Aggregating data generated locally by smartphones and other edge devices is vital for distributed applications and systemperformance monitoring but carries significant risks when data is mishandled. In this work, we develop and deploy numerical aggregation protocols that (i) are compatible with several notions of privacy, (ii) come with attractive accuracy-privacy tradeoffs when used with differential privacy, (iii) empirically improve upon prior protocols. Our protocols promote a basic tenet of privacy — not sharing unnecessary information. For each private value, at most one bit is used. This supports (i) privacy metering that enables privacy controls and (ii) worst-case guarantees not covered by differential privacy. We emphasize ease of implementation, compatibility with existing infrastructure, and compelling empirical performance. We report on our experience deploying the method for online aggregation in an industrial context.
[ bib | DOI | http | Alternate Version | .pdf ] Back
This file was generated by bibtex2html 1.92.