the personal data storage unit 91. Hereinafter, the extracted personal data will be referred to as “q(D)”.

Then, the differential privacy processing unit 92 processes (for example, randomizes or disturbs) the extracted personal data (q(D)) so as to satisfy predetermined differential privacy (for example, Expression 1 indicating ε-differential privacy). ) Do. The result of this processing is q ^* (D). q ^* (D) is secret information processed so that it is difficult for the client to guess the original data.

Then, the information processing device 90 transmits the data (q ^* (D)) processed into secret information that is difficult to guess to the requester.

FIG. 7 is a diagram for explaining query response type data publishing that does not guarantee differential privacy. That is, FIG. 7 corresponds to the operation of the information processing apparatus 90 that does not include the differential privacy processing unit 92.

As shown in FIG. 7, at some point, the personal data storage unit 91 stores annual income data of 5 persons (Ana, Bob, Cris, David, Elsa) as a database (D). In addition, at another certain point of time, the personal data storage unit 91 stores the database (D′) in which the data regarding Elsa has been deleted (transferred) from the state of the database (D). Then, it is assumed that the client requests the average annual income as an inquiry (q).

In response to this inquiry (q), as shown in FIG. 7, in the query response type data publishing that does not guarantee the differential privacy, the average annual income is $80,000 (q(D)) when Alice is the database (D) before transfer. = (80,000 dollars) data is output (published). In addition, query response type data publishing that does not guarantee differential privacy outputs data with an average annual income of 50,000 dollars (q(D')=50,000 dollars) when Alice is the database (D') after transfer ( Publish.

In this case, the client finds that the annual income of the transferee is 200,000 dollars (estimable) based on the difference between q(D) and q(D'). Therefore, when the client knows that the transferred person is Elsa, the client can estimate the annual income of Elsa.

FIG. 8 is a diagram for explaining query response type data publishing that guarantees differential privacy. That is, FIG. 8 corresponds to the operation of the information processing device 90. The disturbance (M) shown in FIG. 8 corresponds to the operation of the differential privacy processing unit 92. Further, in FIG. 8, the same variables as in FIG. 7 such as inquiry (q) indicate the same operation and function.

In FIG. 8, when the personal data storage unit 91 stores the database (D), the differential privacy processing unit 92 of the information processing device 90 disturbs the response (q(D)) (q ^* (D)). =62,050). Then, the information processing device 90 transmits the disturbed value (q ^* (D)=$62,050) to the client.

Similarly, when the personal data storage unit 91 stores the database (D′), the differential privacy processing unit 92 disturbs the response (q(D′)) by the value (q ^* (D′)=62, $050). Then, the information processing device 90 transmits the disturbed value (q ^* (D')=$62,050) to the client.

Note that FIG. 8 shows, as an example, the case where the values of q ^* (D) and q ^* (D′) are the same, which is the case where the difference is the smallest.

As shown in FIG. 8, since the client receives the disturbed value, even if the transferred person is found to be Elsa, the annual income of Elsa cannot be estimated.

In the above operation, the differential privacy processing unit 92 calculates a value according to Expression 1 as an output.

FIG. 9 is a diagram illustrating an example of probabilities used for calculation for ensuring differential privacy. As shown in FIG. 9, the differential privacy processing unit 92 generates an output value such that the value after the disturbance has a predetermined difference or ratio based on the probability according to the Laplace distribution. That is, the value output by the information processing device 90 is included in the range of the predetermined difference or ratio.

Thus, the client cannot estimate the privacy information (for example, annual income) using the difference between the values output by the information processing device 90. That is, the client cannot know the transferee's privacy information (eg, annual income) even if the client can know the transferor (eg, knowing the existence and absence of Elsa).

Cynthia Dwork, "Differential privacy", ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming-Volume Part II, p.p. 1-12, July 10, 2006 (Publisher: Springer-Verlag Berlin, Heidelberg) Frank D. McSherry, "Privacy integrated queries: an extensible platform for privacy preserving data analysis", SIGMOD '09 Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, pp. 19-30, June 29, 2009 (Publisher: ACM (New York, NY, USA)

Increasing the number of queries improves the estimation capability of privacy information for query response type data publishing that guarantees ε-differential privacy (see, for example, composability of Non-Patent Document 2).

