更改

'''Differential privacy''' is a system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset. The idea behind differential privacy is that if the effect of making an arbitrary single substitution in the database is small enough, the query result cannot be used to infer much about any single individual, and therefore provides privacy. Another way to describe differential privacy is as a constraint on the algorithms used to publish aggregate information about a [[statistical database]] which limits the disclosure of private information of records whose information is in the database. For example, differentially private algorithms are used by some government agencies to publish demographic information or other statistical aggregates while ensuring [[confidentiality]] of survey responses, and [[#Adoption of differential privacy in real-world applications|by companies]] to collect information about user behavior while controlling what is visible even to internal analysts.

'''Differential privacy''' is a system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset. The idea behind differential privacy is that if the effect of making an arbitrary single substitution in the database is small enough, the query result cannot be used to infer much about any single individual, and therefore provides privacy. Another way to describe differential privacy is as a constraint on the algorithms used to publish aggregate information about a [[statistical database]] which limits the disclosure of private information of records whose information is in the database. For example, differentially private algorithms are used by some government agencies to publish demographic information or other statistical aggregates while ensuring [[confidentiality]] of survey responses, and [[#Adoption of differential privacy in real-world applications|by companies]] to collect information about user behavior while controlling what is visible even to internal analysts.

Differential privacy is a system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset. The idea behind differential privacy is that if the effect of making an arbitrary single substitution in the database is small enough, the query result cannot be used to infer much about any single individual, and therefore provides privacy. Another way to describe differential privacy is as a constraint on the algorithms used to publish aggregate information about a statistical database which limits the disclosure of private information of records whose information is in the database. For example, differentially private algorithms are used by some government agencies to publish demographic information or other statistical aggregates while ensuring confidentiality of survey responses, and by companies to collect information about user behavior while controlling what is visible even to internal analysts.

Differential privacy is a system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset. The idea behind differential privacy is that if the effect of making an arbitrary single substitution in the database is small enough, the query result cannot be used to infer much about any single individual, and therefore provides privacy. Another way to describe differential privacy is as a constraint on the algorithms used to publish aggregate information about a statistical database which limits the disclosure of private information of records whose information is in the database. For example, differentially private algorithms are used by some government agencies to publish demographic information or other statistical aggregates while ensuring confidentiality of survey responses, and by companies to collect information about user behavior while controlling what is visible even to internal analysts.

Roughly, an algorithm is differentially private if an observer seeing its output cannot tell if a particular individual's information was used in the computation.  

Roughly, an algorithm is differentially private if an observer seeing its output cannot tell if a particular individual's information was used in the computation.  

Differential privacy is often discussed in the context of identifying individuals whose information may be in a database. Although it does not directly refer to identification and reidentification attacks, differentially private algorithms probably resist such attacks.

Differential privacy is often discussed in the context of identifying individuals whose information may be in a database. Although it does not directly refer to identification and reidentification attacks, differentially private algorithms probably resist such attacks.

简单来说，如果观察者发现某算法的输出不能推断出一个特定个体的信息是否被用于其计算，则该算法是差分隐私的。通常，差分隐私算法会在识别其信息可能存在于数据库中的个体时被讨论。虽然差分隐私算法不直接涉及身份识别和身份重识别攻击，但它或许能够防御这些攻击。<ref name="DMNS06" />

简单来说，如果观察者发现某算法的输出不能推断出一个特定个体的信息是否被用于其计算，则该算法是差分隐私的。通常，差分隐私算法会在识别其信息可能存在于数据库中的个体时被讨论。虽然差分隐私算法不直接涉及身份识别和<font color="#ff8000">身份重识别Reidentification</font>攻击，但它或许能够防御这些攻击。<ref name="DMNS06" />

Differential privacy was developed by [[Cryptography|cryptographers]] and thus is often associated with cryptography, and draws much of its language from cryptography.

Differential privacy was developed by [[Cryptography|cryptographers]] and thus is often associated with cryptography, and draws much of its language from cryptography.

Differential privacy was developed by cryptographers and thus is often associated with cryptography, and draws much of its language from cryptography.

