A Model Randomization Approach to Statistical Parameter Privacy

In this article, we study a privacy filter design problem for a sequence of sensor measurements whose joint probability density function (p.d.f.) depends on a private parameter. To ensure parameter privacy, we propose a filter design framework which consists of two components: a randomizer and a non...

Full description

Saved in:

Bibliographic Details
Published in	IEEE transactions on automatic control Vol. 68; no. 2; pp. 839 - 850
Main Authors	Nekouei, Ehsan, Sandberg, Henrik, Skoglund, Mikael, Johansson, Karl Henrik
Format	Journal Article
Language	English
Published	New York IEEE 01.02.2023 The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects	Bandpass filters Building automation Building management systems Complexity theory Convex optimization Convexity Data privacy Filter design (mathematics) Filter designs Filter output Information theory Joint probability density function Kalman filtering Kalman filters Kernel Markov processes Mathematical transformations Mutual information Mutual informations Non-linear transformations Numerical prediction Optimization Parameter estimation Parameters Privacy privacy in networked control systems Probability density function Probability density functions Randomisation State estimation Statistical analysis Statistical parameters Structural design Testing Transformations (mathematics)
Online Access	Get full text

Cover

Loading…

Abstract	In this article, we study a privacy filter design problem for a sequence of sensor measurements whose joint probability density function (p.d.f.) depends on a private parameter. To ensure parameter privacy, we propose a filter design framework which consists of two components: a randomizer and a nonlinear transformation. The randomizer takes the private parameter as input and randomly generates a pseudo parameter. The nonlinear mapping transforms the measurements such that the joint p.d.f. of the filter's output depends on the pseudo parameter rather than the private parameter. It also ensures that the joint p.d.f. of the filter's output belongs to the same family of distributions as that of the measurements. The design of the randomizer is formulated as an optimization problem subject to a privacy constraint, in terms of mutual information, and it is shown that the optimal randomizer is the solution of a convex optimization problem. Using information-theoretic inequalities, we show that the performance of any estimator of the private parameter, based on the output of the privacy filter, is limited by the privacy constraint. The structure of the nonlinear transformation is studied in the special cases of independent and identically distributed, Markovian, and Gauss-Markov measurements. Our results show that the privacy filter in the Gauss-Markov case can be implemented as two one-step ahead Kalman predictors and a set of minimum mean square error predictors. A numerical example on occupancy privacy in a building automation system illustrates the approach.
AbstractList	In this article, we study a privacy filter design problem for a sequence of sensor measurements whose joint probability density function (p.d.f.) depends on a private parameter. To ensure parameter privacy, we propose a filter design framework which consists of two components: a randomizer and a nonlinear transformation. The randomizer takes the private parameter as input and randomly generates a pseudo parameter. The nonlinear mapping transforms the measurements such that the joint p.d.f. of the filter's output depends on the pseudo parameter rather than the private parameter. It also ensures that the joint p.d.f. of the filter's output belongs to the same family of distributions as that of the measurements. The design of the randomizer is formulated as an optimization problem subject to a privacy constraint, in terms of mutual information, and it is shown that the optimal randomizer is the solution of a convex optimization