Security Versus Privacy
This addresses the challenge of managing trade-offs between privacy and security in data systems, which is incremental as it builds on existing frameworks like differential privacy.
The paper tackles the problem of balancing privacy and security in systems where linear queries are submitted to a server with private data, using additive noise for privacy and measuring security via sensitivity to false data injection. It proposes and solves an optimization problem, showing that the product of guaranteed privacy and security is constant, indicating a trade-off where increasing one weakens the other, with similar results under differential privacy.
Linear queries can be submitted to a server containing private data. The server provides a response to the queries systematically corrupted using an additive noise to preserve the privacy of those whose data is stored on the server. The measure of privacy is inversely proportional to the trace of the Fisher information matrix. It is assumed that an adversary can inject a false bias to the responses. The measure of the security, capturing the ease of detecting the presence of the false data injection, is the sensitivity of the Kullback-Leiber divergence to the additive bias. An optimization problem for balancing privacy and security is proposed and subsequently solved. It is shown that the level of guaranteed privacy times the level of security equals a constant. Therefore, by increasing the level of privacy, the security guarantees can only be weakened and vice versa. Similar results are developed under the differential privacy framework.