Differential privacy was developed by cryptographers and thus is often associated with cryptography, and draws much of its language from cryptography.

==History==

== History==

Official statistics organizations are charged with collecting information from individuals or establishments, and publishing aggregate data to serve the public interest.  For example, the [[1790 United States Census]] collected information about individuals living in the United States and published tabulations based on sex, age, race, and condition of servitude. Statistical organizations have long collected information under a promise of [[confidentiality]] that the information provided will be used for statistical purposes, but that the publications will not produce information that can be traced back to a specific individual or establishment. To accomplish this goal, statistical organizations have long suppressed information in their publications. For example, in a table presenting the sales of each business in a town grouped by business category, a cell that has information from only one company might be suppressed, in order to maintain the confidentiality of that company's specific sales.

Official statistics organizations are charged with collecting information from individuals or establishments, and publishing aggregate data to serve the public interest.  For example, the [[1790 United States Census]] collected information about individuals living in the United States and published tabulations based on sex, age, race, and condition of servitude. Statistical organizations have long collected information under a promise of [[confidentiality]] that the information provided will be used for statistical purposes, but that the publications will not produce information that can be traced back to a specific individual or establishment. To accomplish this goal, statistical organizations have long suppressed information in their publications. For example, in a table presenting the sales of each business in a town grouped by business category, a cell that has information from only one company might be suppressed, in order to maintain the confidentiality of that company's specific sales.

平行构图。如果前面的机制是在私有数据库的不相交子集上计算的，那么函数 g 将是(max _ i epsilon _ i)-微分私有。

平行构图。如果前面的机制是在私有数据库的不相交子集上计算的，那么函数 g 将是(max _ i epsilon _ i)-微分私有。

=== Robustness to post-processing===

===Robustness to post-processing===

For any deterministic or randomized function <math>F</math> defined over the image of the mechanism <math>\mathcal{A}</math>, if <math>\mathcal{A}</math> satisfies ε-differential privacy, so does <math>F(\mathcal{A})</math>.

For any deterministic or randomized function <math>F</math> defined over the image of the mechanism <math>\mathcal{A}</math>, if <math>\mathcal{A}</math> satisfies ε-differential privacy, so does <math>F(\mathcal{A})</math>.

总之，可组合性和对后期处理的健壮性允许模块化构建和分析不同的私有机制，并激励隐私损失预算的概念。如果访问复杂机制的敏感数据的所有元素都是单独的、不同的私有元素，那么它们的组合也是如此，然后是任意的后处理。

总之，可组合性和对后期处理的健壮性允许模块化构建和分析不同的私有机制，并激励隐私损失预算的概念。如果访问复杂机制的敏感数据的所有元素都是单独的、不同的私有元素，那么它们的组合也是如此，然后是任意的后处理。

===Group privacy===

===Group privacy ===

In general, ε-differential privacy is designed to protect the privacy between neighboring databases which differ only in one row. This means that no adversary with arbitrary auxiliary information can know if '''one''' particular participant submitted his information. However this is also extendable if we want to protect databases differing in <math>c</math> rows, which amounts to adversary with arbitrary auxiliary information can know if '''<math>c</math>''' particular participants submitted their information. This can be achieved because if <math>c</math> items change, the probability dilation is bounded by <math>\exp ( \epsilon c )</math> instead of <math>\exp ( \epsilon )</math>,'''<ref name="Dwork, ICALP 2006" />''' i.e., for D₁ and D₂ differing on <math>c</math> items:

In general, ε-differential privacy is designed to protect the privacy between neighboring databases which differ only in one row. This means that no adversary with arbitrary auxiliary information can know if '''one''' particular participant submitted his information. However this is also extendable if we want to protect databases differing in <math>c</math> rows, which amounts to adversary with arbitrary auxiliary information can know if '''<math>c</math>''' particular participants submitted their information. This can be achieved because if <math>c</math> items change, the probability dilation is bounded by <math>\exp ( \epsilon c )</math> instead of <math>\exp ( \epsilon )</math>,'''<ref name="Dwork, ICALP 2006" />''' i.e., for D₁ and D₂ differing on <math>c</math> items:

\exp(\epsilon c)\cdot\Pr[\mathcal{A}(D_{2})\in S]\,\!</math>

\exp(\epsilon c)\cdot\Pr[\mathcal{A}(D_{2})\in S]\,\!</math>

:\Pr[\mathcal{A}(D_{1})\in S]\leq

: \Pr[\mathcal{A}(D_{1})\in S]\leq

\exp(\epsilon c)\cdot\Pr[\mathcal{A}(D_{2})\in S]\,\!