problem. Using information-theoretic inequalities, we show that the performance of any estimator of the private parameter, based on the output of the privacy filter, is limited by the privacy constraint. The structure of the nonlinear transformation is studied in the special cases of independent and identically distributed, Markovian, and Gauss-Markov measurements. Our results show that the privacy filter in the Gauss-Markov case can be implemented as two one-step ahead Kalman predictors and a set of minimum mean square error predictors. A numerical example on occupancy privacy in a building automation system illustrates the approach.
Author	Skoglund, Mikael Johansson, Karl Henrik Nekouei, Ehsan Sandberg, Henrik
Author_xml	– sequence: 1 givenname: Ehsan orcidid: 0000-0002-3750-0135 surname: Nekouei fullname: Nekouei, Ehsan email: enekouei@cityu.edu.hk organization: Department of Electrical Engineering, City University of Hong Kong, Hong Kong, China – sequence: 2 givenname: Henrik orcidid: 0000-0003-1835-2963 surname: Sandberg fullname: Sandberg, Henrik email: hsan@kth.se organization: School of Electrical Engineering and Computer Science, KTH Royal Institute of Technology, Stockholm, Sweden – sequence: 3 givenname: Mikael orcidid: 0000-0002-7926-5081 surname: Skoglund fullname: Skoglund, Mikael email: skoglund@kth.se organization: School of Electrical Engineering and Computer Science, KTH Royal Institute of Technology, Stockholm, Sweden – sequence: 4 givenname: Karl Henrik orcidid: 0000-0001-9940-5929 surname: Johansson fullname: Johansson, Karl Henrik email: kallej@kth.se organization: School of Electrical Engineering and Computer Science, KTH Royal Institute of Technology, Stockholm, Sweden
BackLink	https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-320338$$DView record from Swedish Publication Index
BookMark	eNp9kEtPAjEUhRuDiYDuTdxM4nqwj2mnszITfCYYiaLbpnRaKQ5T7BQN_nqLoAsXbu4r59zc-_VAp3GNBuAYwQFCsDiblMMBhhgPCMooY9ke6CJKeYopJh3QhRDxtMCcHYBe285jy7IMdcF5mdy5StfJg2wqt7CfMljXJOVy6Z1UsyS45DHEWRusknUyll4udNA-GXv7LtX6EOwbWbf6aJf74OnqcjK8SUf317fDcpQqkqOQoipnJqPUcFMwkzPMIDacQV5BTDWXpMg5J9JQOJVGIcrxFBqlMqamjMWa9EG63dt-6OVqKpbeLqRfCyetuLDPpXD-RbyGmSAYEsKj_nSrj3-8rXQbxNytfBNPFDjPESUZjKEP2FalvGtbr41QNnwTCF7aWiAoNnBFhCs2cMUObjTCP8afg_6xnGwtVmv9Ky9YgTjB5AtPKYUk
CODEN	IETAA9
CitedBy_id	crossref_primary_10_1016_j_trc_2024_104743 crossref_primary_10_1080_00207721_2024_2343734 crossref_primary_10_1109_TASE_2024_3440042
Cites_doi	10.1109/TAC.2016.2564339 10.1109/TIFS.2021.3130439 10.1109/Allerton.2013.6736549 10.1109/TASE.2015.2471305 10.1109/CDC.2015.7402921 10.1002/0471200611 10.1109/LSP.2018.2827878 10.1109/ITA.2016.7888175 10.1109/TAC.2013.2283096 10.1109/ICASSP.2016.7472883 10.1561/0400000042 10.1109/ALLERTON.2015.7447104 10.1016/j.automatica.2017.03.016 10.1109/ICASSP.2017.7953309 10.1007/978-981-15-0493-8_4 10.1109/ISIT.2018.8437690 10.1109/ALLERTON.2016.7852293 10.1109/Allerton.2012.6483382 10.23919/ACC45564.2020.9147690 10.1109/TSIPN.2016.2623092 10.1109/TCNS.2017.2658190 10.1016/j.arcontrol.2019.04.006 10.1109/JSTSP.2015.2429123 10.1109/ISIT.2017.8007053 10.1109/SAM.2016.7569676
ContentType	Journal Article
Copyright	Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023
Copyright_xml	– notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023
DBID	97E RIA RIE AAYXX CITATION 7SC 7SP 7TB 8FD FR3 JQ2 L7M L~C L~D ADTPV AFDQA AOWAS D8T D8V ZZAVC
DOI	10.1109/TAC.2022.3145664
DatabaseName	IEEE All-Society Periodicals Package (ASPP) 2005–Present IEEE All-Society Periodicals Package (ASPP) 1998–Present IEEE Electronic Library (IEL) CrossRef Computer and Information Systems Abstracts Electronics & Communications Abstracts Mechanical & Transportation Engineering Abstracts Technology Research Database Engineering Research Database ProQuest Computer Science Collection Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional SwePub SWEPUB Kungliga Tekniska Högskolan full text SwePub Articles SWEPUB Freely available online SWEPUB Kungliga Tekniska Högskolan SwePub Articles full text
