公开(公告)号：US20250036811A1

公开(公告)日：2025-01-30

申请号：US18904462

申请日：2024-10-02

Applicant: SAP SE

Inventor： Daniel Bernau ,  Philip-William Grassal ,  Hannah Keller ,  Martin Haerterich

IPC: G06F21/62 ,  G06F17/18 ,  G06F18/214 ,  G06N20/00

Abstract: Data is received that specifies a bound for an adversarial posterior belief pc that corresponds to a likelihood to re-identify data points from the dataset based on a differentially private function output. Privacy parameters ε, δ are then calculated based on the received data that govern a differential privacy (DP) algorithm to be applied to a function to be evaluated over a dataset. The calculating is based on a ratio of probabilities distributions of different observations, which are bound by the posterior belief pc as applied to a dataset. The calculated privacy parameters are then used to apply the DP algorithm to the function over the dataset. Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US20240211635A1

公开(公告)日：2024-06-27

申请号：US18581254

申请日：2024-02-19

Applicant: SAP SE

Inventor： Daniel Bernau ,  Philip-William Grassal ,  Hannah Keller ,  Martin Haerterich

IPC: G06F21/62 ,  G06F17/18 ,  G06F18/214 ,  G06N20/00

CPC classification number: G06F21/6254 ,  G06F17/18 ,  G06F18/2148 ,  G06N20/00

Abstract: Data is received that specifies a bound for an adversarial posterior belief ρc that corresponds to a likelihood to re-identify data points from the dataset based on a differentially private function output. Privacy parameters ε, δ are then calculated based on the received data that govern a differential privacy (DP) algorithm to be applied to a function to be evaluated over a dataset. The calculating is based on a ratio of probabilities distributions of different observations, which are bound by the posterior belief ρc as applied to a dataset. The calculated privacy parameters are then used to apply the DP algorithm to the function over the dataset. Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US20180173894A1

公开(公告)日：2018-06-21

申请号：US15387052

申请日：2016-12-21

Applicant: SAP SE

Inventor： Jonas Boehler ,  Daniel Bernau ,  Florian Kerschbaum

IPC: G06F21/62 ,  G06F17/30

CPC classification number: G06F21/6254 ,  G06F16/285 ,  H04L63/0421 ,  H04W4/38 ,  H04W12/02

Abstract: A system for differential privacy is provided. In some implementations, the system performs operations comprising receiving a plurality of indices for a plurality of perturbed data points, which are anonymized versions of a plurality of unperturbed data points, wherein the plurality of indices indicate that the plurality of unperturbed data points are identified as presumed outliers. The plurality of perturbed data points can lie around a first center point and the plurality of unperturbed data points can lie around a second center point. The operations can further comprise classifying a portion of the presumed outliers as true positives and another portion of the presumed outliers as false positives, based upon differences in distances to the respective first and second center points for the perturbed and corresponding (e.g., same index) unperturbed data points. Related systems, methods, and articles of manufacture are also described.

公开(公告)号：US12001588B2

公开(公告)日：2024-06-04

申请号：US17086244

申请日：2020-10-30

Applicant: SAP SE

Inventor： Daniel Bernau ,  Philip-William Grassal ,  Hannah Keller ,  Martin Haerterich

IPC: G06F21/62 ,  G06F17/18 ,  G06F18/214 ,  G06N20/00

CPC classification number: G06F21/6254 ,  G06F17/18 ,  G06F18/2148 ,  G06N20/00

Abstract: Data is received that specifies a bound for an adversarial posterior belief ρc that corresponds to a likelihood to re-identify data points from the dataset based on a differentially private function output. Privacy parameters ε, δ are then calculated based on the received data that govern a differential privacy (DP) algorithm to be applied to a function to be evaluated over a dataset. The calculating is based on a ratio of probabilities distributions of different observations, which are bound by the posterior belief ρc as applied to a dataset. The calculated privacy parameters are then used to apply the DP algorithm to the function over the dataset. Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US10380366B2

公开(公告)日：2019-08-13

申请号：US15496403

申请日：2017-04-25

Applicant: SAP SE

Inventor： Daniel Bernau ,  Florian Hahn ,  Jonas Boehler

IPC: G06F21/00 ,  G06F21/62 ,  G06N3/08 ,  G06Q40/00

Abstract: Systems and methods are provided for sending a request to register a data offer from a data owner to participate in a distributed ledger, the request including information associated with the data offer and a privacy budget for the data offer, and wherein the information associated with the data offer and the privacy budget is stored in the distributed ledger and the data offer is accessible by third parties to the data owner. The systems and method further providing for receiving a request, associated with a third party computer, to access data associated with the data offer, processing a data request associated with the request to access data, based on determining that there is sufficient privacy budget to allow access to the data associated with the request to access data, to produce result data, anonymizing the result data, and updating the distributed ledger.

