The Experts below are selected from a list of 225 Experts worldwide ranked by ideXlab platform
Mike Dahlin - One of the best experts on this subject based on the ideXlab platform.
-
SOSP - Separating agreement from execution for byzantine fault tolerant services
Proceedings of the nineteenth ACM symposium on Operating systems principles - SOSP '03, 2003Co-Authors: Jean-philippe Martin, Arun Venkataramani, Lorenzo Alvisi, Mike DahlinAbstract:We describe a new architecture for Byzantine fault tolerant state machine replication that separates agreement that orders requests from execution that processes requests. This separation yields two fundamental and practically significant advantages over previous architectures. First, it reduces replication costs because the new architecture can tolerate faults in up to half of the state machine replicas that execute requests. Previous systems can tolerate faults in at most a third of the combined agreement/state machine replicas. Second, separating agreement from execution allows a general privacy firewall architecture to Protect Confidentiality through replication. In contrast, replication in previous systems hurts Confidentiality because exploiting the weakest replica can be sufficient to compromise the system. We have constructed a prototype and evaluated it running both microbenchmarks and an NFS server. Overall, we find that the architecture adds modest latencies to unreplicated systems and that its performance is competitive with existing Byzantine fault tolerant systems.
-
separating agreement from execution for byzantine fault tolerant services
Symposium on Operating Systems Principles, 2003Co-Authors: Jian Yin, Arun Venkataramani, Jean-philippe Martin, Lorenzo Alvisi, Mike DahlinAbstract:We describe a new architecture for Byzantine fault tolerant state machine replication that separates agreement that orders requests from execution that processes requests. This separation yields two fundamental and practically significant advantages over previous architectures. First, it reduces replication costs because the new architecture can tolerate faults in up to half of the state machine replicas that execute requests. Previous systems can tolerate faults in at most a third of the combined agreement/state machine replicas. Second, separating agreement from execution allows a general privacy firewall architecture to Protect Confidentiality through replication. In contrast, replication in previous systems hurts Confidentiality because exploiting the weakest replica can be sufficient to compromise the system. We have constructed a prototype and evaluated it running both microbenchmarks and an NFS server. Overall, we find that the architecture adds modest latencies to unreplicated systems and that its performance is competitive with existing Byzantine fault tolerant systems.
Javier Miranda - One of the best experts on this subject based on the ideXlab platform.
-
expanding the role of synthetic data at the u s census bureau
2014Co-Authors: Ron S Jarmin, Thomas A Louis, Javier MirandaAbstract:National Statistical offices (NSOs) create official statistics from data collected from survey respondents, government administrative records and other sources. The raw source data is usually considered to be confidential. In the case of the U.S. Census Bureau, Confidentiality of survey and administrative records microdata is mandated by statute, and this mandate to Protect Confidentiality is often at odds with the needs of users to extract as much information from the data as possible. Traditional disclosure Protection techniques result in official data products that do not fully utilize the information content of the underlying microdata. Typically, these products take the form of simple aggregate tabulations. In a few cases anonymized public- use micro samples are made available, but these face a growing risk of re-identification by the increasing amounts of information about individuals and firms available in the public domain. One approach for overcoming these risks is to release products based on synthetic data where values are simulated from statistical models designed to mimic the (joint) distributions of the underlying microdata. We discuss re- cent Census Bureau work to develop and deploy such products. We discuss the benefits and challenges involved with extending the scope of synthetic data products in official statistics.
-
expanding the role of synthetic data at the u s census bureau
Statistical journal of the IAOS, 2014Co-Authors: Ron S Jarmin, Thomas A Louis, Javier MirandaAbstract:National Statistical offices (NSOs) create official statistics from data collected directly from survey respondents, from government administrative records and from other third party sources. The raw source data, regardless of origin, is usually considered to be confidential. In the case of the U.S. Census Bureau, Confidentiality of survey and administrative records microdata is mandated by statute, and this mandate to Protect Confidentiality is often at odds with the needs of data users to extract as much information as possible from rich microdata. Traditional disclosure Protection techniques applied to resolve this tension have resulted in official data products that come no where close to fully utilizing the information content of the underlying microdata. Typically, these products take for the form of basic, aggregate tabulations. In a few cases anonymized public-use micro samples are made available, but these are increasingly under risk of reidentification by the ever larger amounts of information about individuals and firms that is available in the public domain. One potential approach for overcoming these risks is to release products based on synthetic or partially synthetic data where values are simulated from statistical models designed to mimic the (joint) distributions of the underlying microdata rather than making the actual underlying microdata available. We discuss recent Census Bureau work to develop and deploy such products. We also discuss the benefits and challenges involved with extending the scope of synthetic data products in official statistics.
Ashish P. Sanil - One of the best experts on this subject based on the ideXlab platform.
