Patents by Inventor Cynthia Dwork
Cynthia Dwork has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8312273Abstract: Methods, systems, and computer-readable media for facilitating personalization of web content is provided, while protecting the privacy of the user data utilized to personalize the user's experience. A privacy vault may collect user data including user activity data, demographic data, and user interests submitted by a user. In one embodiment, the privacy vault operates on a user client device. The privacy vault sends the user data to a community vault that collects user data from multiple users. The community vault generates segment rules that whether a user belongs to a user segment, which expresses a user's interest. The segment rules are then communicated back to the privacy vault, which assigns one or more user segments to the user based on the user data available to the privacy vault and the segment rules. The privacy vault may communicate user segments to one or more content providers that supply personalized content that is selected based on the user segments provided.Type: GrantFiled: October 7, 2009Date of Patent: November 13, 2012Assignee: Microsoft CorporationInventors: Nir Nice, Melissa W. Dunn, Eric Picard, Amit Shaked, Eric Don Van Valkenburg, Alexander George Gounares, Friedman Arie, Sefy Ophir, Boaz Feldbaum, Vu A. Ha, Teresa B. Mah, Darrell Jay Cannon, Michael Joseph Toutonghi, Uri Barash, Cynthia Dwork, Ying Li
-
Patent number: 8005821Abstract: Systems and methods for injecting noise into secure function evaluation to protect the privacy of the participants and for computing a collective noisy result by combining results and noise generated based on input from the participants. When implemented using distributed computing devices, each device may have access to a subset of data. A query may be distributed to the devices, and each device applies the query to its own subset of data to obtain a subset result. Each device then divides its subset result into one or more shares, and the shares are combined to form a collective result. The devices may also generate random bits. The random bits may be combined and used to generate noise. The collective result can be combined with the noise to obtain a collective noisy result.Type: GrantFiled: October 6, 2005Date of Patent: August 23, 2011Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank D. McSherry
-
Publication number: 20110083013Abstract: Methods, systems, and computer-readable media for facilitating personalization of web content is provided, while protecting the privacy of the user data utilized to personalize the user's experience. A privacy vault may collect user data including user activity data, demographic data, and user interests submitted by a user. In one embodiment, the privacy vault operates on a user client device. The privacy vault sends the user data to a community vault that collects user data from multiple users. The community vault generates segment rules that whether a user belongs to a user segment, which expresses a user's interest. The segment rules are then communicated back to the privacy vault, which assigns one or more user segments to the user based on the user data available to the privacy vault and the segment rules. The privacy vault may communicate user segments to one or more content providers that supply personalized content that is selected based on the user segments provided.Type: ApplicationFiled: October 7, 2009Publication date: April 7, 2011Applicant: MICROSOFT CORPORATIONInventors: Nir Nice, Melissa W. Dunn, Eric Picard, Amit Shaked, Eric Don Van Valkenburg, Alexander George Gounares, Friedman Arie, Sefy Ophir, Boaz Feldbaum, Vu A. Ha, Teresa Mah, Darrell Jay Cannon, Michael Joseph Toutonghi, Uri Barash, Cynthia Dwork, Ying Li
-
Patent number: 7921173Abstract: The present invention provides for generating inputs that can be provided to a message classification module to facilitate more reliable classification of electronic messages, such as, for example, as unwanted and/or unsolicited. In one embodiment, a sending messaging server provides an appropriate response to address verification data thereby indicating a reduced likelihood of the sending messaging server using a forged network address. In another embodiment, it is determined if a messaging server is authorized to send electronic messages for a domain. In yet another embodiment, electronic message transmission policies adhered to by a domain are identified. In yet a further embodiment, a sending computer system expends computational resources to solve a computational puzzle and includes an answer document in an electronic message. A receiving computer system receives the electronic message and verifies the answer document.Type: GrantFiled: April 7, 2009Date of Patent: April 5, 2011Assignee: Microsoft CorporationInventors: Robert George Atkinson, Joshua T. Goodman, James M. Lyon, Roy Williams, Khaja E. Ahmed, Harry Simon Katz, Robert L. Rounthwaite, Andrew V. Goldberg, Cynthia Dwork
-
Patent number: 7818335Abstract: Systems and methods are provided for selectively determining privacy guarantees. For example, a first class of data may be guaranteed a first level of privacy, while other data classes are only guaranteed some lesser level of privacy. An amount of privacy is guaranteed by adding noise values to database query outputs. Noise distributions can be tailored to be appropriate for the particular data in a given database by calculating a “diameter” of the data. When the distribution is based on the diameter of a first class of data, and the diameter measurement does not account for additional data in the database, the result is that query outputs leak information about the additional data.Type: GrantFiled: December 22, 2005Date of Patent: October 19, 2010Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank D. McSherry
-
Patent number: 7769707Abstract: Privacy of data can be preserved while utility of the output is maximized by selecting from an appropriately calculated distribution of noise values to add to an output. A distribution that includes a high likelihood of large noise values may lead to less useful output data. Conversely, a distribution that includes very low likelihood of large noise values may lead to less privacy. A distribution should be calculated to provide an appropriate level of output utility and privacy based on the query that is performed and the desired privacy level.Type: GrantFiled: November 30, 2005Date of Patent: August 3, 2010Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank D. McSherry