For example, when an information processing device that processes a query response type data publishing that guarantees ε-differential privacy guarantees ε-differential privacy (ε) for each n (n is any natural number) queries, The total privacy is “n×ε”.

Alternatively, when the information processing apparatus that processes the query response type data publishing that guarantees the ε-differential privacy guarantees the ε-differential privacy strength (ε) as the total of n queries, the privacy strength (ε _i ) is For example: In other words, privacy intensity for each query _{(q i) (ε i)} is "ε _i = ε / n".

That is, an information processing device that processes query response type data publishing that guarantees ε-differential privacy needs to design in advance the total privacy strength for all inquiries and each privacy strength (ε _i ). For example, the sum of privacy intensities for all inquiries is “ε _T ”, and each privacy intensity is “ε _i ”. In this case, the information processing device that processes the query response type data publishing that guarantees ε-differential privacy needs to design the total privacy strength and each privacy strength so as to satisfy “ε _T ≧Σε _i ”. ..

FIG. 10 is a diagram showing an example of privacy strength (ε _i ) set so as to secure a predetermined privacy strength (ε _T ) for a plurality of (n) inquiries. In FIG. 10, the individual privacy strengths (ε _i ) are designed so that the sum thereof becomes a predetermined privacy strength (ε _T ) (ε _T =Σε _i ).

As described above, in order to secure the predetermined privacy strength (ε _T ) for a plurality of inquiries, it is necessary to design the privacy strength (ε _i ) in each inquiry in advance. Then, in order to design the individual privacy strength (ε _i ), it is necessary to set the maximum inquiry count (n) in advance.

That is, the techniques described in Non-Patent Documents 1 and 2 have a problem that they cannot respond to inquiries that exceed the preset number of inquiries.

An object of the present invention is to provide an information processing device, an information processing method, and a program that solve the above-mentioned problems and can process query response data publishing that guarantees ε-differential privacy without setting the number of queries in advance. To do.

An information processing apparatus according to an aspect of the present invention is a sum of a privacy strength that is satisfied as a total in publishing query response data that guarantees ε-differential privacy, and a privacy strength that remains after setting a privacy strength determined in response to an inquiry. Parameter storage means for storing the remaining privacy ratio, which is the rate of change in the remaining privacy strength, remaining privacy strength storage means for storing the remaining privacy strength, and a response to the inquiry based on the remaining privacy ratio and the remaining privacy strength. Privacy strength determining means for determining privacy strength.

A data processing method according to an aspect of the present invention is a sum of a privacy strength that is satisfied as a total in query response data publishing that guarantees ε-differential privacy, and a privacy strength that remains after setting a privacy strength determined in response to a query. The remaining privacy ratio, which is the rate of change of the remaining privacy strength, is stored, the remaining privacy strength is stored, and the privacy strength for the inquiry is determined based on the remaining privacy ratio and the remaining privacy strength.

A program according to an aspect of the present invention is a total of a privacy strength that is satisfied as a total in publishing query response data that guarantees ε-differential privacy, and a privacy strength that remains after setting a privacy strength determined in response to a query. A process of storing a remaining privacy ratio, which is a change ratio of the remaining privacy intensity, a process of storing the remaining privacy intensity, and a process of determining a privacy intensity for an inquiry based on the remaining privacy percentage and the remaining privacy intensity. Let the computer run .

According to the present invention, it is possible to achieve the effect of realizing query response data publication that guarantees ε-differential privacy without setting the number of queries in advance.

