1

Competitive Privacy: Secure Analysis on Integrated Sequence Data

Raymond Chi-Wing Wong1, Eric Lo2

The Hong Kong University of Science and Technology1

Hong Kong Polytechnic University2

Prepared by Raymond Chi-Wing WongPresented by Raymond Chi-Wing Wong

2

Outline

1. Introduction2. Problem3. Algorithm4. Conclusion

3

1. Introduction In this talk,

“competitive privacy” occurs when two datasets from two different

sources are integrated

Illustrate this concept with a transportation application

Give the motivation why two datasets should be integrated

Explain that there is a privacy issue in this application

4

1. Introduction

Transportation Application

Bus Company B Metro Company M

Passenger travel history in the bus company

Passenger travel history in the metro company

Both companies has implemented RFID-based electronic Transportation payment systems (e.g., Washington DC’s SmarTrip systemand Hong Kong Octopus System).

5Bus Company B Metro Company M

RFID No. = 222 “Airport Bus Stop”, “Downtown Bus Stop”

RFID No. = 222“Downtown Station”, “Uptown Station”

These two sequences are stored separately.

Suppose that the bus company and the metro company wantto collaborate and offer discounts to passengers who traveled from airport to uptown using a combination of bus and metro.

We need to integrate these two datasets to know the total numberof such passengers

9:00am 10:00am

10:15am 11:00am

6Bus Company B Metro Company M

RFID No. = 222 “Airport Bus Stop”, “Downtown Bus Stop”

RFID No. = 222“Downtown Station”, “Uptown Station”

RFID No. = 222 “Airport Bus Stop”, “Downtown Bus Stop”, “Downtown Station”, “Uptown Station”

9:00am 10:00am

10:15am 11:00am

9:00am 10:00am 10:15am 11:00am

7Bus Company B Metro Company M

RFID No. = 222“Airport Bus Stop”, “Downtown Bus Stop”

RFID No. = 222“Downtown Station”, “Uptown Station”

RFID No. = 222 “Airport Bus Stop”, “Downtown Bus Stop”, “Downtown Station”, “Uptown Station”

8

1. Introduction In this talk,

“competitive privacy” occurs when two datasets from two different

sources are merged

Illustrate this concept with a transportation application

Give the motivation why two datasets should be integrated

Explain that there is a privacy issue in this application

9

1. Introduction In this talk,

“competitive privacy” occurs when two datasets from two different

sources are merged

Illustrate this concept with a transportation application

Give the motivation why two datasets should be integrated

Explain that there is a privacy issue in this application

10

RFID No. = 222 “Airport Bus Stop”, “Downtown Bus Stop”, “Downtown Station”, “Uptown Station”

Data integration may cause privacy issues.

Bus Company B Metro Company M

Service sB “Downtown Bus Stop”, “Bay Bus Stop”

Service sM “Downtown Station”, “Bay Station” These two services are

competitive.

No of Passengers = 80,000No of Passengers = 10,000

If the metro company knows that the no. of passengers using sB is 80,000, then it may offer discounts to passengers using its own service sM to attract more passengersThus, the original service sB operated by the bus company will be definitelyaffected.

This statistical information about the competitive services correspondsto the “competitive privacy” of thebus company

11

2. Problem Given

two companies the bus company the metro company

Objective After the datasets from these two

companies are integrated, no company can infer any statistical

information about the competitive services of the other company

12

2. Problem

Contribution We are the first to propose the

concept of “competitive privacy” Privacy model when sequence

datasets are integrated Previous works

Privacy model when relational datasets are integrated

13

3. Algorithm

14

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 1

Determine whether this query allows that the metro company can infer any statistical information about the competitive services of the bus company.

If yes, we reject the query.If no, we give the answer of this query.

answer 1

15

3. Algorithm

Idea: We reject any queries related to the

statistical information about all competitive services

We skip the details

16

4. Conclusion

Privacy Model for Data Integration Competitive Privacy

Algorithm

17

Q&A

18

4. Empirical Studies

Real dataset Hong Kong Local Transportation

Metro Data 63 stations 6 transfer stations 4 railway lanes

19

4. Empirical Studies

Variation No. of tuples in the integrated dataset The pattern size in a query

Measurements Audit time (the time to determine

whether this query should be answered or rejected)

Ratio of rejected queries (or restricted queries)

20

4. Empirical Studies

The audit time is small.The ratio of restricted queries is small.

21

22

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 1

e.g., the total number of passengers who have a travel pattern “Airport Bus Stop”, “Downtown Bus Stop”,“Downtown Station”, “Uptown Station”.

Determine whether this query allows that the bus company can infer any statistical information about the competitive services of the metro company.

If yes, we reject the query.If no, we give the answer of this query.

answer 1

20,000

Pattern Size = 4

23

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 2

Determine whether this query allows that the bus company can infer any statistical information about the competitive services of the metro company.

If yes, we reject the query.If no, we give the answer of this query.

answer 2

24

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 3

Determine whether this query allows that the bus company can infer any statistical information about the competitive services of the metro company.

If yes, we reject the query.If no, we give the answer of this query.

answer 3

25

Each query alone may not provide any statistical information of the competitive services

However, the combination of all query answers may allow that the metro company can infer the statistical information of competitive services

26

Trusted Third Party

Bus Company B Metro Company M

Integrated database

Query: the total number of passengers who have a travel pattern “Downtown District”, “Bay District” 90,000

Knowledge 2: there are two services from “Downtown District” to “Bay District”1. The service provided by the bus company (“Downtown Bus Stop” to “Bay Bus Stop”)2. The service provided by the metro company (“Downtown Station” to “Bay Station”)

Knowledge 3: the total number of passengers who have a travel pattern “Downtown Station” to “Bay Station” = 10,000

Conclusion: the total number of passengers who have a travel pattern “Downtown Bus Stop” to “Bay Bus Stop” = 90,000 – 10,000 = 80,000

Knowledge 1

The statistical information of the competitive services of the bus company.

27Bus Company B Metro Company M

RFID No. = 222 “Airport Bus Stop”, “Downtown Bus Stop”, “Downtown Station”, “Uptown Station”

Both companies want to know the total number of passengers traveling from “Airport Bus Stop” to “Uptown Station”

Both companies want to know the total number of passengers traveling from “Airport District” to “Uptown District”

Roll-up

28

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 1

Determine whether this query allows that the metro company can infer any statistical information about the competitive services of the bus company.

If yes, we reject the query.If no, we give the answer of this query.

answer 1

29

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 2

Determine whether this query allows that the metro company can infer any statistical information about the competitive services of the bus company.

If yes, we reject the query.If no, we give the answer of this query.

answer 2

30

Trusted Third Party

Bus Company B Metro Company M

Integrated database

query 3

answer 3