GaussianMechanism: Gaussian Mechanism
In DPpack: Differentially Private Statistical Analysis and Machine Learning
GaussianMechanism R Documentation
Gaussian Mechanism
Description
This function implements the Gaussian mechanism for differential privacy by
adding noise to the true value(s) of a function according to specified values
of epsilon, delta, and l2-global sensitivity(-ies). Global sensitivity
calculated based either on bounded or unbounded differential privacy can be
used \insertCiteKifer2011DPpack. If true.values is a vector, the provided
epsilon and delta are divided such that (epsilon, delta)-level differential
privacy is satisfied across all function values. In the case that each
element of true.values comes from its own function with different
corresponding sensitivities, a vector of sensitivities may be provided. In
this case, if desired, the user can specify how to divide epsilon and delta
among the function values using alloc.proportions.
Usage
GaussianMechanism(
true.values,
eps,
delta,
sensitivities,
type.DP = "aDP",
alloc.proportions = NULL
)
Arguments
true.values
Real number or numeric vector corresponding to the true
value(s) of the desired function.
eps
Positive real number defining the epsilon privacy parameter.
delta
Positive real number defining the delta privacy parameter.
sensitivities
Real number or numeric vector corresponding to the
l2-global sensitivity(-ies) of the function(s) generating true.values. This
value must be of length 1 or of the same length as true.values. If it is of
length 1 and true.values is a vector, this indicates that the given
sensitivity applies simultaneously to all elements of true.values and that
the privacy budget need not be allocated (alloc.proportions is unused in
this case). If it is of the same length as true.values, this indicates that
each element of true.values comes from its own function with different
corresponding sensitivities. In this case, the l2-norm of the provided
sensitivities is used to generate the Gaussian noise.
type.DP
String indicating the type of differential privacy desired for
the Gaussian mechanism. Can be either 'pDP' for probabilistic DP
\insertCiteLiu2019aDPpack or 'aDP' for approximate DP
\insertCiteDwork2006bDPpack. Note that if 'aDP' is chosen, epsilon must
be strictly less than 1.
alloc.proportions
Optional numeric vector giving the allocation
proportions of epsilon and delta to the function values in the case of
vector-valued sensitivities. For example, if sensitivities is of length two
and alloc.proportions = c(.75, .25), then 75% of the privacy budget eps
(and 75% of delta) is allocated to the noise computation for the first
element of true.values, and the remaining 25% is allocated to the noise
computation for the second element of true.values. This ensures (eps,
delta)-level privacy across all computations. Input does not need to be
normalized, meaning alloc.proportions = c(3,1) produces the same result as
the example above.
Value
Sanitized function values based on the bounded and/or unbounded
definitions of differential privacy, sanitized via the Gaussian mechanism.
References
\insertRefDwork2006aDPpack
\insertRefKifer2011DPpack
\insertRefLiu2019aDPpack
\insertRefDwork2006bDPpack
Examples
# Simulate dataset
n <- 100
c0 <- 5 # Lower bound
c1 <- 10 # Upper bound
D1 <- stats::runif(n, c0, c1)
# Privacy budget
epsilon <- 0.9 # eps must be in (0, 1) for approximate differential privacy
delta <- 0.01
sensitivity <- (c1-c0)/n
# Approximate differential privacy
private.mean.approx <- GaussianMechanism(mean(D1), epsilon, delta,
sensitivity)
private.mean.approx
# Probabilistic differential privacy
private.mean.prob <- GaussianMechanism(mean(D1), epsilon, delta, sensitivity,
type.DP = 'pDP')
private.mean.prob
# Simulate second dataset
d0 <- 3 # Lower bound
d1 <- 6 # Upper bound
D2 <- stats::runif(n, d0, d1)
D <- matrix(c(D1,D2),ncol=2)
sensitivities <- c((c1-c0)/n, (d1-d0)/n)
epsilon <- 0.9 # Total privacy budget for all means
delta <- 0.01
# Here, sensitivities are summed and the result is used to generate Laplace
# noise. This is essentially the same as allocating epsilon proportional to
# the corresponding sensitivity. The results satisfy (0.9,0.01)-approximate
# differential privacy.
private.means <- GaussianMechanism(apply(D, 2, mean), epsilon, delta,
sensitivities)
