May 12, 2002 to May 15, 2002
John Canny , U.C. Berkeley
Server-based collaborative ?ltering systems have been very successful in e-commerce and in direct recommendation applications. In future, they have many potential applications in ubiquitous computing settings. But today's schemes have problems such as loss of privacy, favoring retail monopolies, and with hampering diffusion of innovations. We propose an alternative model in which users control all of their log data. We describe an algorithm whereby a community of users can compute a public "aggregate " of their data that does not expose individual users' data. The aggregate allows personalized recommendations to be computed by members of the community, or by outsiders. The numerical algorithm is fast, robust and accurate. Our method reduces the collaborative ?ltering task to an iterative calculation of the aggregate requiring only addition of vectors of user data. Then we use homomorphic encryption to allow sums of encrypted vectors o be computed and decrypted without exposing individual data. We give veri?cation schemes for all parties in the computation. Our system can be implemented with untrusted servers, or with additional infrastructure, as a fully peer-to-peer (P2P)system.
John Canny, "Collaborative Filtering with Privacy", SP, 2002, 2012 IEEE Symposium on Security and Privacy, 2012 IEEE Symposium on Security and Privacy 2002, pp. 45, doi:10.1109/SECPRI.2002.1004361