| Popis: |
We consider a real web tool where a bank allows clients to make aggregate queries on the market share of some subset of businesses, in a specific geographic area and all belonging to the same kind of business (e.g. restaurants). A single query is positively answered if a specific basic privacy condition is satisfied by the individual market shares of the involved businesses. A more serious problem appears when multiple queries are allowed: the combination of queries which individually satisfy the basic privacy condition may lead to aggregate information of some subset of businesses which does not satisfy this condition. We give a mathematical formalization of this problem and a possible algorithmic solution, which consists in an off-line phase, run only once, and an on-line phase which is run for each new query. We analyze the complexity of the proposed algorithms and we describe the experimental results that we have obtained with the implementation of such algorithms, run on real data. |