FIG. 1 is a block diagram showing an example of the configuration of an information processing apparatus according to the first embodiment of the present invention. FIG. 2 is a flowchart showing an example of an operation of initializing the remaining privacy strength in the information processing apparatus according to the first embodiment. FIG. 3 is a flowchart showing an example of the operation of determining the privacy strength in the information processing device according to the first embodiment. FIG. 4 is a diagram showing an example of privacy strength determined by the information processing apparatus according to the first embodiment. FIG. 5 is a block diagram showing an example of another configuration of the information processing apparatus according to the first embodiment. FIG. 6 is a diagram illustrating an example of an information processing apparatus that processes query response type data publishing using general ε-differential privacy. FIG. 7 is a diagram for explaining query response type data publishing that does not guarantee differential privacy. FIG. 8 is a diagram for explaining query response type data publishing that guarantees differential privacy. FIG. 9 is a diagram illustrating an example of the probabilities used for the calculation for ensuring the differential privacy. FIG. 10 is a diagram showing an example of privacy strength designed to ensure a predetermined privacy strength with respect to a plurality of inquiries.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

Each drawing explains the embodiment of the present invention. However, the present invention is not limited to the description of each drawing. In addition, the same numbers are given to the same configurations in the respective drawings, and repeated description thereof may be omitted.

Further, in the drawings used for the following description, the configuration of the portion not related to the description of the present invention may be omitted and not illustrated.

Prior to the explanation, variables used in the following explanation will be summarized.

The privacy strength (ε _T ) is the privacy strength that is satisfied as a total in ε-differential privacy. Therefore, hereinafter, the privacy strength (ε _T ) is also referred to as the total privacy strength.

The inquiry (q _i ) is the i-th inquiry (query).

The privacy strength (ε _i ) is the privacy strength determined for the i-th inquiry (q _i ).

The remaining privacy strength (ε ^* ) is the total configurable privacy strength remaining after setting the determined privacy strength (eg, ε _i ) for the query (eg, q _i ). That is, the remaining privacy strength (ε ^* ) is the privacy strength (ε ₁ , ε) determined from the total privacy strength (ε _T ) to the inquiry (q ₁ , q ₂ ,..., Q _i ) up to that point. ₂ ,..., ε _i ) is the remaining privacy strength.

When clarifying the relationship with the number of inquiries (q _i ), the residual privacy strength (ε ^* ) is also given a symbol. That is, the remaining privacy strength (ε ^* _i ) is the remaining privacy strength after setting the privacy strength (ε _i ) for the i-th inquiry (q _i ). That is, the relationship between the remaining privacy strength (ε ^* ) and the privacy strength (ε) is as shown in the following mathematical formula 2.

[Formula 2]
^{_{ε * i = ε * i-}} 1 -ε i
In addition, the remaining privacy strength before undergoing the first query (q _1), in other words, the initial value of the remaining privacy strength (ε ^*), and the remaining privacy strength (ε ^{* _0).} The remaining privacy strength (ε ^* ₀₎ is a total of privacy strength ^{_{(ε T) (ε * 0}} = ε T).

The remaining privacy ratio (α) is the ratio of change in the remaining privacy strength (ε ^* ) after setting the privacy strength (ε _i ) for each inquiry (q _i ). The value of the remaining privacy ratio (α) is a positive real number less than 1 (0<α<1).

That is, the relationship between the remaining privacy strength (ε ^* _i ) and the immediately preceding remaining privacy strength (ε ^* _i−1 ) is as shown in the following Expression 3.

[Formula 3]
ε ^* _i =α×ε ^* _i-1
Here, the first of the remaining privacy strength (ε ^* ₀₎ is a privacy strength (ε _T). Therefore, except the first residue privacy strength (epsilon ^* _0), the remaining privacy strength _{^{(ε * i (i = 1,2}} , ...)) value of greater than zero, the privacy strength (epsilon _T) less than the real it is _{^{(0 <ε * i <ε}} T, i = 1,2, ...).

When Equation 3 is substituted into Equation 2 and transformed, the relationship between the remaining privacy strength (ε ^* _i−1 ) and the privacy strength (ε _i ) is as shown in Equation 4 below.

[Formula 4]
ε _i =(1−α)×ε ^* _i−1
That is, the privacy strength (ε _i ) is calculated based on the remaining privacy ratio (α) and the remaining privacy strength (ε ^* _i−1 ).