\exp(\epsilon c)\cdot\Pr[\mathcal{A}(D_{2})\in S]\,\!

:frc { mathrm { pdf }(mathcal { t } _ { mathcal { a } ，d _ 1}(x) = t)}{ mathrm { pdf }(mathcal { t } _ { mathcal { a } ，d _ 2}(x) = t)} = frc { text { noise }(t-f (d _ 1))}{ text { noise }(t-f (d _ 2))} ，！

: frc { mathrm { pdf }(mathcal { t } _ { mathcal { a } ，d _ 1}(x) = t)}{ mathrm { pdf }(mathcal { t } _ { mathcal { a } ，d _ 2}(x) = t)} = frc { text { noise }(t-f (d _ 1))}{ text { noise }(t-f (d _ 2))} ，！

which is at most <math>e^{\frac{|f(D_{1})-f(D_{2})|}{\lambda}}\leq e^{\frac{\Delta(f)}{\lambda}}\,\!</math>. We can consider <math>\frac{\Delta(f)}{\lambda}\,\!</math> to be the privacy factor <math>\epsilon\,\!</math>. Thus <math>\mathcal{T}\,\!</math> follows a differentially private mechanism (as can be seen from [[#&epsilon;-differential privacy|the definition above]]). If we try to use this concept in our diabetes example then it follows from the above derived fact that in order to have <math>\mathcal{A}\,\!</math> as the <math>\epsilon\,\!</math>-differential private algorithm we need to have <math>\lambda=1/\epsilon\,\!</math>. Though we have used Laplace noise here, other forms of noise, such as the Gaussian Noise, can be employed, but they may require a slight relaxation of the definition of differential privacy.<ref name="Dwork, ICALP 2006" />

which is at most <math>e^{\frac{|f(D_{1})-f(D_{2})|}{\lambda}}\leq e^{\frac{\Delta(f)}{\lambda}}\,\!</math>. We can consider <math>\frac{\Delta(f)}{\lambda}\,\!</math> to be the privacy factor <math>\epsilon\,\!</math>. Thus <math>\mathcal{T}\,\!</math> follows a differentially private mechanism (as can be seen from [[#&epsilon;-differential privacy|the definition above]]). If we try to use this concept in our diabetes example then it follows from the above derived fact that in order to have <math>\mathcal{A}\,\!</math> as the <math>\epsilon\,\!</math>-differential private algorithm we need to have <math>\lambda=1/\epsilon\,\!</math>. Though we have used Laplace noise here, other forms of noise, such as the Gaussian Noise, can be employed, but they may require a slight relaxation of the definition of differential privacy.<ref name="Dwork, ICALP 2006" />

||1

||1

|-

|-

| Monica

|Monica

||1

||1

|-

|-

||1

||1

|-

|-

| Monica

|Monica

||1

||1

|-

|-

|-

|-

|Chandler

|Chandler

||1

|| 1

|-

|-

|Rachel

| Rachel

||0

|| 0

|}

|}

#Toss a coin.

#Toss a coin.

# If heads, then toss the coin again (ignoring the outcome), and answer the question honestly.

#If heads, then toss the coin again (ignoring the outcome), and answer the question honestly.

#If tails, then toss the coin again and answer "Yes" if heads, "No" if tails.

#If tails, then toss the coin again and answer "Yes" if heads, "No" if tails.

