Differential Privacy of Mathematical Functions

Differential privacy is a privacy notion in statistical databases. However, we find that the notion can be extended to mathematical functions. By studying the differential privacy problem of a simple mathematical function we find two differentially private mechanisms which are applicable for almost all query functions. By using these mechanisms each query function can have custom-designed mechanisms, which implies that our mechanisms are not based on (global or local) sensitivity-based methods---some methods extensively used to construct differentially private mechanisms. Our mechanisms are so flexible that they can be used to balance the accuracy of the outputs of different datasets. We also present some interesting impossibility results of differential privacy. The above results motivate us to explore the mathematical treatment of differential privacy. We present an abstract model of differential privacy in which a differential privacy problem is modeled as finding a randomized mapping between two metric spaces. Some basic structures of differential privacy are presented, such as the $\{\mathcal I_i^x\}_i$, $\{\mathcal R_i^x\}_i$ sequences. Some of the properties of these structures, such as the convergence, are also discussed (for some special cases). Finally, we apply our theoretical results to the subgraph counting problem and the linear query problem. The experiments show that our mechanisms (in most cases) have more accurate results than the state of the art mechanisms.