In the following, “1-α” will be referred to as “β”. In other words, the relationship of the remaining privacy strength (ε ^{* _i-1)} and Privacy intensity (epsilon _i) is represented in the following formula 5 so.

[Formula 5]
ε _i =β×ε ^* _i−1
<First Embodiment>
Hereinafter, an information processing apparatus 10 according to the first embodiment of the present invention will be described with reference to the drawings.

[Description of configuration]
First, the configuration of the information processing device 10 according to the first embodiment will be described.

FIG. 1 is a block diagram showing an example of the configuration of an information processing device 10 according to the first embodiment of the present invention.

As shown in FIG. 1, the information processing device 10 includes a privacy strength determination unit 11, a remaining privacy strength storage unit 12, and a parameter storage unit 13.

The information processing device 10 creates a response based on the determined privacy strength (ε _i ). However, the information processing apparatus 10 may use a process that guarantees general ε-differential privacy as a method of creating a response. More specifically, the information processing apparatus 10 uses the privacy strength (ε _i ) to disturb the inquiry (q _i ) in order to respond with an output that guarantees ε-differential privacy. You can use randomization. Here, for example, a Laplace mechanism or an exponential mechanism is known as a method of perturbation or perturbation. The information processing device 10 may use these methods. However, the information processing device 10 is not limited to these methods, and may select an appropriate mechanism according to the inquiry (q _i ) as a mechanism of perturbation or randomization (random selection). Therefore, the description of the configuration and the operation for generating the response that guarantees the ε-differential privacy is omitted.

Next, each unit of the information processing device 10 is as follows. The operation of each unit will be described in detail later.

The privacy strength determination unit 11 makes an inquiry based on the remaining privacy strength (ε ^* _i−1 ) recorded in the remaining privacy strength storage unit 12 and the remaining privacy ratio (α) recorded in the parameter storage unit 13 ( to determine the privacy strength (ε _i) with respect to q _i). Then, the privacy strength determination unit 11 updates the remaining privacy strength (ε ^* ) using the determined privacy strength (ε _i ). That is, the privacy strength determination unit 11 calculates the privacy strength (ε _i ) and the remaining privacy strength (ε ^* _i ).

The remaining privacy strength storage unit 12 records the calculated remaining privacy strength (ε ^* _i ). Here, the remaining privacy strength storage unit 12 does not need to store the previous remaining privacy strength (ε ^* _i−1 ). That is, the remaining privacy strength storage unit 12 may update the recorded remaining privacy strength (ε ^* _i−1 ) with the calculated remaining privacy strength (ε ^* _i ).

That is, in the present embodiment, for convenience of description, the remaining privacy strength (ε ^* ) is attached with a reference numeral, but the information processing device 10 uses the remaining privacy strength (ε ^* ) as one variable in the actual processing. The privacy strength (ε ^* ) may be processed.

The parameter storage unit 13 stores parameters. The parameters are the total privacy strength (ε _T ) and the remaining privacy ratio (α), which have already been described. However, the parameter storage unit 13 may include other values as parameters.

[Description of operation]
Next, the operation of the information processing device 10 will be described with reference to the drawings.

The information processing apparatus 10 according to the present embodiment outputs the privacy strength (ε _i ) that guarantees the ε-differential privacy in response to the inquiry (q _i ). Therefore, the information processing device 10 determines (calculates) the privacy strength (ε _i ) for the inquiry (q _i ) based on the remaining privacy strength (ε ^* ) and the remaining privacy ratio (α). However, as will be described later, the information processing device 10 determines the privacy strength (ε _i ) so that the number of inquiries is not limited.

First, the initial setting of the remaining privacy strength (ε ^* ) in the information processing device 10 will be described.

FIG. 2 is a flowchart showing an example of an operation of initializing the remaining privacy strength (ε ^* ) in the information processing device 10 according to the first embodiment.