# 抛硬币。# 如果是正面，再掷硬币(忽略结果) ，诚实地回答问题。# 如果是反面，再掷一次硬币，如果是正面，回答“是”; 如果是反面，回答“否”。

#抛硬币。# 如果是正面，再掷硬币(忽略结果) ，诚实地回答问题。# 如果是反面，再掷一次硬币，如果是正面，回答“是”; 如果是反面，回答“否”。

(The seemingly redundant extra toss in the first case is needed in situations where just the ''act'' of tossing a coin may be observed by others, even if the actual result stays hidden.) The confidentiality then arises from the [[Falsifiability|refutability]] of the individual responses.

(The seemingly redundant extra toss in the first case is needed in situations where just the ''act'' of tossing a coin may be observed by others, even if the actual result stays hidden.) The confidentiality then arises from the [[Falsifiability|refutability]] of the individual responses.

虽然这个例子受到了随机化回答的启发，可能适用于微数据(例如，发布每个响应的数据集) ，但根据定义，差分隐私排除了微数据发布，并且只适用于查询(例如，将单个响应聚合成一个结果) ，因为这将违反要求，更具体地说，是一个主题参与或不参与的似是而非的否认。辛西娅。“为私人数据分析奠定坚实的基础。”美国计算机学会通讯54.1(2011) : 86-95，上注19，第91页. Bambauer，Jane，Krishnamurty Muralidhar，and Rathindra Sarathy。“愚人的黄金: 对差分隐私的插图式批评。”Vand.J. Ent.北京科技发展有限公司。L. 16(2013) : 701.

虽然这个例子受到了随机化回答的启发，可能适用于微数据(例如，发布每个响应的数据集) ，但根据定义，差分隐私排除了微数据发布，并且只适用于查询(例如，将单个响应聚合成一个结果) ，因为这将违反要求，更具体地说，是一个主题参与或不参与的似是而非的否认。辛西娅。“为私人数据分析奠定坚实的基础。”美国计算机学会通讯54.1(2011) : 86-95，上注19，第91页. Bambauer，Jane，Krishnamurty Muralidhar，and Rathindra Sarathy。“愚人的黄金: 对差分隐私的插图式批评。”Vand.J. Ent.北京科技发展有限公司。L. 16(2013) : 701.

=== Stable transformations===

===Stable transformations===

A transformation <math>T</math> is <math>c</math>-stable if the [[Hamming distance]] between <math>T(A)</math> and <math>T(B)</math> is at most <math>c</math>-times the Hamming distance between <math>A</math> and <math>B</math> for any two databases <math>A,B</math>. Theorem 2 in <ref name="PINQ" /> asserts that if there is a mechanism <math>M</math> that is <math>\epsilon</math>-differentially private, then the composite mechanism <math>M\circ T</math> is <math>(\epsilon \times c)</math>-differentially private.

A transformation <math>T</math> is <math>c</math>-stable if the [[Hamming distance]] between <math>T(A)</math> and <math>T(B)</math> is at most <math>c</math>-times the Hamming distance between <math>A</math> and <math>B</math> for any two databases <math>A,B</math>. Theorem 2 in <ref name="PINQ" /> asserts that if there is a mechanism <math>M</math> that is <math>\epsilon</math>-differentially private, then the composite mechanism <math>M\circ T</math> is <math>(\epsilon \times c)</math>-differentially private.

由于对于某些应用程序来说，差分隐私被认为太强或太弱，因此人们提出了许多版本。最广泛的松弛是(ε，δ)-差分隐私，它通过允许增加一个上限 ε 不成立的概率密度 δ 来削弱定义。

由于对于某些应用程序来说，差分隐私被认为太强或太弱，因此人们提出了许多版本。最广泛的松弛是(ε，δ)-差分隐私，它通过允许增加一个上限 ε 不成立的概率密度 δ 来削弱定义。

==Adoption of differential privacy in real-world applications==

==Adoption of differential privacy in real-world applications ==

{{see also|Implementations of differentially private analyses}}

{{see also|Implementations of differentially private analyses}}

Several uses of differential privacy in practice are known to date:

Several uses of differential privacy in practice are known to date:

*2017: Microsoft, for telemetry in Windows.

*2017: Microsoft, for telemetry in Windows.

*2019: Privitar Lens is an API using differential privacy.

