公开(公告)号：US12105832B2

公开(公告)日：2024-10-01

申请号：US18510179

申请日：2023-11-15

Applicant: Snowflake Inc.

Inventor： Liam James Damewood ,  Oana Niculaescu ,  Alexander Rozenshteyn ,  Ann Yang

IPC: G06F16/245 ,  G06F21/62

CPC classification number: G06F21/6227 ,  G06F16/245

Abstract: A differentially private security system communicatively coupled to a database storing restricted data receives a database query from a client. The database query includes an operation, a target accuracy, and a maximum privacy spend for the query. The system performs the operation to produce a result, then injects the result with noise sampled from a Laplace distribution to produce a differentially private result. The system iteratively calibrates the noise value of the differentially private result using a secondary distribution different from the Laplace distribution and a new fractional privacy spend. The system ceases to iterate when an iteration uses the maximum privacy spend or a relative error of the differentially private result is determined to satisfy the target accuracy, or both. The system sends the differentially private result to the client.

公开(公告)号：US11861032B2

公开(公告)日：2024-01-02

申请号：US17714785

申请日：2022-04-06

Applicant: Snowflake Inc.

Inventor： Liam Damewood ,  Oana Niculaescu ,  Alexander Rozenshteyn ,  Ann Yang

IPC: G06F16/245 ,  G06F21/62

CPC classification number: G06F21/6227 ,  G06F16/245

Abstract: A differentially private security system communicatively coupled to a database storing restricted data receives a database query from a client. The database query includes an operation, a target accuracy, and a maximum privacy spend for the query. The system performs the operation to produce a result, then injects the result with noise sampled from a Laplace distribution to produce a differentially private result. The system iteratively calibrates the noise value of the differentially private result using a secondary distribution different from the Laplace distribution and a new fractional privacy spend. The system ceases to iterate when an iteration uses the maximum privacy spend or a relative error of the differentially private result is determined to satisfy the target accuracy, or both. The system sends the differentially private result to the client.

公开(公告)号：US20250021680A1

公开(公告)日：2025-01-16

申请号：US18497648

申请日：2023-10-30

Applicant: Snowflake Inc.

Inventor： Liam James Damewood ,  Oana Niculaescu ,  Alexander Rozenshteyn ,  Mikhail Rudoy

IPC: G06F21/62 ,  G06F16/2457

Abstract: Example differential privacy techniques include receiving a request to perform a query on a set of data stored by a database. The request identifies a target accuracy and a maximum privacy spend. The target accuracy includes a maximum relative error. The maximum privacy spend includes a value of a zero-concentrated privacy parameter ρ associated with a degree of information released about the set of data due to the query. A differentially private count operation is performed on the set of data to produce a differentially private result. The differentially private count operation includes performing a count operation on data to produce a result and perturbing the result to produce a differentially private result using a noise value sampled from a Gaussian distribution and based on a fractional privacy spend comprising a fraction of the maximum privacy spend. The differentially private result is encoded for transmission to the client device.

公开(公告)号：US20240095392A1

公开(公告)日：2024-03-21

申请号：US18510179

申请日：2023-11-15

Applicant: Snowflake Inc.

Inventor： Liam James Damewood ,  Oana Niculaescu ,  Alexander Rozenshteyn ,  Ann Yang

IPC: G06F21/62 ,  G06F16/245

CPC classification number: G06F21/6227 ,  G06F16/245

Abstract: A differentially private security system communicatively coupled to a database storing restricted data receives a database query from a client. The database query includes an operation, a target accuracy, and a maximum privacy spend for the query. The system performs the operation to produce a result, then injects the result with noise sampled from a Laplace distribution to produce a differentially private result. The system iteratively calibrates the noise value of the differentially private result using a secondary distribution different from the Laplace distribution and a new fractional privacy spend. The system ceases to iterate when an iteration uses the maximum privacy spend or a relative error of the differentially private result is determined to satisfy the target accuracy, or both. The system sends the differentially private result to the client.