-
Patent number: 7698250Abstract: Systems and methods are provided for controlling privacy loss associated with database participation. In general, privacy loss can be evaluated based on information available to a hypothetical adversary with access to a database under two scenarios: a first scenario in which the database does not contain data about a particular privacy principal, and a second scenario in which the database does contain data about the privacy principal. Such evaluation can be made for example by a mechanism for determining sensitivity of at least one database query output to addition to the database of data associated with a privacy principal. An appropriate noise distribution can be calculated based on the sensitivity measurement and optionally a privacy parameter. A noise value is selected from the distribution and added to query outputs.Type: GrantFiled: December 16, 2005Date of Patent: April 13, 2010Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank D. McSherry
-
Patent number: 7676454Abstract: A database has a plurality of entries and a plurality of attributes common to each entry, where each entry corresponds to an individual. A query is received from a querying entity query and is passed to the database, and an answer is received in response. An amount of noise is generated and added to the answer to result in an obscured answer, and the obscured answer is returned to the querying entity. The noise is normally distributed around zero with a particular variance. The variance R may be determined in accordance with R>8 T log2(T/?)/?2, where T is the permitted number of queries T, ? is the utter failure probability, and ? is the largest admissible increase in confidence. Thus, a level of protection of privacy is provided to each individual represented within the database. Example noise generation techniques, systems, and methods may be used for privacy preservation in such areas as k means, principal component analysis, statistical query learning models, and perceptron algorithms.Type: GrantFiled: March 1, 2005Date of Patent: March 9, 2010Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank David McSherry, Yaacov Nissim Kobliner, Avrim L. Blum
-
Patent number: 7653615Abstract: A database has a plurality of entries and a plurality of attributes common to each entry, where each entry corresponds to an individual. A query q is received from a querying entity query q and is passed to the database, and an answer a is received in response. An amount of noise e is generated and added to the answer a to result in an obscured answer o, and the obscured answer o is returned to the querying entity. Thus, a level of protection of privacy is provided to each individual represented within the database.Type: GrantFiled: January 18, 2005Date of Patent: January 26, 2010Assignee: Microsoft CorporationInventors: Cynthia Dwork, Yaacov Nissim Kobliner
-
Publication number: 20090193093Abstract: The present invention provides for generating inputs that can be provided to a message classification module to facilitate more reliable classification of electronic messages, such as, for example, as unwanted and/or unsolicited. In one embodiment, a sending messaging server provides an appropriate response to address verification data thereby indicating a reduced likelihood of the sending messaging server using a forged network address. In another embodiment, it is determined if a messaging server is authorized to send electronic messages for a domain. In yet another embodiment, electronic message transmission policies adhered to by a domain are identified. In yet a further embodiment, a sending computer system expends computational resources to solve a computational puzzle and includes an answer document in an electronic message. A receiving computer system receives the electronic message and verifies the answer document.Type: ApplicationFiled: April 7, 2009Publication date: July 30, 2009Applicant: Microsoft CorporationInventors: Robert George Atkinson, Joshua T. Goodman, James M. Lyon, Roy Williams, Khaja E. Ahmed, Harry Simon Katz, Robert L. Rounthwaite, Andrew V. Goldberg, Cynthia Dwork
-
Publication number: 20090182797Abstract: Techniques for contingency table release provide an accurate and consistent set of tables while guaranteeing that privacy is preserved. A positive and integral database is constructed that corresponds to these tables. Therefore, a database can be generated that preserves low-order marginals up to a small error. Moreover, a gracefully degrading version of the results is provided as a database can be computed such that the error in the low-order marginals is small, and increases smoothly with the order of the marginal.Type: ApplicationFiled: January 10, 2008Publication date: July 16, 2009Applicant: MICROSOFT CORPORATIONInventors: Cynthia Dwork, Frank McSherry, Kunal Talwar, Boaz Barak, Kamalika Chaudhuri, Satyen Kale
-
Patent number: 7562071Abstract: An amount of noise to add to a query output may be selected to preserve privacy of inputs while maximizing utility of the released output. Noise values can be distributed according to a substantially symmetric exponential density function (“exponential distribution”). That is, the most likely noise value can be zero, and noise values of increasing absolute value can decrease in probability according to the exponential function.Type: GrantFiled: December 2, 2005Date of Patent: July 14, 2009Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank D. McSherry
-