First, the information processing apparatus 10 stores the parameters total privacy strength (ε _T ) and remaining privacy ratio (α) in the parameter storage unit 13 as initial settings before the processing described below (step S110). .. The information processing device 10 may store β (=1−α) as a parameter. When β is stored, the information processing apparatus 10 can reduce the number of times of subtraction processing in the processing described below.

There is no particular limitation on the method for the information processing device 10 to store the parameters. For example, the administrator of the information processing device 10 may operate the information processing device 10 to set parameters in the parameter storage unit 13. Alternatively, the information processing device 10 may receive a parameter from an external device (not shown) and store the parameter in the parameter storage unit 13.

Then, the privacy strength determination unit 11 of the information processing device 10 initializes the remaining privacy strength (ε ^* ) stored in the remaining privacy strength storage unit 12 based on the parameters (step S120). Specifically, as described above, the privacy strength determination unit 11 stores in the parameter storage unit 13 as the initial value (ε ^* ₀ ) of the remaining privacy strength (ε ^* ) stored in the remaining privacy strength storage unit 12. Set the value of total privacy strength (ε _T ).

Then, the information processing device 10 ends the operation of initial setting of the remaining privacy strength (ε ^* ).

Next, updating of the remaining privacy strength (ε ^* ) in the information processing device 10 will be described.

FIG. 3 is a flowchart showing an example of the operation of determining (calculating) the privacy strength (ε _i ) of the information processing device 10 according to the first embodiment.

Privacy intensity determination unit 11 of the information processing apparatus 10 receives the query _{(q i),} based on the remaining privacy strength (epsilon ^*) and residual Privacy proportion (alpha), privacy strength to the query _{(q i)} (ε _i ) Is determined (step S210). In addition, in detail, the remaining privacy strength (ε ^* ) at this time is the remaining privacy strength (ε ^* _i−1 ).

The privacy strength determination unit 11 then updates the remaining privacy strength (ε ^* ) based on the determined privacy strength (ε _i ) or remaining privacy strength (ε ^* _i−1 ) and the remaining privacy ratio (α) ^. _i ) is calculated (step S220).

Then, the privacy strength determination unit 11 updates the remaining privacy strength (ε ^* ) stored in the remaining privacy strength storage unit 12 (step S230). More specifically, the privacy strength determination unit 11 updates the remaining privacy strength (ε ^* _i−1 ) stored in the remaining privacy strength storage unit 12 with the calculated remaining privacy strength (ε ^* _i ).

Then, the information processing device 10 ends the operation of determining the privacy strength.

Next, the operations of steps S210 and S220 will be described in detail.

The privacy strength determination unit 11 of the information processing device 10 calculates the privacy strength (ε _i ) corresponding to the inquiry (q _i ) by using the mathematical formula 4 already described.

At this time, the initial values of the privacy strength (ε _i ) and the remaining privacy strength (ε ^* _i ) are specifically as follows.

First, the initial value (ε ^* ₀ ) of the remaining privacy strength (ε ^* ) is given by the following mathematical expression 6.

[Formula 6]
ε ^* ₀ = ε _T
Therefore, the first query (q ₁₎ to privacy intensity (epsilon ₁₎ is given by the following Equation 7.

[Formula 7]
ε ₁ =(1−α)×ε ^* ₀ =(1−α)×ε _T =β×ε _T
As a result, the remaining privacy strength (ε ^* ₁ ) is as shown in the following mathematical formula 8.

[Formula 8]
^{_{ε * 1 = ε * 0 (}} = ε T) -ε 1 = ε T - (1-α) × ε T = α × ε T (= α × ε * 0)
In addition, Formula 8 can also be shown from the definition of the remaining privacy ratio (α).

The privacy strength (ε ₂ ) for the next inquiry (q ₂ ) is given by the following Expression 9.

[Formula 9]
ε ₂ =(1−α)×ε ^* ₁ =(1−α)×α×ε _T =α×β×ε _T =α×ε ₁
The remaining privacy strength (ε ^* ₂ ) at this time is as shown in the following Expression 10.

[Formula 10]
^{_{ε * 2 = ε * 1 -ε}} 2 = α × ε T -α × β × ε T = α × (1-β) × ε T = α 2 × ε T
The privacy strength (ε ₃ ) for the next inquiry (q ₃ ) is given by the following Expression 11.

