Final Report Summary - PLATFORM (PRACTICAL LIGHT TYPES FOR RESOURCE CONSUMPTION)
Eliminating errors early in the software-design life cycle is crucial to reduce the tremendous societal cost represented by defective software. Modern programming languages offer a variety of techniques for ensuring, at design time, the correctness of software systems with respect to the desired behaviors. However, these techniques do not consider usually the software aspects related to programs resource consumption. So, new contributions and novel challenging ideas are needed. The present project has contributed to fill this gap by developing language-based methods and tools which are useful to ensure the correctness of programs with respect to their resource consumption.
Several recent prominent cases have shown the difficulties of ensuring anonymity in data analysis. This has pushed researcher working in privacy-preserving data analysis to consider new notions of privacy. A notion that is becoming a gold standard in privacy research is “differential privacy”. Differential privacy provides strong statistical guarantees that the presence or absence of an individual data have only a negligible effect on the results of a data analysis. To achieve this goal, differential privacy consider the privacy of an individual as a measurable resource that can be consumed. So, with each data analysis is associated a privacy budget and ensuring a program differentially private corresponds to provide a bound on the consumption of the privacy resource and show that this does not exceed the budget.
The present project has developed new approaches to differential privacy by designing language-based methods useful to ensure the correctness management of the individuals' privacy.
During the first year of this project, the researcher has studied a type-based framework based on a combination of linear and dependent types that is useful to infer the resource consumption of programs in terms of execution time. In this approach, a type is a certificate of the time complexity of a program. The main novelty of this approach is the ability of using in the analysis different resolution models depending on the program under consideration. This makes the applicability of this technique wider and modular.
During the second year, the researcher has contributed to the design of a methodology to automatically ensure programs differentially private. This methodology is based on the use of a domain specific functional programming language providing a type-based analysis useful to infer the
amount of the privacy budget used by the program. The main novelty of the type-based analysis is the use of a combination of linear and dependent types that is able to express the dependency of the privacy use on the input data. In order to make the type-based analysis automatic, the language uses some automatic tools for the resolution on the privacy constraints.
During the third year, the researcher has focused on how to effectively apply to differential privacy and to resource consumption the techniques and methods previously developed. In particular, he has contributed to developing the theory and practice of differential privacy in several different directions. He has contributed to the design of an economic model describing how to set the parameters involved in the definition of differential privacy. He has contributed to the design of an algorithm for differentially private query release that has good performance on high dimensional data. Finally, he has designed a novel verification technique that is useful to ensure differential privacy using standard tools. All these contributions cover different aspects of differential privacy and provide the basis for the development of tools that can efficiently and safely ensure differential privacy. During this phase the researcher has also further developed methods and tools useful to effectively enforce the resource consumption requirements that programs need to satisfy. This has permitted to develop a new theory useful to describe several resource analysis in a uniform way.
The results of all these works have been presented by the researcher Marco Gaboardi at top-ranked conferences and published in top-ranked international journals. Moreover, all the tools and methods developed along the project have been evaluated through the implementation of specific applications. The quality of the work carried out in the project has been recognized by invitations for Marco Gaboardi to deliver invited talks at several international workshops.
Besides the collection of important results, the project has been an important experience for the training of the researcher. He had several occasions for collaborating with internationally recognized researcher in several international institutions and in different disciplines such as algorithms, machine learning, databases, economics, systems, and network. The challenges offered by collaborate with an heterogeneous group have made him grow in his research maturity. The project has also offered him several occasion to further developing his skills in group and project management.
Project website:
http://staff.computing.dundee.ac.uk/marcogaboardi/platform.html
Several recent prominent cases have shown the difficulties of ensuring anonymity in data analysis. This has pushed researcher working in privacy-preserving data analysis to consider new notions of privacy. A notion that is becoming a gold standard in privacy research is “differential privacy”. Differential privacy provides strong statistical guarantees that the presence or absence of an individual data have only a negligible effect on the results of a data analysis. To achieve this goal, differential privacy consider the privacy of an individual as a measurable resource that can be consumed. So, with each data analysis is associated a privacy budget and ensuring a program differentially private corresponds to provide a bound on the consumption of the privacy resource and show that this does not exceed the budget.
The present project has developed new approaches to differential privacy by designing language-based methods useful to ensure the correctness management of the individuals' privacy.
During the first year of this project, the researcher has studied a type-based framework based on a combination of linear and dependent types that is useful to infer the resource consumption of programs in terms of execution time. In this approach, a type is a certificate of the time complexity of a program. The main novelty of this approach is the ability of using in the analysis different resolution models depending on the program under consideration. This makes the applicability of this technique wider and modular.
During the second year, the researcher has contributed to the design of a methodology to automatically ensure programs differentially private. This methodology is based on the use of a domain specific functional programming language providing a type-based analysis useful to infer the
amount of the privacy budget used by the program. The main novelty of the type-based analysis is the use of a combination of linear and dependent types that is able to express the dependency of the privacy use on the input data. In order to make the type-based analysis automatic, the language uses some automatic tools for the resolution on the privacy constraints.
During the third year, the researcher has focused on how to effectively apply to differential privacy and to resource consumption the techniques and methods previously developed. In particular, he has contributed to developing the theory and practice of differential privacy in several different directions. He has contributed to the design of an economic model describing how to set the parameters involved in the definition of differential privacy. He has contributed to the design of an algorithm for differentially private query release that has good performance on high dimensional data. Finally, he has designed a novel verification technique that is useful to ensure differential privacy using standard tools. All these contributions cover different aspects of differential privacy and provide the basis for the development of tools that can efficiently and safely ensure differential privacy. During this phase the researcher has also further developed methods and tools useful to effectively enforce the resource consumption requirements that programs need to satisfy. This has permitted to develop a new theory useful to describe several resource analysis in a uniform way.
The results of all these works have been presented by the researcher Marco Gaboardi at top-ranked conferences and published in top-ranked international journals. Moreover, all the tools and methods developed along the project have been evaluated through the implementation of specific applications. The quality of the work carried out in the project has been recognized by invitations for Marco Gaboardi to deliver invited talks at several international workshops.
Besides the collection of important results, the project has been an important experience for the training of the researcher. He had several occasions for collaborating with internationally recognized researcher in several international institutions and in different disciplines such as algorithms, machine learning, databases, economics, systems, and network. The challenges offered by collaborate with an heterogeneous group have made him grow in his research maturity. The project has also offered him several occasion to further developing his skills in group and project management.
Project website:
http://staff.computing.dundee.ac.uk/marcogaboardi/platform.html