*2019: Privitar Lens is an API using differential privacy.

* 2020: LinkedIn, for advertiser queries.

*2020: LinkedIn, for advertiser queries.

2008: u.s. Census Bureau，for shows comforting patterns. 在实践中，差分隐私的几个用途已经为人所知:  

2008: u.s. Census Bureau，for shows comforting patterns. 在实践中，差分隐私的几个用途已经为人所知:  

*Exponential mechanism (differential privacy) – a technique for designing differentially private algorithms

*Exponential mechanism (differential privacy) – a technique for designing differentially private algorithms

*k-anonymity

*k-anonymity

* Differentially private analysis of graphs

*Differentially private analysis of graphs

*Protected health information

*Protected health information

*指数机制(差分隐私)-一种设计不同私有算法的技术

*指数机制(差分隐私)-一种设计不同私有算法的技术

*k-匿名

*k-匿名

*图的不同私有分析

* 图的不同私有分析

*受保护的健康信息

*受保护的健康信息

==References==

==References ==

{{Reflist|refs=

{{Reflist|refs=

<ref name="DKMMN06">

<ref name="DKMMN06">

*Dwork, Cynthia and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science. Vol. 9, Nos. 3–4. 211–407, {{doi|10.1561/0400000042}}.

*Dwork, Cynthia and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science. Vol. 9, Nos. 3–4. 211–407, {{doi|10.1561/0400000042}}.

*Machanavajjhala, Ashwin, Daniel Kifer, John M. Abowd, Johannes Gehrke, and Lars Vilhuber. 2008. Privacy: Theory Meets Practice on the Map, International Conference on Data Engineering (ICDE) 2008: 277-286, {{doi|10.1109/ICDE.2008.4497436}}.

*Machanavajjhala, Ashwin, Daniel Kifer, John M. Abowd, Johannes Gehrke, and Lars Vilhuber. 2008. Privacy: Theory Meets Practice on the Map, International Conference on Data Engineering (ICDE) 2008: 277-286, {{doi|10.1109/ICDE.2008.4497436}}.

* Dwork, Cynthia and Moni Naor. 2010. On the Difficulties of Disclosure Prevention in Statistical Databases or The Case for Differential Privacy, Journal of Privacy and Confidentiality: Vol. 2: Iss. 1, Article 8. Available at: http://repository.cmu.edu/jpc/vol2/iss1/8.

*Dwork, Cynthia and Moni Naor. 2010. On the Difficulties of Disclosure Prevention in Statistical Databases or The Case for Differential Privacy, Journal of Privacy and Confidentiality: Vol. 2: Iss. 1, Article 8. Available at: http://repository.cmu.edu/jpc/vol2/iss1/8.

*Kifer, Daniel and Ashwin Machanavajjhala. 2011. No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of data (SIGMOD '11). ACM, New York, NY, USA, 193-204. {{doi|10.1145/1989323.1989345}}.

* Kifer, Daniel and Ashwin Machanavajjhala. 2011. No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of data (SIGMOD '11). ACM, New York, NY, USA, 193-204. {{doi|10.1145/1989323.1989345}}.

*Erlingsson, Úlfar, Vasyl Pihur and Aleksandra Korolova. 2014. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 1054-1067. {{doi|10.1145/2660267.2660348}}.

*Erlingsson, Úlfar, Vasyl Pihur and Aleksandra Korolova. 2014. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 1054-1067. {{doi|10.1145/2660267.2660348}}.

