Results 1 
4 of
4
Differentially private combinatorial optimization
, 2009
"... Consider the following problem: given a metric space, some of whose points are “clients, ” select a set of at most k facility locations to minimize the average distance from the clients to their nearest facility. This is just the wellstudied kmedian problem, for which many approximation algorithms ..."
Abstract

Cited by 22 (6 self)
 Add to MetaCart
(Show Context)
Consider the following problem: given a metric space, some of whose points are “clients, ” select a set of at most k facility locations to minimize the average distance from the clients to their nearest facility. This is just the wellstudied kmedian problem, for which many approximation algorithms and hardness results are known. Note that the objective function encourages opening facilities in areas where there are many clients, and given a solution, it is often possible to get a good idea of where the clients are located. This raises the following quandary: what if the locations of the clients are sensitive information that we would like to keep private? Is it even possible to design good algorithms for this problem that preserve the privacy of the clients? In this paper, we initiate a systematic study of algorithms for discrete optimization problems in the framework of differential privacy (which formalizes the idea of protecting the privacy of individual input elements). We show that many such problems indeed have good approximation algorithms that preserve differential privacy; this is even in cases where it is impossible to preserve cryptographic definitions of privacy while computing any nontrivial approximation to even the value of an optimal solution, let alone the entire solution. Apart from the kmedian problem, we consider the problems of vertex and set cover, mincut, kmedian, facility location, and Steiner tree, and give approximation algorithms and lower bounds for these problems. We also consider the recently introduced submodular maximization problem, “Combinatorial Public Projects ” (CPP), shown by Papadimitriou et al. [28] to be inapproximable to subpolynomial multiplicative factors by any efficient and truthful algorithm. We give a differentially private (and hence approximately truthful) algorithm that achieves a logarithmic additive approximation. 1
Differentially Private Approximation Algorithms
 In Proceedings of the ACMSIAM Symposium on Discrete Algorithms
, 2010
"... Consider the following problem: given a metric space, some of whose points are “clients, ” select a set of at most k facility locations to minimize the average distance from the clients to their nearest facility. This is just the wellstudied kmedian problem, for which many approximation algorithms ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
Consider the following problem: given a metric space, some of whose points are “clients, ” select a set of at most k facility locations to minimize the average distance from the clients to their nearest facility. This is just the wellstudied kmedian problem, for which many approximation algorithms and hardness results are known. Note that the objective function encourages opening facilities in areas where there are many clients, and given a solution, it is often possible to get a good idea of where the clients are located. This raises the following quandary: what if the locations of the clients are sensitive information that we would like to keep private? Is it even possible to design good algorithms for this problem that preserve the privacy of the clients? In this paper, we initiate a systematic study of algorithms for discrete optimization problems in the framework of differential privacy (which formalizes the idea of protecting the privacy of individual input elements). We show that many such problems indeed have good approximation algorithms that preserve differential privacy; this is even in cases where it is impossible to preserve cryptographic definitions of privacy while computing any nontrivial approximation to even the value of an optimal solution, let alone the entire solution. Apart from the kmedian problem, we consider the problems of vertex and set cover, mincut, kmedian,
NearOptimal Private Approximation Protocols via a Black Box Transformation
"... We show the following transformation: any twoparty protocol for outputting a (1 + ε)approximation to f(x, y) = n j=1 g(xj, yj) with probability at least 2/3, for any nonnegative efficienty computable function g, can be transformed into a twoparty private approximation protocol with only a polylo ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
We show the following transformation: any twoparty protocol for outputting a (1 + ε)approximation to f(x, y) = n j=1 g(xj, yj) with probability at least 2/3, for any nonnegative efficienty computable function g, can be transformed into a twoparty private approximation protocol with only a polylogarithmic factor loss in communication, computation, and round complexity. In general it is insufficient to use secure function evaluation or fully homomorphic encryption on a standard, nonprivate protocol for approximating f. This is because the approximation may reveal information about x and y that does not follow from f(x, y). Applying our transformation and variations of it, we obtain nearoptimal private approximation protocols for a wide range of problems in the data stream literature for which previously nothing was known. We give nearoptimal private approximation protocols for the ℓpdistance for every p ≥ 0, for the heavy hitters and importance sampling problems with respect to any ℓpnorm, for the maxdominance and other dominant ℓpnorms, for the distinct summation problem, for entropy, for cascaded frequency moments, for subspace approximation and block sampling, and for measuring independence of datasets. Using a result for data streams, we obtain private approximation protocols with polylogarithmic communication for every nondecreasing and symmetric function g(xj, yj) = h(xj − yj) with at most quadratic growth. If the original (nonprivate) protocol is a simultaneous protocol, e.g., a sketching algorithm, then our only cryptographic assumption is efficient symmetric computationallyprivate information retrieval; otherwise it is fully homomorphic encryption. For all but one of these problems, the original protocol is a sketching algorithm. Our protocols generalize straightforwardly to more than two parties.