DatabaseTitle	CrossRef Technology Research Database Computer and Information Systems Abstracts – Academic Mechanical & Transportation Engineering Abstracts Electronics & Communications Abstracts ProQuest Computer Science Collection Computer and Information Systems Abstracts Engineering Research Database Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Professional
DatabaseTitleList	Technology Research Database
Database_xml	– sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
Discipline	Engineering
EISSN	1558-2523
EndPage	850
ExternalDocumentID	oai_DiVA_org_kth_320338 10_1109_TAC_2022_3145664 9691832
Genre	orig-research
GrantInformation_xml	– fundername: Chow Sang Sang Group Research Fund – fundername: Research Grants Council of Hong Kong grantid: CityU 9048210 – fundername: Swedish Foundation for Strategic Research – fundername: Vetenskapsrådet; Swedish Research Council funderid: 10.13039/501100004359 – fundername: Chow Sang Sang Holdings International Ltd. – fundername: Knut och Alice Wallenbergs Stiftelse; Knut and Alice Wallenberg Foundation funderid: 10.13039/501100004063
GroupedDBID	-~X .DC 0R~ 29I 3EH 4.4 5GY 5VS 6IK 97E AAJGR AARMG AASAJ AAWTH ABAZT ABQJQ ABVLG ACGFO ACGFS ACIWK ACNCT AENEX AETIX AGQYO AGSQL AHBIQ AI. AIBXA AKJIK AKQYR ALLEH ALMA_UNASSIGNED_HOLDINGS ASUFR ATWAV BEFXN BFFAM BGNUA BKEBE BPEOZ CS3 DU5 EBS EJD F5P HZ~ H~9 IAAWW IBMZZ ICLAB IDIHD IFIPE IFJZH IPLJI JAVBF LAI M43 MS~ O9- OCL P2P RIA RIE RNS TAE TN5 VH1 VJK ~02 AAYOK AAYXX CITATION RIG 7SC 7SP 7TB 8FD FR3 JQ2 L7M L~C L~D ADTPV AFDQA AOWAS D8T D8V ZZAVC
ID	FETCH-LOGICAL-c371t-1d76f455f8f96f762602f8608d025e8a397883af50bafc1582b0fcc46cb662b03
IEDL.DBID	RIE
ISSN	0018-9286 1558-2523
IngestDate	Thu Aug 21 07:01:07 EDT 2025 Mon Jun 30 10:15:27 EDT 2025 Tue Jul 01 03:36:40 EDT 2025 Thu Apr 24 22:51:27 EDT 2025 Wed Aug 27 02:18:08 EDT 2025
IsDoiOpenAccess	true
IsOpenAccess	true
IsPeerReviewed	true
IsScholarly	true
Issue	2
Language	English
License	https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html https://doi.org/10.15223/policy-029 https://doi.org/10.15223/policy-037
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c371t-1d76f455f8f96f762602f8608d025e8a397883af50bafc1582b0fcc46cb662b03
Notes	ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14
ORCID	0000-0001-9940-5929 0000-0003-1835-2963 0000-0002-3750-0135 0000-0002-7926-5081
OpenAccessLink	https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-320338
PQID	2771534015
PQPubID	85475
PageCount	12
ParticipantIDs	crossref_citationtrail_10_1109_TAC_2022_3145664 swepub_primary_oai_DiVA_org_kth_320338 proquest_journals_2771534015 crossref_primary_10_1109_TAC_2022_3145664 ieee_primary_9691832
ProviderPackageCode	CITATION AAYXX
PublicationCentury	2000
PublicationDate	2023-02-01
PublicationDateYYYYMMDD	2023-02-01
PublicationDate_xml	– month: 02 year: 2023 text: 2023-02-01 day: 01
PublicationDecade	2020
PublicationPlace	New York
PublicationPlace_xml	– name: New York
PublicationTitle	IEEE transactions on automatic control
PublicationTitleAbbrev	TAC
PublicationYear	2023
Publisher	IEEE The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher_xml	– name: IEEE – name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
References	ref13 ref12 ref15 ref14 ref11 ref2 ref1 ref17 ref16 ref19 ref18 ref24 ref23 ref26 ref25 ref20 ref22 ref21 ref8 ref7 Tanaka (ref10) 2017 ref9 ref4 ref3 ref6 ref5