*Abowd, John M. and Ian M. Schmutte. 2017 . Revisiting the economics of privacy: Population statistics and confidentiality protection as public goods. Labor Dynamics Institute, Cornell University, Labor Dynamics Institute, Cornell University, at https://digitalcommons.ilr.cornell.edu/ldi/37/

*Abowd, John M. and Ian M. Schmutte. 2017 . Revisiting the economics of privacy: Population statistics and confidentiality protection as public goods. Labor Dynamics Institute, Cornell University, Labor Dynamics Institute, Cornell University, at https://digitalcommons.ilr.cornell.edu/ldi/37/

*Abowd, John M. and Ian M. Schmutte. Forthcoming. An Economic Analysis of Privacy Protection and Statistical Accuracy as Social Choices. American Economic Review,  {{arxiv|1808.06303}}

*Abowd, John M. and Ian M. Schmutte. Forthcoming. An Economic Analysis of Privacy Protection and Statistical Accuracy as Social Choices. American Economic Review,  {{arxiv|1808.06303}}

*Apple, Inc. 2016. Apple previews iOS 10, the biggest iOS release ever. Press Release (June 13). https://www.apple.com/newsroom/2016/06/apple-previews-ios-10-biggest-ios-release-ever.html.

*Apple, Inc. 2016. Apple previews iOS 10, the biggest iOS release ever. Press Release (June 13). https://www.apple.com/newsroom/2016/06/apple-previews-ios-10-biggest-ios-release-ever.html.

* Ding, Bolin, Janardhan Kulkarni, and Sergey Yekhanin 2017. Collecting Telemetry Data Privately, NIPS 2017.

*Ding, Bolin, Janardhan Kulkarni, and Sergey Yekhanin 2017. Collecting Telemetry Data Privately, NIPS 2017.

*http://www.win-vector.com/blog/2015/10/a-simpler-explanation-of-differential-privacy/

*http://www.win-vector.com/blog/2015/10/a-simpler-explanation-of-differential-privacy/

*Ryffel, Theo, Andrew Trask, et. al. [[arxiv:1811.04017|"A generic framework for privacy preserving deep learning"]]

*Ryffel, Theo, Andrew Trask, et. al. [[arxiv:1811.04017|"A generic framework for privacy preserving deep learning"]]

* A reading list on differential privacy

*A reading list on differential privacy

* Abowd, John. 2017. “How Will Statistical Agencies Operate When All Data Are Private?”. Journal of Privacy and Confidentiality 7 (3).  (slides)

*Abowd, John. 2017. “How Will Statistical Agencies Operate When All Data Are Private?”. Journal of Privacy and Confidentiality 7 (3).  (slides)

*"Differential Privacy: A Primer for a Non-technical Audience", Kobbi Nissim, Thomas Steinke, Alexandra Wood, Micah Altman, Aaron Bembenek, Mark Bun, Marco Gaboardi, David R. O’Brien, and Salil Vadhan, Harvard Privacy Tools Project, February 14, 2018

*"Differential Privacy: A Primer for a Non-technical Audience", Kobbi Nissim, Thomas Steinke, Alexandra Wood, Micah Altman, Aaron Bembenek, Mark Bun, Marco Gaboardi, David R. O’Brien, and Salil Vadhan, Harvard Privacy Tools Project, February 14, 2018

*Dinur, Irit and Kobbi Nissim. 2003. Revealing information while preserving privacy. In Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems(PODS '03). ACM, New York, NY, USA, 202-210. .

*Dinur, Irit and Kobbi Nissim. 2003. Revealing information while preserving privacy. In Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems(PODS '03). ACM, New York, NY, USA, 202-210. .

*Dwork, Cynthia, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. in Halevi, S. & Rabin, T. (Eds.) Calibrating Noise to Sensitivity in Private Data Analysis Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, March 4–7, 2006. Proceedings, Springer Berlin Heidelberg, 265-284, .

*Dwork, Cynthia, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. in Halevi, S. & Rabin, T. (Eds.) Calibrating Noise to Sensitivity in Private Data Analysis Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, March 4–7, 2006. Proceedings, Springer Berlin Heidelberg, 265-284, .

*Dwork, Cynthia. 2006. Differential Privacy, 33rd International Colloquium on Automata, Languages and Programming, part II (ICALP 2006), Springer Verlag, 4052, 1-12, .

*Dwork, Cynthia. 2006. Differential Privacy, 33rd International Colloquium on Automata, Languages and Programming, part II (ICALP 2006), Springer Verlag, 4052, 1-12, .

*Dwork, Cynthia and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science. Vol. 9, Nos. 3–4. 211–407, .

* Dwork, Cynthia and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science. Vol. 9, Nos. 3–4. 211–407, .

