cdpg_anonkit.noise

Classes

DifferentialPrivacy

Differential Privacy mechanism with support for various noise addition strategies.

Functions

example_differential_privacy_usage()

Demonstrate usage of Differential Privacy with count query.

Module Contents

class cdpg_anonkit.noise.DifferentialPrivacy(mechanism: Literal['laplace', 'gaussian', 'exponential'], epsilon: float = 1.0, delta: float | None = None, sensitivity: float | None = None)

Differential Privacy mechanism with support for various noise addition strategies.

Focuses on fundamental DP principles with extensibility in mind.

mechanism
epsilon = 1.0
delta = None
_sensitivity = None
static clip_count(count: int, lower_bound: int = 0, upper_bound: int | None = None) int

Clip the count to a specified range.

This static method ensures that the count provided falls within the specified lower and upper bounds. If the upper bound is not provided, the count is clipped to the lower bound only.

Parameters:

  • count (int) – The original count to be clipped.

  • lower_bound (int, optional) – The minimum value to clip to, by default 0.

  • upper_bound (Optional[int], optional) – The maximum value to clip to, by default None.

Returns:

The clipped count, constrained by the specified bounds.

Return type:

int

compute_sensitivity(query_type: str = 'count', lower_bound: int = 0, upper_bound: int | None = None) float

Compute the sensitivity of a query based on its type and bounds.

Sensitivity is a measure of how much the output of a query can change by modifying a single record in the dataset. It is crucial for determining the amount of noise to add in differential privacy mechanisms.

Parameters:

  • query_type (str, optional) – The type of query for which sensitivity is being computed. Currently supported: ‘count’. Defaults to ‘count’.

  • lower_bound (int, optional) – The minimum value constraint for the query. Defaults to 0.

  • upper_bound (Optional[int], optional) – The maximum value constraint for the query. If None, no upper bound is considered. Defaults to None.

Returns:

The sensitivity of the query. For ‘count’ queries, this is 1.0.

Return type:

float

Raises:

ValueError – If the sensitivity computation for the specified query_type is not implemented.

add_noise(value: int | float, sensitivity: float | None = None, epsilon: float | None = None) int | float

Add noise to a given value according to the specified differential privacy mechanism.

Depending on the mechanism set during initialization, this method will add noise to the input value to ensure differential privacy. Currently, the Laplace mechanism is implemented, with plans to support Gaussian and Exponential mechanisms.

Parameters:

  • value (Union[int, float]) – The original value to which noise will be added.

  • sensitivity (Optional[float], optional) – The sensitivity of the query. If not provided, the class-level sensitivity will be used. Defaults to None.

  • epsilon (Optional[float], optional) – The privacy budget. If not provided, the class-level epsilon will be used. Defaults to None.

Returns:

The value with added noise according to the specified mechanism.

Return type:

Union[int, float]

Raises:

  • ValueError – If the Gaussian mechanism is selected but delta is not specified. If the mechanism is unsupported.

  • NotImplementedError – If the Gaussian or Exponential mechanism is selected, as they are not yet implemented.

cdpg_anonkit.noise.example_differential_privacy_usage()

Demonstrate usage of Differential Privacy with count query.

Assumes IncrementalGroupbyAggregator has been used to compute base counts.