差分隐私的隐私观与隐私目标  被引量：2

作　　者：贾靖宇 谭畅 刘哲伟[2,3] 李鑫豪 刘哲理 张涛[4] JIA Jingyu;TAN Chang;LIU Zhewei;LI Xinhao;LIU Zheli;ZHANG Tao(College of Computer Science,Nankai University,Tianjin 300350,China;Key Laboratory of Data and Intelligent System Security,Ministry of Education,Nankai University,Tianjin 300350,China;College of Cyber Science,Nankai University,Tianjin 300350,China;Laser Fusion Research Center,China Academy of Engineering Physics,Mianyang 621900,China)

机构地区：[1]南开大学计算机学院,天津300350 [2]南开大学数据与智能系统安全教育部重点实验室,天津300350 [3]南开大学网络空间安全学院,天津300350 [4]中国工程物理研究院激光聚变研究中心,四川绵阳621900

出　　处：《网络与信息安全学报》2023年第5期82-91,共10页Chinese Journal of Network and Information Security

基　　金：国家自然科学基金(62032012)。

摘　　要：为了解决差分隐私中“隐私目标”难以理解的问题,研究差分隐私在多个领域中存在的隐私争议。从数据相关性场景的具体示例展开,研究学者对差分隐私保护目标的不同观点。当数据集中的记录具有相关性时,敌手能利用记录间相关性从差分隐私机制中准确推理用户的某些敏感信息。这种现象是否违反隐私保护,引起学者的长期讨论。借助法学领域的研究,调研计算机领域两种主流隐私理论对隐私定义的影响。限制访问个人信息理论强调阻止他人获取个人的敏感信息。该理论认为隐私机制应当阻止敌手通过获取用户的真实信息。对个人信息的控制理论则强调个人向他人传达有关自身信息的权利。该理论认为因他人分享数据的相关性,个人的信息泄露不应该被视为隐私泄露。分析计算机科学、社会科学、伦理道德以及人机交互领域中学者对于隐私概念的不同理解而对差分隐私产生的争议。从多学科视角分析差分隐私的隐私观,帮助读者正确认识差分隐私的隐私观与隐私目标,并增进读者对“隐私”的理解。The study aimed to address the challenges in understanding the privacy goals of differential privacy by analyzing the privacy controversies surrounding it in various fields.It began with the example of data correlation and highlighted the differing perspectives among scholars regarding the targets of privacy protection.In cases where records in a dataset were correlated,adversaries can exploit this correlation to infer sensitive information about individuals,thereby sparking a debate on whether this violates privacy protection.To investigate the influence of privacy theories in the legal domain on defining privacy,two mainstream privacy theories in the computer field were examined.The first theory,limited access to personal information,focuses on preventing others from accessing an individual’s sensitive information.According to this theory,privacy mechanisms should aim to prevent adversaries from accessing a user’s actual information.In contrast,the second theory,control over personal information,emphasizes an individual’s right to communicate personal information to others.This theory suggests that the disclosure of personal information due to the relevance of others sharing data should not be considered a breach of privacy.Then the controversies of differential privacy were analyzed in the fields of computer science,social science,ethics and human-computer interaction due to their different understandings of privacy.By exploring the privacy concept of differential privacy from a multidisciplinary perspective,this study helps readers gain a correct understanding of the privacy viewpoint and goals of differential privacy while enhancing their understanding of the concept of“privacy”itself.

关 键 词：差分隐私 数据相关性 隐私风险 隐私理论 

分 类 号：TP3-05[自动化与计算机技术—计算机科学与技术]