*Machanavajjhala, Ashwin, Daniel Kifer, John M. Abowd, Johannes Gehrke, and Lars Vilhuber. 2008. Privacy: Theory Meets Practice on the Map, International Conference on Data Engineering (ICDE) 2008: 277-286, .

*Machanavajjhala, Ashwin, Daniel Kifer, John M. Abowd, Johannes Gehrke, and Lars Vilhuber. 2008. Privacy: Theory Meets Practice on the Map, International Conference on Data Engineering (ICDE) 2008: 277-286, .

* Dwork, Cynthia and Moni Naor. 2010. On the Difficulties of Disclosure Prevention in Statistical Databases or The Case for Differential Privacy, Journal of Privacy and Confidentiality: Vol. 2: Iss. 1, Article 8. Available at: http://repository.cmu.edu/jpc/vol2/iss1/8.

*Dwork, Cynthia and Moni Naor. 2010. On the Difficulties of Disclosure Prevention in Statistical Databases or The Case for Differential Privacy, Journal of Privacy and Confidentiality: Vol. 2: Iss. 1, Article 8. Available at: http://repository.cmu.edu/jpc/vol2/iss1/8.

*Kifer, Daniel and Ashwin Machanavajjhala. 2011. No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of data (SIGMOD '11). ACM, New York, NY, USA, 193-204. .

*Kifer, Daniel and Ashwin Machanavajjhala. 2011. No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of data (SIGMOD '11). ACM, New York, NY, USA, 193-204. .

*Erlingsson, Úlfar, Vasyl Pihur and Aleksandra Korolova. 2014. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 1054-1067. .

*Erlingsson, Úlfar, Vasyl Pihur and Aleksandra Korolova. 2014. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 1054-1067. .

*Abowd, John M. and Ian M. Schmutte. Forthcoming. An Economic Analysis of Privacy Protection and Statistical Accuracy as Social Choices. American Economic Review,

*Abowd, John M. and Ian M. Schmutte. Forthcoming. An Economic Analysis of Privacy Protection and Statistical Accuracy as Social Choices. American Economic Review,

*Apple, Inc. 2016. Apple previews iOS 10, the biggest iOS release ever. Press Release (June 13). https://www.apple.com/newsroom/2016/06/apple-previews-ios-10-biggest-ios-release-ever.html.

*Apple, Inc. 2016. Apple previews iOS 10, the biggest iOS release ever. Press Release (June 13). https://www.apple.com/newsroom/2016/06/apple-previews-ios-10-biggest-ios-release-ever.html.

* Ding, Bolin, Janardhan Kulkarni, and Sergey Yekhanin 2017. Collecting Telemetry Data Privately, NIPS 2017.

*Ding, Bolin, Janardhan Kulkarni, and Sergey Yekhanin 2017. Collecting Telemetry Data Privately, NIPS 2017.

*http://www.win-vector.com/blog/2015/10/a-simpler-explanation-of-differential-privacy/

*http://www.win-vector.com/blog/2015/10/a-simpler-explanation-of-differential-privacy/

*Ryffel, Theo, Andrew Trask, et. al. "A generic framework for privacy preserving deep learning"

*Ryffel, Theo, Andrew Trask, et. al. "A generic framework for privacy preserving deep learning"

差分隐私上的阅读清单。2017.“当所有数据都是私人数据时，统计机构将如何运作?”。隐私与保密期刊7(3)。(幻灯片)  

差分隐私上的阅读清单。2017.“当所有数据都是私人数据时，统计机构将如何运作?”。隐私与保密期刊7(3)。(幻灯片)  

*“差分隐私: 非技术观众入门”，Kobbi Nissim，Thomas Steinke，Alexandra Wood，Micah Altman，Aaron Bembenek，Mark Bun，Marco gabordi，David r. o’brien，and Salil Vadhan，Harvard Privacy Tools Project，February 14,2018

* “差分隐私: 非技术观众入门”，Kobbi Nissim，Thomas Steinke，Alexandra Wood，Micah Altman，Aaron Bembenek，Mark Bun，Marco gabordi，David r. o’brien，and Salil Vadhan，Harvard Privacy Tools Project，February 14,2018