-
a framework for evaluating the utility of data altered to Protect Confidentiality
The American Statistician, 2006Co-Authors: Alan F. Karr, Christine N Kohnen, Anna Oganian, Jerome P Reiter, Ashish P. SanilAbstract:When releasing data to the public, statistical agencies and survey organizations typically alter data values in order to Protect the Confidentiality of survey respondents' identities and attribute values. To select among the wide variety of data alteration methods, agencies require tools for evaluating the utility of proposed data releases. Such utility measures can be combined with disclosure risk measures to gauge risk-utility tradeoffs of competing methods. This article presents utility measures focused on differences in inferences obtained from the altered data and corresponding inferences obtained from the original data. Using both genuine and simulated data, we show how the measures can be used in a decision-theoretic formulation for evaluating disclosure limitation procedures.
-
Table servers Protect Confidentiality in tabular data releases
Communications of the ACM, 2003Co-Authors: Alan F. Karr, Adrian Dobra, Ashish P. SanilAbstract:Federal statistical agencies must balance concern over Confidentiality of data with their obligation to report information to the public. Advances in IT threaten privacy, but new technologies can also Protect Confidentiality while meeting user needs in innovative ways.
-
web based systems that disseminate information from databases but Protect Confidentiality
Advances in Digital Government, 2002Co-Authors: Alan F. Karr, Ashish P. Sanil, Jaeyong Lee, Joel Hernandez, Sousan Karimi, Karen LitwinAbstract:The Internet provides an efficient mechanism for Federal agencies to distribute their data to the public. However, it is imperative that such data servers have built-in mechanisms to ensure that Confidentiality of the data, and the privacy of individuals or establishments represented in the data, are not violated. We describe a prototype dissemination system developed for the National Agricultural Statistics Service that uses aggregation of adjacent geographical units as a Confidentiality-preserving technique. We also outline a Bayesian approach to statistical analysis of the aggregated data.
Jian Yin - One of the best experts on this subject based on the ideXlab platform.
-
separating agreement from execution for byzantine fault tolerant services
Symposium on Operating Systems Principles, 2003Co-Authors: Jian Yin, Arun Venkataramani, Jean-philippe Martin, Lorenzo Alvisi, Mike DahlinAbstract:We describe a new architecture for Byzantine fault tolerant state machine replication that separates agreement that orders requests from execution that processes requests. This separation yields two fundamental and practically significant advantages over previous architectures. First, it reduces replication costs because the new architecture can tolerate faults in up to half of the state machine replicas that execute requests. Previous systems can tolerate faults in at most a third of the combined agreement/state machine replicas. Second, separating agreement from execution allows a general privacy firewall architecture to Protect Confidentiality through replication. In contrast, replication in previous systems hurts Confidentiality because exploiting the weakest replica can be sufficient to compromise the system. We have constructed a prototype and evaluated it running both microbenchmarks and an NFS server. Overall, we find that the architecture adds modest latencies to unreplicated systems and that its performance is competitive with existing Byzantine fault tolerant systems.
Kavita Shah Arora - One of the best experts on this subject based on the ideXlab platform.
-
a systematic review on Confidentiality disclosure and stigma in the united states lessons for hiv care in pregnancy from reproductive genetics
The New bioethics : a multidisciplinary journal of biotechnology and the body, 2015Co-Authors: Barbara Wilkinson, Kavita Shah AroraAbstract:The fields of HIV care in pregnancy and reproductive genetics have always been ‘exceptional’ in that patients are highly concerned about the potential for stigma and the corresponding need for privacy and Confidentiality. However, the two fields have diverged in how they have addressed these concerns. The systematic review analyzed 61 manuscripts for similarities and differences between the fields of HIV care in pregnancy and reproductive genetics in the United States, with respect to privacy, Confidentiality, disclosure, and stigma. The systematic review revealed that the field of HIV care in pregnancy has insufficiently addressed patient concerns about privacy, Confidentiality, and stigma compared to the field of reproductive genetics. Failure to adequately Protect Confidentiality of HIV-positive patients, and failure to reduce stigma associated with HIV testing and treatment are deficiencies in the delivery of care to HIV-positive pregnant woman and barriers to reducing vertical transmission of HIV. Im...
-
A Systematic Review on Confidentiality, Disclosure, and Stigma in the United States: Lessons for HIV Care in Pregnancy From Reproductive Genetics
The New bioethics : a multidisciplinary journal of biotechnology and the body, 2015Co-Authors: Barbara Wilkinson, Kavita Shah AroraAbstract:The fields of HIV care in pregnancy and reproductive genetics have always been 'exceptional' in that patients are highly concerned about the potential for stigma and the corresponding need for privacy and Confidentiality. However, the two fields have diverged in how they have addressed these concerns. The systematic review analyzed 61 manuscripts for similarities and differences between the fields of HIV care in pregnancy and reproductive genetics in the United States, with respect to privacy, Confidentiality, disclosure, and stigma. The systematic review revealed that the field of HIV care in pregnancy has insufficiently addressed patient concerns about privacy, Confidentiality, and stigma compared to the field of reproductive genetics. Failure to adequately Protect Confidentiality of HIV-positive patients, and failure to reduce stigma associated with HIV testing and treatment are deficiencies in the delivery of care to HIV-positive pregnant woman and barriers to reducing vertical transmission of HIV. Improvements in care and policy should mirror the field of reproductive genetics.