References_xml	– ident: ref20 doi: 10.1109/TAC.2016.2564339 – ident: ref6 doi: 10.1109/TIFS.2021.3130439 – ident: ref11 doi: 10.1109/Allerton.2013.6736549 – ident: ref1 doi: 10.1109/TASE.2015.2471305 – ident: ref18 doi: 10.1109/CDC.2015.7402921 – ident: ref26 doi: 10.1002/0471200611 – ident: ref9 doi: 10.1109/LSP.2018.2827878 – ident: ref13 doi: 10.1109/ITA.2016.7888175 – ident: ref17 doi: 10.1109/TAC.2013.2283096 – ident: ref3 doi: 10.1109/ICASSP.2016.7472883 – ident: ref25 doi: 10.1561/0400000042 – ident: ref15 doi: 10.1109/ALLERTON.2015.7447104 – ident: ref19 doi: 10.1016/j.automatica.2017.03.016 – ident: ref4 doi: 10.1109/ICASSP.2017.7953309 – ident: ref24 doi: 10.1007/978-981-15-0493-8_4 – ident: ref22 doi: 10.1109/ISIT.2018.8437690 – ident: ref5 doi: 10.1109/ALLERTON.2016.7852293 – year: 2017 ident: ref10 article-title: Directed information as privacy measure in cloud-based control – ident: ref14 doi: 10.1109/Allerton.2012.6483382 – ident: ref23 doi: 10.23919/ACC45564.2020.9147690 – ident: ref8 doi: 10.1109/TSIPN.2016.2623092 – ident: ref21 doi: 10.1109/TCNS.2017.2658190 – ident: ref16 doi: 10.1016/j.arcontrol.2019.04.006 – ident: ref7 doi: 10.1109/JSTSP.2015.2429123 – ident: ref12 doi: 10.1109/ISIT.2017.8007053 – ident: ref2 doi: 10.1109/SAM.2016.7569676
SSID	ssj0016441
Score	2.422872
Snippet	In this article, we study a privacy filter design problem for a sequence of sensor measurements whose joint probability density function (p.d.f.) depends on a...
SourceID	swepub proquest crossref ieee
SourceType	Open Access Repository Aggregation Database Enrichment Source Index Database Publisher
StartPage	839
SubjectTerms	Bandpass filters Building automation Building management systems Complexity theory Convex optimization Convexity Data privacy Filter design (mathematics) Filter designs Filter output Information theory Joint probability density function Kalman filtering Kalman filters Kernel Markov processes Mathematical transformations Mutual information Mutual informations Non-linear transformations Numerical prediction Optimization Parameter estimation Parameters Privacy privacy in networked control systems Probability density function Probability density functions Randomisation State estimation Statistical analysis Statistical parameters Structural design Testing Transformations (mathematics)
Title	A Model Randomization Approach to Statistical Parameter Privacy
URI	https://ieeexplore.ieee.org/document/9691832 https://www.proquest.com/docview/2771534015 https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-320338
Volume	68
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3fS8MwED7mnvTB3-J0Sh9EEOzWpW2aPEmZjiFMRDbZW0jTBMW5yewE_eu9tF1REfEtD2lo75Lcd7277wBO0OpoYrjC8018N-CJje_qwEXL50mNEF_mVe-DG9ofBdfjcFyD86oWRmudJ5_plh3msfx0phb2V1mbU2534AqsoONW1GpVEQNr14tbFw8wYVVI0uPtYdxFR5AQ9E8RLtDgmwnKe6p8h5dfKUNzM9PbgMHyBYvskqfWIkta6uMHd-N_v2AT1ku86cTFBtmCmp5uw9oXFsIduIgd2xFt4tzJaTp7LgsznbhkG3eymWMhac7ojEvdSpvPhepwbuePb1K978KodzXs9t2yr4Kr_KiTuZ00oiYIQ8MMpyayLg0xjHosRQCkmUSIwpgvTegl0qhOyEjiGaUCqhJKcezvQX06m-p9cNKUaaakMZTygKtQoug7Ei8ujoYRLV8D2ktRC1WSjtveFxOROx8eF6gcYZUjSuU04Kx64qUg3Phj7o4VcTWvlG4DmkttivJEvgoSRXi5ozcZNuC00HD1nKXYvny8jwXqSjxlD8InHrruB78vfwirtud8kbrdhHo2X-gjRCZZcpxvyU9-mdz7
linkProvider	IEEE
linkToHtml	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LS8QwEB50PagH3-L67EEEwe520zZNTlJ8sD5WRFbxFtI0wUXdlbUr6K930naLioi3HNLQziSZbzoz3wDsotXRxHCF55v4bsATG9_VgYuWz5MaIb7Mq947V7R9G5zfh_cTcFDVwmit8-Qz3bDDPJafDtTI_iprcsrtDpyEKbT7ISmqtaqYgbXsxb2LR5iwKijp8WY3PkJXkBD0UBEw0OCbEcq7qnwHmF9JQ3NDczoPnfErFvklj41RljTUxw_2xv9-wwLMlYjTiYstsggTur8Es194CJfhMHZsT7Qn50b208FzWZrpxCXfuJMNHAtKc05nXOpa2owuVIhzPey9SfW-ArenJ92jtlt2VnCVH7Uyt5VG1KAIDTOcmsg6NcQw6rEUIZBmEkEKY740oZdIo1ohI4lnlAqoSijFsb8Ktf6gr9fASVOmmZLGUMoDrkKJom9JvLo4mka0fXVojkUtVEk7brtfPInc_fC4QOUIqxxRKqcO-9UTLwXlxh9zl62Iq3mldOuwOdamKM_kqyBRhNc7-pNhHfYKDVfPWZLt495dLFBX4jF7ED7x0Hlf_335HZhudzuX4vLs6mIDZmwH-iKRexNq2XCktxCnZMl2vj0_ATJ64EU
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Model+Randomization+Approach+to+Statistical+Parameter+Privacy&rft.jtitle=IEEE+transactions+on+automatic+control&rft.au=Nekouei%2C+Ehsan&rft.au=Sandberg%2C+Henrik&rft.au=Skoglund%2C+Mikael&rft.au=Johansson%2C+Karl+Henrik&rft.date=2023-02-01&rft.pub=IEEE&rft.issn=0018-9286&rft.volume=68&rft.issue=2&rft.spage=839&rft.epage=850&rft_id=info:doi/10.1109%2FTAC.2022.3145664&rft.externalDocID=9691832
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0018-9286&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0018-9286&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0018-9286&client=summon