*Dinur，Irit and Kobbi Nissim。2003.在保护隐私的同时披露信息。在第二十二届 ACM SIGMOD-SIGACT-SIGART 数据库系统原理研讨会会议录(PODS’03)。ACM，纽约，纽约，美国，202-210. 。

*Dinur，Irit and Kobbi Nissim。2003.在保护隐私的同时披露信息。在第二十二届 ACM SIGMOD-SIGACT-SIGART 数据库系统原理研讨会会议录(PODS’03)。ACM，纽约，纽约，美国，202-210. 。

*Dwork、 Cynthia、 Frank McSherry、 Kobbi Nissim 和 Adam Smith。2006. in Halevi，s & Rabin，t.(Eds.)在密码学的私人数据分析理论中校准噪声的灵敏度: 第三次密码学理论会议，TCC 2006，纽约，纽约，美国，2006年3月4-7。美国国家科学院院刊，Springer Berlin Heidelberg，265-284，。

*Dwork、 Cynthia、 Frank McSherry、 Kobbi Nissim 和 Adam Smith。2006. in Halevi，s & Rabin，t.(Eds.)在密码学的私人数据分析理论中校准噪声的灵敏度: 第三次密码学理论会议，TCC 2006，纽约，纽约，美国，2006年3月4-7。美国国家科学院院刊，Springer Berlin Heidelberg，265-284，。

*[https://www.belfercenter.org/publication/technology-factsheet-differential-privacy Technology Factsheet: Differential Privacy] by Raina Gandhi and Amritha Jayanti, Belfer Center for Science and International Affairs, Fall 2020

*[https://www.belfercenter.org/publication/technology-factsheet-differential-privacy Technology Factsheet: Differential Privacy] by Raina Gandhi and Amritha Jayanti, Belfer Center for Science and International Affairs, Fall 2020

* Differential Privacy by Cynthia Dwork, ICALP July 2006.

*Differential Privacy by Cynthia Dwork, ICALP July 2006.

*The Algorithmic Foundations of Differential Privacy by Cynthia Dwork and Aaron Roth, 2014.

*The Algorithmic Foundations of Differential Privacy by Cynthia Dwork and Aaron Roth, 2014.

*Differential Privacy: A Survey of Results by Cynthia Dwork, Microsoft Research, April 2008

*Differential Privacy: A Survey of Results by Cynthia Dwork, Microsoft Research, April 2008

差分隐私: Cynthia Dwork，ICALP July 2006。差分隐私的算法基础》 ，Cynthia Dwork 和 Aaron Roth，2014年。2013年12月，加州理工学院卡特里娜 · 利格特教授，差分隐私，差分隐私，差分隐私实用指南，克里斯汀 · 特拉克，普渡大学,2012年4月  

差分隐私: Cynthia Dwork，ICALP July 2006。差分隐私的算法基础》 ，Cynthia Dwork 和 Aaron Roth，2014年。2013年12月，加州理工学院卡特里娜 · 利格特教授，差分隐私，差分隐私，差分隐私实用指南，克里斯汀 · 特拉克，普渡大学,2012年4月  

* 私人地图制作者 v0.2 on the Common Data Project Blog

*私人地图制作者 v0.2 on the Common Data Project Blog

*Learning Statistics with Privacy，added by the Flip of a Coin by úlfar Erlingsson，Google Research Blog，October 2014

*Learning Statistics with Privacy，added by the Flip of a Coin by úlfar Erlingsson，Google Research Blog，October 2014

*Technology Factsheet: 差分隐私地图制作者 Raina Gandhi and Amritha Jayanti，Belfer Center for Science and International Affairs，Fall 2020

*Technology Factsheet: 差分隐私地图制作者 Raina Gandhi and Amritha Jayanti，Belfer Center for Science and International Affairs，Fall 2020

[[Category:Theory of cryptography]]

[[Category:Theory of cryptography]]

[[Category:Information privacy]]

[[Category:Information privacy]]