private.means
# Here, privacy budget is explicitly split so that 75% is given to the first
# vector element and 25% is given to the second.
private.means <- GaussianMechanism(apply(D, 2, mean), epsilon, delta,
sensitivities,
alloc.proportions = c(0.75, 0.25))
private.means
DPpack documentation built on April 8, 2023, 9:09 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
| GaussianMechanism | R Documentation |
Gaussian Mechanism
Description
This function implements the Gaussian mechanism for differential privacy by adding noise to the true value(s) of a function according to specified values of epsilon, delta, and l2-global sensitivity(-ies). Global sensitivity calculated based either on bounded or unbounded differential privacy can be used \insertCiteKifer2011DPpack. If true.values is a vector, the provided epsilon and delta are divided such that (epsilon, delta)-level differential privacy is satisfied across all function values. In the case that each element of true.values comes from its own function with different corresponding sensitivities, a vector of sensitivities may be provided. In this case, if desired, the user can specify how to divide epsilon and delta among the function values using alloc.proportions.
Usage
GaussianMechanism(
true.values,
eps,
delta,
sensitivities,
type.DP = "aDP",
alloc.proportions = NULL
)
Arguments
true.values |
Real number or numeric vector corresponding to the true value(s) of the desired function. |
eps |
Positive real number defining the epsilon privacy parameter. |
delta |
Positive real number defining the delta privacy parameter. |
sensitivities |
Real number or numeric vector corresponding to the l2-global sensitivity(-ies) of the function(s) generating true.values. This value must be of length 1 or of the same length as true.values. If it is of length 1 and true.values is a vector, this indicates that the given sensitivity applies simultaneously to all elements of true.values and that the privacy budget need not be allocated (alloc.proportions is unused in this case). If it is of the same length as true.values, this indicates that each element of true.values comes from its own function with different corresponding sensitivities. In this case, the l2-norm of the provided sensitivities is used to generate the Gaussian noise. |
type.DP |
String indicating the type of differential privacy desired for the Gaussian mechanism. Can be either 'pDP' for probabilistic DP \insertCiteLiu2019aDPpack or 'aDP' for approximate DP \insertCiteDwork2006bDPpack. Note that if 'aDP' is chosen, epsilon must be strictly less than 1. |
alloc.proportions |
Optional numeric vector giving the allocation proportions of epsilon and delta to the function values in the case of vector-valued sensitivities. For example, if sensitivities is of length two and alloc.proportions = c(.75, .25), then 75% of the privacy budget eps (and 75% of delta) is allocated to the noise computation for the first element of true.values, and the remaining 25% is allocated to the noise computation for the second element of true.values. This ensures (eps, delta)-level privacy across all computations. Input does not need to be normalized, meaning alloc.proportions = c(3,1) produces the same result as the example above. |
Value
Sanitized function values based on the bounded and/or unbounded definitions of differential privacy, sanitized via the Gaussian mechanism.
References
\insertRefDwork2006aDPpack
\insertRefKifer2011DPpack
\insertRefLiu2019aDPpack
\insertRefDwork2006bDPpack
Examples
# Simulate dataset
n <- 100
c0 <- 5 # Lower bound
c1 <- 10 # Upper bound
D1 <- stats::runif(n, c0, c1)
# Privacy budget
epsilon <- 0.9 # eps must be in (0, 1) for approximate differential privacy
delta <- 0.01
sensitivity <- (c1-c0)/n
# Approximate differential privacy
private.mean.approx <- GaussianMechanism(mean(D1), epsilon, delta,
sensitivity)
private.mean.approx
# Probabilistic differential privacy
private.mean.prob <- GaussianMechanism(mean(D1), epsilon, delta, sensitivity,
type.DP = 'pDP')
private.mean.prob
# Simulate second dataset
d0 <- 3 # Lower bound
d1 <- 6 # Upper bound
D2 <- stats::runif(n, d0, d1)
D <- matrix(c(D1,D2),ncol=2)
sensitivities <- c((c1-c0)/n, (d1-d0)/n)
epsilon <- 0.9 # Total privacy budget for all means
delta <- 0.01
# Here, sensitivities are summed and the result is used to generate Laplace
# noise. This is essentially the same as allocating epsilon proportional to
# the corresponding sensitivity. The results satisfy (0.9,0.01)-approximate
# differential privacy.
private.means <- GaussianMechanism(apply(D, 2, mean), epsilon, delta,
sensitivities)
private.means
# Here, privacy budget is explicitly split so that 75% is given to the first
# vector element and 25% is given to the second.
private.means <- GaussianMechanism(apply(D, 2, mean), epsilon, delta,
sensitivities,
alloc.proportions = c(0.75, 0.25))
private.means
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.