公开(公告)号：US20180322279A1

公开(公告)日：2018-11-08

申请号：US15701826

申请日：2017-09-12

Applicant: SAP SE

Inventor： Wasilij Beskorovajnov ,  Daniel Bernau

IPC: G06F21/55 ,  G06F17/30 ,  G06F21/62

CPC classification number: G06F21/552 ,  G06F16/215 ,  G06F16/221 ,  G06F21/6245 ,  G06F21/6254

Abstract: A method is disclosed for providing sanitized log data to a threat detection system. The sanitized log data is derived from a log table with continuous columns, themselves having continuous entries with continuous values. First, a retention probability parameter and an accuracy radius parameter are selected. Next, a probability distribution function is initialized with the retention probability parameter and the accuracy radius parameter. For each continuous value, the probability distribution function is applied, resulting in perturbed continuous values of a perturbed continuous columns Finally, the perturbed continuous columns are provided as the sanitized log.

公开(公告)号：US11501172B2

公开(公告)日：2022-11-15

申请号：US16219645

申请日：2018-12-13

Applicant: SAP SE

Inventor： Benjamin Hilprecht ,  Daniel Bernau ,  Martin Haerterich

IPC: G06N3/08 ,  G06N3/04 ,  G06N20/00 ,  G06F17/18

Abstract: A system is described that can include a machine learning model and at least one programmable processor communicatively coupled to the machine learning model. The machine learning model can receive data, generate a continuous probability distribution associated with the data, sample a latent variable from the continuous probability distribution to generate a plurality of samples, and generate reconstructed data from the plurality of samples. The at least one programmable processor can compute a reconstruction error by determining a distance between the reconstructed data and the data, and generate, based on the reconstruction error, an indication representing whether a specific record within the received data was used to train the machine learning model. Related apparatuses, methods, techniques, non-transitory computer programmable products, non-transitory machine-readable medium, articles, and other systems are also within the scope of this disclosure.

公开(公告)号：US20220138348A1

公开(公告)日：2022-05-05

申请号：US17086244

申请日：2020-10-30

Applicant: SAP SE

Inventor： Daniel Bernau ,  Philip-William Grassal ,  Hannah Keller ,  Martin Haerterich

IPC: G06F21/62 ,  G06F17/18 ,  G06K9/62 ,  G06N20/00

Abstract: Data is received that specifies a bound for an adversarial posterior belief ρc that corresponds to a likelihood to re-identify data points from the dataset based on a differentially private function output. Privacy parameters ε, δ are then calculated based on the received data that govern a differential privacy (DP) algorithm to be applied to a function to be evaluated over a dataset. The calculating is based on a ratio of probabilities distributions of different observations, which are bound by the posterior belief ρc as applied to a dataset. The calculated privacy parameters are then used to apply the DP algorithm to the function over the dataset. Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US20180307854A1

公开(公告)日：2018-10-25

申请号：US15496403

申请日：2017-04-25

Applicant: SAP SE

Inventor： Daniel Bernau ,  Florian Hahn ,  Jonas Boehler

IPC: G06F21/62 ,  G06N3/08 ,  G06Q40/00

CPC classification number: G06Q40/12 ,  G06F21/6245

Abstract: Systems and methods are provided for sending a request to register a data offer from a data owner to participate in a distributed ledger, the request including information associated with the data offer and a privacy budget for the data offer, and wherein the information associated with the data offer and the privacy budget is stored in the distributed ledger and the data offer is accessible by third parties to the data owner. The systems and method further providing for receiving a request, associated with a third party computer, to access data associated with the data offer, processing a data request associated with the request to access data, based on determining that there is sufficient privacy budget to allow access to the data associated with the request to access data, to produce result data, anonymizing the result data, and updating the distributed ledger.

公开(公告)号：US20180004978A1

公开(公告)日：2018-01-04

申请号：US15633830

申请日：2017-06-27

Applicant: SAP SE

Inventor： Cedric Hebert ,  Daniel Bernau ,  Amine Lahouel

IPC: G06F21/62 ,  G06F17/30

CPC classification number: G06F21/6254 ,  G06F16/2457

Abstract: A set of data is received for a data analysis. The set of data includes personal identifiable information. The set of data is anonymized to protect the privacy information. Risk rates and utility rates are determined for a number of combinations of anonymization techniques defined correspondingly for data fields from the set of data. A risk rate is related to a privacy protection failure when defining first anonymized data through applying a combination of anonymization techniques for the data fields. A utility rate is related to accuracy of the data analysis when applied over the anonymized data. Based on evaluation of the risk rates and the utility rates, one or more anonymization techniques from the number of anonymization techniques are determined. The set of data is anonymized according to a determined anonymization techniques and/or a combination thereof.