Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Optimal Privacy-Aware Stochastic Sampling

Chuanghong Weng, Ehsan Nekouei

TL;DR

The paper addresses privacy leakage in dynamic sensing by designing a privacy-aware stochastic sampler that selectively shares observations. It develops a dynamic-programming decomposition to jointly optimize sampling and reconstruction, deriving structural results for general nonlinear systems and tractable closed-form designs for linear Gaussian models. A policy-gradient algorithm based on the implicit function theorem enables joint design, and simulations show improved utility-privacy trade-offs with reduced data transmission. This framework is applicable to IoT and networked control settings where adversaries may exploit transmitted data to infer private inputs, providing a principled, information-theoretic approach to privacy-preserving data sharing.

Abstract

This paper presents a stochastic sampling framework for privacy-aware data sharing, where a sensor observes a process correlated with private information. A sampler determines whether to retain or discard sensor observations, balancing the tradeoff between data utility and privacy. Retained samples are shared with an adversary who may attempt to infer the private process, with privacy leakage quantified using mutual information. The sampler design is formulated as an optimization problem with two objectives: $\left(\romannumeral1\right)$ minimizing the reconstruction error of the observed process using the sampler's output, $\left(\romannumeral2\right)$ reducing the privacy leakages. For a general class of processes, we show that the optimal reconstruction policy is deterministic and derive the optimality conditions for the sampling policy using a dynamic decomposition method, which enables the sampler to control the adversary's belief about private inputs. For linear Gaussian processes, we propose a simplified design by restricting the sampling policy to a specific collection, providing analytical expressions for the reconstruction error, belief state, and sampling objectives based on conditional means and covariances. Additionally, we develop a numerical optimization algorithm to optimize the sampling and reconstruction policies, wherein the policy gradient theorem for the optimal sampling design is derived based on the implicit function theorem. Simulations demonstrate the effectiveness of the proposed method in achieving accurate state reconstruction, privacy protection, and data size reduction.

Optimal Privacy-Aware Stochastic Sampling

TL;DR

The paper addresses privacy leakage in dynamic sensing by designing a privacy-aware stochastic sampler that selectively shares observations. It develops a dynamic-programming decomposition to jointly optimize sampling and reconstruction, deriving structural results for general nonlinear systems and tractable closed-form designs for linear Gaussian models. A policy-gradient algorithm based on the implicit function theorem enables joint design, and simulations show improved utility-privacy trade-offs with reduced data transmission. This framework is applicable to IoT and networked control settings where adversaries may exploit transmitted data to infer private inputs, providing a principled, information-theoretic approach to privacy-preserving data sharing.

Abstract

This paper presents a stochastic sampling framework for privacy-aware data sharing, where a sensor observes a process correlated with private information. A sampler determines whether to retain or discard sensor observations, balancing the tradeoff between data utility and privacy. Retained samples are shared with an adversary who may attempt to infer the private process, with privacy leakage quantified using mutual information. The sampler design is formulated as an optimization problem with two objectives: minimizing the reconstruction error of the observed process using the sampler's output, reducing the privacy leakages. For a general class of processes, we show that the optimal reconstruction policy is deterministic and derive the optimality conditions for the sampling policy using a dynamic decomposition method, which enables the sampler to control the adversary's belief about private inputs. For linear Gaussian processes, we propose a simplified design by restricting the sampling policy to a specific collection, providing analytical expressions for the reconstruction error, belief state, and sampling objectives based on conditional means and covariances. Additionally, we develop a numerical optimization algorithm to optimize the sampling and reconstruction policies, wherein the policy gradient theorem for the optimal sampling design is derived based on the implicit function theorem. Simulations demonstrate the effectiveness of the proposed method in achieving accurate state reconstruction, privacy protection, and data size reduction.
Paper Structure (30 sections, 11 theorems, 90 equations, 8 figures, 1 algorithm)

This paper contains 30 sections, 11 theorems, 90 equations, 8 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. Motivation
  3. Contributions
  4. Related Work
  5. Outline
  6. Notation
  7. Problem Formulation
  8. System Model
  9. Motivating Examples
  10. Heating, Ventilation, and Air Conditioning (HVAC) System
  11. Privacy-Aware Causal Compression for Mobility Datasets
  12. Optimal Privacy-Aware Sampler Design
  13. Structural Properties of the Optimal Privacy-aware Sampling Design
  14. Optimal Reconstruction Policy
  15. Optimal Privacy-Aware Sampler
  16. ...and 15 more sections

Key Result

Lemma 1

Given the sampling policy $\pi=\left\{\pi_k\right\}^K_{k=0}$ and the the sampler's output $Z^{k}$, the optimal reconstruction policy is $k=0,1,\cdots ,K.$ If the distortion measure is the squared reconstruction error, i.e., $l_D\left( X_k,\tilde{\pi}_k\left( Z^k \right) \right) =\left( X_k-\tilde{\pi}_k\left( Z^k \right) \right) ^{\top}\left( X_k-\tilde{\pi}_k\left( Z^k \right) \right)$, then the

Figures (8)

  • Figure 1: The privacy-aware stochastic sampling setup.
  • Figure 2: The privacy-aware networked control system.
  • Figure 3: The structure of optimal sampler.
  • Figure 4: The structure of sampling policy for linear systems.
  • Figure 5: A trajectory of X and its reconstruction $(a)$, a trajectory of Y and its reconstruction $(b)$. The sampling rate is equal to one.
  • ...and 3 more figures

Theorems & Definitions (23)

  • Lemma 1
  • proof
  • Lemma 2
  • proof
  • Theorem 1
  • proof
  • Theorem 2
  • Remark 1
  • Lemma 3
  • proof
  • ...and 13 more