[Formula 11]
ε ₃ =(1-α)×ε ^* ₂ =(1-α)×α ² ×ε _T =β×α ² ×ε _T =α×ε ₂
The remaining privacy strength (ε ^* ₃ ) at this time is as shown in the following Expression 12.

[Formula 12]
^{_{ε * 3 = ε * 2 -ε}} 3 = α 2 × ε T -β × α 2 × ε T = α 2 × (1-β) × ε T = α 3 × ε T
Further, where the residual privacy strength (ε ^* _i-1) is because ^{_{"ε * i-1 = α i}} -1 × ε T ,""epsilon_i" and "epsilon ^* _i", respectively, the following formula 13 and Equation 14.

[Formula 13]
ε _i =(1-α)×ε ^* _i−1 =α ⁱ⁻¹ ×β×ε _T =α ⁱ⁻¹ ×ε ₁
[Formula 14]
^{_{ε * i = ε * i-}} 1 -ε i = α i-1 × ε T -β × α i-1 × ε T
=α ^i-1 ×(1-β)×ε _T =α ⁱ ×ε _T =α ^i-1 ×ε ^* ₁

That is, the privacy strength (ε _i ) is a geometric progression in which ε ₁ (=β×ε _T ) is the first term and the public ratio is the remaining privacy ratio (α).

Therefore, the sum (S _n ) of privacy intensities (ε _i ) in n inquiries is given by the following Expression 15.

[Formula 15]

Here, the remaining privacy ratio (α) is a positive real number less than 1 (0<α<1). Therefore, the sum (S _n ) of the privacy strengths (ε _i ) is smaller than the privacy strength (ε _T ) as in the following Expression 16.

[Formula 16]
S _n =(1−α ⁿ )×ε _T <ε _T
That is, the sum (S _n ) of the privacy strengths (ε _i ) does not exceed the privacy strength (ε _T ).

Furthermore, the infinite series sum (that is, the limit of the sum (S _n )) of the privacy strength (ε _i ) becomes “ε _T ”as in the following Expression 17.

[Formula 17]

As described above, the privacy strength determination unit 11 of the information processing device 10 determines the privacy strength (ε _i ) for the inquiry (q _i ).

Therefore, the information processing apparatus 10 can determine (calculate) the privacy strength (ε _i ) without limiting the number of inquiries (q _i ). Alternatively, the information processing device 10 can determine the remaining privacy strength (ε ^* ) without limiting the number of inquiries (q _i ). Alternatively, the information processing device 10 can always accept the inquiry (q _i+1 ) that follows the inquiry for any inquiry (q _i ). That is, the information processing apparatus 10 can guarantee ε-differential privacy for all inquiries (q ₁ , q ₂ ,..., Q _i ,...) Without limitation on the number of times.

FIG. 4 is a diagram showing an example of privacy strength (ε _i ) determined by the information processing apparatus 10 according to the first embodiment.

As shown in FIG. 4, the privacy strength determination unit 11 of the information processing device 10 determines the privacy strength (ε _i ) shown in Expression 13 and the remaining privacy strength (ε ^* _i ) shown in Expression 14 based on Expression 4. And guarantee ε-differential privacy.

Incidentally, the inquiry (q _i) Privacy intensity (epsilon _i) is set for in accordance with overlaying the number of queries (q _i), attenuated according to the value of the remaining privacy proportion (alpha). That is, in the information processing apparatus 10 according to the first embodiment, the accuracy of the output for which ε-differential privacy is guaranteed is attenuated according to the value of the remaining privacy ratio (α). For example, the accuracy of the output of the i-th inquiry (q _i ) is attenuated to “α ⁱ⁻¹ ”for the first inquiry (q ₁ ). Therefore, the information processing apparatus 10 can control the attenuation degree of the output accuracy based on the remaining privacy ratio (α).

[Explanation of effects]
Next, the effect of this embodiment will be described.

