εKTELO: A Framework for Defining Differentially-Private Computations

The adoption of differential privacy is growing but the complexity of designing private, efficient and accurate algorithms is still high. We propose a novel programming framework and system, epsilon KTELO, for implementing both existing and new privacy algorithms. For the task of answering linear counting queries, we show that nearly all existing algorithms can be composed from operators, each conforming to one of a small number of operator classes. While past programming frameworks have helped to ensure the privacy of programs, the novelty of our framework is its significant support for authoring accurate and efficient (as well as private) programs. We describe the design and architecture of the epsilon KTELO system and show that epsilon KTELO is expressive enough to describe many algorithms from the privacy literature. epsilon KTELO allows for safer implementations through code reuse and allows both privacy novices and experts to more easily design new algorithms. We demonstrate the use of epsilon KTELO by designing new algorithms offering state-of-the-art accuracy and runtime.