We consider differentially private range queries on a graph where query ranges are defined as the set of edges on a shortest path of the graph. Edges in the graph carry sensitive attributes and the goal is to report the sum of these attributes on a shortest path for counting query or the minimum of the attributes in a bottleneck query. We use differential privacy to ensure that the release of these query answers provide protection of the privacy of the sensitive edge attributes. Our goal is to develop mechanisms that minimize the additive error of the reported answers with the given privacy budget. In this paper we report non-trivial results for private range queries on shortest paths. For counting range queries we can achieve an additive error of $\tilde O(n^{1/3})$ for $\varepsilon$-DP and $\tilde O(n^{1/4})$ for $(\varepsilon, \delta)$-DP. We present two algorithms where we control the final error by carefully balancing perturbation added to the edge attributes directly versus perturbation added to a subset of range query answers (which can be used for other range queries). Bottleneck range queries are easier and can be answered with polylogarithmic additive errors using standard techniques.

翻译：我们考虑图上的差分隐私范围查询，其中查询范围定义为图中最短路径上的边集。图中的边携带敏感属性，目标是计算最短路径上这些属性的总和（计数查询）或属性最小值（瓶颈查询）。我们使用差分隐私来确保对这些查询答案的发布能够保护敏感边属性的隐私。我们的目标是设计在给定隐私预算下最小化报告答案附加误差的机制。本文报告了关于最短路径上隐私范围查询的非平凡结果。对于计数范围查询，我们可以在ε-差分隐私下实现Õ(n^{1/3})的附加误差，在(ε, δ)-差分隐私下实现Õ(n^{1/4})的附加误差。我们提出两种算法，通过精心平衡直接添加至边属性的扰动与添加至（可被其他范围查询使用的）查询答案子集的扰动，来控制最终误差。瓶颈范围查询较为简单，可通过标准技术以多对数级附加误差实现。