The information processing apparatus 10 according to the present embodiment has an effect of realizing query response data publication that guarantees ε-differential privacy without setting the number of inquiries.

The reason is as follows.

The privacy strength determination unit 11 of the information processing device 10 determines the privacy strength (ε _i ) based on the remaining privacy strength (ε ^* ) and the remaining privacy ratio (α). Further, the information processing apparatus 10 determines the privacy strength (ε _i ) as a geometric progression having the remaining privacy ratio (α) as the common ratio.

Therefore, the privacy strength determination unit 11 can determine the privacy strength (ε _i ) without being limited by the number of inquiries.

Further, the information processing apparatus 10 according to the present embodiment can control the degree of attenuation of output accuracy based on the remaining privacy ratio (α).

The reason is that the information processing apparatus 10 determines the privacy strength (ε _i ) by using a geometrical ratio example in which the remaining privacy ratio (α) is the common ratio.

[Modification]
The information processing device 10 described above is configured as follows.

For example, each component of the information processing device 10 may be configured by a hardware circuit.

Further, the information processing device 10 may be configured by using a plurality of devices, each of which is connected via a network.

Further, the information processing device 10 may have a plurality of components configured by one piece of hardware.

The information processing device 10 may be realized as a computer device including a CPU (Central Processing Unit), a ROM (Read Only Memory), and a RAM (Random Access Memory). The information processing device 10 may be realized as a computer device including an input/output connection circuit (IOC) and a network interface circuit (NIC) in addition to the above configuration.

FIG. 5: is a block diagram which shows an example of a structure of the information processing apparatus 600 which concerns on this modification.

The information processing device 600 includes a CPU 610, a ROM 620, a RAM 630, an internal storage device 640, an IOC 650, and a NIC 680, and is configured as a computer device.

The CPU 610 reads the program from the ROM 620. Then, the CPU 610 controls the RAM 630, the internal storage device 640, the IOC 650, and the NIC 680 based on the read program. Then, the computer including the CPU 610 controls these configurations and realizes the respective functions as the privacy strength determination unit 11, the remaining privacy strength storage unit 12, and the parameter storage unit 13 illustrated in FIG. 1.

The CPU 610 may use the RAM 630 or the internal storage device 640 as temporary storage of a program when implementing each function.

Further, the CPU 610 may read the program included in the storage medium 700 that stores the program in a computer-readable manner by using a storage medium reading device (not shown). Alternatively, the CPU 610 may receive a program from an external device (not shown) via the NIC 680, store the program in the RAM 630, and operate based on the stored program.

The ROM 620 stores programs executed by the CPU 610 and fixed data. The ROM 620 is, for example, a P-ROM (Programmable-ROM) or a flash ROM.

The RAM 630 temporarily stores programs and data executed by the CPU 610. The RAM 630 is, for example, a D-RAM (Dynamic-RAM).

The internal storage device 640 stores data and programs that the information processing device 600 stores for a long time. The internal storage device 640 operates as the remaining privacy strength storage unit 12 and the parameter storage unit 13. Further, the internal storage device 640 may operate as a temporary storage device of the CPU 610. The internal storage device 640 is, for example, a hard disk device, a magneto-optical disk device, an SSD (Solid State Drive), or a disk array device.

Here, the ROM 620 and the internal storage device 640 are non-transitory storage media. On the other hand, the RAM 630 is a volatile (transitory) storage medium. The CPU 610 can operate based on the programs stored in the ROM 620, the internal storage device 640, or the RAM 630. That is, the CPU 610 can operate using a non-volatile storage medium or a volatile storage medium.

The IOC 650 mediates data between the CPU 610 and the input device 660 and the display device 670. The IOC 650 is, for example, an IO interface card or a USB (Universal Serial Bus) card.

The input device 660 is a device that receives an input instruction from the operator of the information processing device 600. The input device 660 is, for example, a keyboard, a mouse, or a touch panel.

The display device 670 is a device that displays information to the operator of the information processing device 600. The display device 670 is, for example, a liquid crystal display.

