[SYSTEMDS-2668] Fine-Grained Privacy Constraint Propagation for Matrix Multiplications #1060
Conversation
The new version will take operator type into account when propagating and will summarize the privacy level of rows and columns of the input matrices to make a faster propagation. The new implementation needs further test cases, which will be added in future commits.
sebwrede
changed the title
Baunsgaard
left a comment
Baunsgaard
left a comment
There was a problem hiding this comment.
LGTM, again i only looked through without full understanding.
I have some potential performance concerns, but i hope and assume that the lists are so small that they are not noticeable. But if the constraints become complicated better data structures are needed.
src/main/java/org/apache/sysds/runtime/privacy/finegrained/FineGrainedPrivacyList.java
Show resolved
Hide resolved
|
|
||
| private PrivacyLevel getStrictestPrivacyLevel(DataRange searchRange){ | ||
| PrivacyLevel strictestLevel = PrivacyLevel.None; | ||
| for ( Map.Entry<DataRange, PrivacyLevel> constraint : constraintCollection ) { |
There was a problem hiding this comment.
because you have a for loop in the previous and loop through each entry here. it is going to be slow.
I think a future project would be an index structure for the privacy. maybe a tree structure would be good?
one for cols and one for rows?
There was a problem hiding this comment.
I actually started implementing a tree structure when I added fine-grained privacy, but we decided that it was not relevant for now and that we could do it later when we have the propagation of fine-grained constraints ready.
There was a problem hiding this comment.
same jira task as mentioned above
| constraintCollection.put(dataRange, privacyLevel); | ||
| } | ||
|
|
||
| @Override public void putRow(int rowIndex, int rowLength, PrivacyLevel privacyLevel) { |
There was a problem hiding this comment.
misformatted, and does nothing inside the method.
There was a problem hiding this comment.
I know. I am not using that class and will perhaps delete it, but I wanted to get the propagation done and then see how that performs with the other implementation. Then I can try different implementations of FineGrainedPrivacy.
There was a problem hiding this comment.
if it is not used, delete it 👍
...n/java/org/apache/sysds/runtime/privacy/propagation/MatrixMultiplicationPropagatorNaive.java
Outdated
Show resolved
Hide resolved
|
|
||
| package org.apache.sysds.runtime.privacy.propagation; | ||
|
|
||
| public enum OperatorType { |
There was a problem hiding this comment.
this could be considered to be moved into common/Types.java
or leverage already existing Operator Types?
There was a problem hiding this comment.
Right now, it is only used for privacy propagation, hence it is not a common type.
There was a problem hiding this comment.
The existing operator types are not relevant, since I only deal with two types: aggregate and non-aggregate.
There was a problem hiding this comment.
okay, i do the same in compression. It was just if they matched up completely, then they could be reused, and furthermore used as a TODO list, for what is not supported.
src/main/java/org/apache/sysds/runtime/privacy/propagation/PrivacyPropagator.java
Show resolved
Hide resolved
src/main/java/org/apache/sysds/runtime/privacy/propagation/PrivacyPropagator.java
Outdated
Show resolved
Hide resolved
2 participants
This PR improves propagation of fine-grained privacy constraints for matrix multiplications. The PR also provides a new structure for fine-grained privacy propagations by introducing a "Propagator" interface which are implemented by different propagator classes. This interface will be used in the following implementations of privacy propagation for other operators.
The new matrix multiplication propagation is more efficient than the previous implementation since it makes an array with the summarized privacy level of the rows of the first matrix and the columns of the second matrix.
Furthermore, it takes the operator type into account. This means that if a row or column contains only a single non-zero value, it cannot be considered an aggregation, hence the output in case of the PrivateAggregation privacy level in the input should still be PrivateAggregation.
The rules of propagation is implemented in the method "PrivacyPropagator.corePropagation", where the comment also details the privacy "truth table".