Quantitative Information Flow Refinement Orders and Application to Differential Privacy

Quantitative Information Flow (QIF) and Differential Privacy (DP) are both concerned with the protection of sensitive information, but they are rather different approaches. In particular, QIF considers the expected probability of a successful attack, while DP (in both its standard and local versions) is a max-case measure, in the sense that it is compromised by the existence of a possible attack, regardless of its probability. Comparing systems is a fundamental task in these areas: one wishes to guarantee that replacing a system A by a system B is a safe operation, that is the privacy of B is no-worse than that of A. In QIF, a refinement order provides strong such guarantees, while in DP mechanisms are typically compared wrt the privacy parameter epsilon in their definition.

In this talk I will introduce the QIF approach to studying secure systems, focussing on the notion of refinement which provides a robust method of comparing systems wrt Bayesian threats. I will introduce a variety of new refinement orders inspired by QIF and DP which allow us to study threats to privacy using max-case notions. We will see how to apply these orders to the task of comparing DP mechanisms, raising the question of whether the order based on epsilon provides strong privacy guarantees.