The NIC 680 relays data exchange with an external device (not shown) via the network. The NIC 680 is, for example, a LAN (Local Area Network) card.

The information processing device 600 configured in this way can obtain the same effects as the information processing device 10.

The reason is that the CPU 610 of the information processing device 600 can realize the same function as the information processing device 10 based on the program.

Although the present invention has been described with reference to the exemplary embodiments, the present invention is not limited to the above exemplary embodiments. Various modifications that can be understood by those skilled in the art can be made to the configuration and details of the present invention within the scope of the present invention.

This application claims the priority on the basis of Japanese application Japanese Patent Application No. 2015-120047 for which it applied on June 15, 2015, and takes in those the indications of all here.

10 information processing device 11 privacy strength determination unit 12 remaining privacy strength storage unit 13 parameter storage unit 90 information processing device 91 personal data storage unit 92 differential privacy processing unit 600 information processing device 610 CPU
620 ROM
630 RAM
640 Internal storage device 650 IOC
660 Input device 670 Display device 680 NIC
700 storage medium

Claims (9)

ε-Differential It is the rate of change in the remaining privacy strength, which is the total of the privacy strength that is satisfied as a total in publishing the query response data that guarantees privacy, and the privacy strength that remains after setting the privacy strength determined in response to the inquiry. Parameter storage means for storing the remaining privacy ratio,
Residual privacy strength storage means for storing the residual privacy strength,
Based on the remaining privacy ratio and the remaining privacy strength, a privacy strength determination means for determining the privacy strength for an inquiry ,
An information processing apparatus comprising: creating a response for publishing the query response data based on the privacy strength determined by the privacy strength determining means . The privacy strength determination means,
The information processing apparatus according to claim 1, wherein the remaining privacy strength is updated based on the determined privacy strength. The privacy strength determination means,
The information processing apparatus according to claim 1, wherein the privacy strength is determined using a geometric progression having the remaining privacy ratio as a public ratio. The privacy strength determination means,
When the residual privacy ratio is α, the residual privacy strength after the i−1 th inquiry is ε ^* _i−1 , and the privacy strength for the i th inquiry is ε _i , the privacy strength ε _i is Formula 1
[Formula 1]
ε _i =(1−α)×ε ^* _i−1
The information processing device according to claim 1, wherein the information processing device is calculated using. The privacy strength determination means,
When the remaining privacy ratio is α, the remaining privacy strength after the i−1 th inquiry is ε ^* _i−1 , and the i th remaining privacy strength is ε ^* _i , the i th remaining privacy strength Let ε ^* _i be the following formula 2
[Formula 2]
ε ^* _i =α×ε ^* _i-1
The information processing apparatus according to claim 1, wherein the information processing apparatus is calculated using. The privacy strength determination means,
The information processing apparatus according to any one of claims 1 to 5, wherein the remaining privacy strength before the inquiry is received is the total privacy strength. The privacy strength determination means,
The information processing device according to any one of claims 1 to 5, wherein the remaining privacy strength after receiving one or more inquiries is the total privacy strength. The information processing device
ε-Differential It is the ratio of the change in the remaining privacy strength, which is the total of the privacy strength that is satisfied as a total in publishing the query response data that guarantees privacy, and the privacy strength that remains after setting the privacy strength determined in response to the inquiry. Remember the remaining privacy ratio,
Memorize the remaining privacy strength,
Based on the remaining privacy ratio and the remaining privacy strength, determine the privacy strength for the inquiry ,
An information processing method for creating a response for publishing the query response data based on the determined privacy strength . ε-Differential It is the rate of change in the remaining privacy strength, which is the total of the privacy strength that is satisfied as a total in publishing the query response data that guarantees privacy, and the privacy strength that remains after setting the privacy strength determined in response to the inquiry. A process of storing the remaining privacy ratio,
A process of storing the remaining privacy strength,
Based on the remaining privacy ratio and the remaining privacy strength, a process of determining the privacy strength for the inquiry ,
A program that causes a computer to execute a process of creating a response for publishing the query response data based on the determined privacy strength .

Images