Patent number: 7552176Abstract: The present invention provides for generating inputs that can be provided to a message classification module to facilitate more reliable classification of electronic messages, such as, for example, as unwanted and/or unsolicited. In one embodiment, a sending messaging server provides an appropriate response to address verification data thereby indicating a reduced likelihood of the sending messaging server using a forged network address. In another embodiment, it is determined if a messaging server is authorized to send electronic messages for a domain. In yet another embodiment, electronic message transmission policies adhered to by a domain are identified. In yet a further embodiment, a sending computer system expends computational resources to solve a computational puzzle and includes an answer document in an electronic message. A receiving computer system receives the electronic message and verifies the answer document.Type: GrantFiled: October 10, 2003Date of Patent: June 23, 2009Assignee: Microsoft CorporationInventors: Robert George Atkinson, Joshua T. Goodman, James M. Lyon, Roy Williams, Khaja E. Ahmed, Harry Simon Katz, Robert L. Rounthwaite, Andrew V. Goldberg, Cynthia Dwork
-
Patent number: 7363192Abstract: A histogram can be generated and displayed with noisy category values, where the noise values are selected from a noise distribution that is calculated using a histogram diameter. The noise values are combined with histogram category values, thereby producing noisy histogram category values that do not reveal information about the contributors.Type: GrantFiled: December 9, 2005Date of Patent: April 22, 2008Assignee: Microsoft CorporationInventors: Cynthia Dwork, Frank D. McSherry
-
Publication number: 20070150437Abstract: Systems and methods are provided for obscuring an amount of a resource used to process an item. In general, contemplated techniques comprise assigning a maximum allowable amount of the resource for processing a sub-part of the item. If the maximum allowable amount of the resource is reached, processing the sub-part may be terminated. Once all sub-parts are processed, a noisy quantity of the resource that was consumed in processing the item may be released. The noisy quantity is determined by adding a positive amount of the resource, combined with a noise value, to an actual quantity of the resource that was consumed.Type: ApplicationFiled: December 22, 2005Publication date: June 28, 2007Applicant: Microsoft CorporationInventors: Cynthia Dwork, Frank McSherry, Ilya Mironov
-
Publication number: 20070147606Abstract: Systems and methods are provided for selectively determining privacy guarantees. For example, a first class of data may be guaranteed a first level of privacy, while other data classes are only guaranteed some lesser level of privacy. An amount of privacy is guaranteed by adding noise values to database query outputs. Noise distributions can be tailored to be appropriate for the particular data in a given database by calculating a “diameter” of the data. When the distribution is based on the diameter of a first class of data, and the diameter measurement does not account for additional data in the database, the result is that query outputs leak information about the additional data.Type: ApplicationFiled: December 22, 2005Publication date: June 28, 2007Applicant: Microsoft CorporationInventors: Cynthia Dwork, Frank McSherry
-
Patent number: 7237116Abstract: A sender computer maps a randomized concatenation of a message ? to a point “x” in space using a function that renders it infeasible that a second message can be mapped nearby the message ?. The function can be a collision intractable or non-collision intractable function that maps the message to a point “x” on a widely-spaced grid, or the function can map the message to a point “x” of an auxiliary lattice. In either case, the sender computer, using a short basis (essentially, the private key) of a key lattice finds a lattice point “y” that is nearby the message point “x”, and then at least the points “x”, “y”, and message are sent to a receiver computer. To verity the signature, the receiver computer simply verifies that “y” is part of the lattice using a long basis (essentially, the public key), and that the distance between “x” and “y” is less than a predetermined distance, without being able or having to know how the lattice point “y” was obtained by the sender computer.Type: GrantFiled: January 19, 2000Date of Patent: June 26, 2007Assignee: International Business Machines CorporationInventors: Cynthia Dwork, Shanmugasundaram Ravikumar, Amit Sahai
-
Publication number: 20070143289Abstract: Systems and methods are provided for controlling privacy loss associated with database participation. In general, privacy loss can be evaluated based on information available to a hypothetical adversary with access to a database under two scenarios: a first scenario in which the database does not contain data about a particular privacy principal, and a second scenario in which the database does contain data about the privacy principal. Such evaluation can be made for example by a mechanism for determining sensitivity of at least one database query output to addition to the database of data associated with a privacy principal. An appropriate noise distribution can be calculated based on the sensitivity measurement and optionally a privacy parameter. A noise value is selected from the distribution and added to query outputs.Type: ApplicationFiled: December 16, 2005Publication date: June 21, 2007Applicant: Microsoft CorporationInventors: Cynthia Dwork, Frank McSherry
-
Publication number: 20070136027Abstract: A histogram can be generated and displayed with noisy category values, where the noise values are selected from a noise distribution that is calculated using a histogram diameter. The noise values are combined with histogram category values, thereby producing noisy histogram category values that do not reveal information about the contributors.Type: ApplicationFiled: December 9, 2005Publication date: June 14, 2007Applicant: Microsoft CorporationInventors: Cynthia Dwork, Frank McSherry
-
Publication number: 20070130147Abstract: An amount of noise to add to a query output may be selected to preserve privacy of inputs while maximizing utility of the released output. Noise values can be distributed according to a substantially symmetric exponential density function (“exponential distribution”). That is, the most likely noise value can be zero, and noise values of increasing absolute value can decrease in probability according to the exponential function.Type: ApplicationFiled: December 2, 2005Publication date: June 7, 2007Applicant: Microsoft CorporationInventors: Cynthia Dwork, Frank McSherry