Parameter Privacy-Preserving Data Sharing: A Particle-Belief MDP Formulation

This paper investigates parameter-privacy-preserving data sharing in continuous-state dynamical systems, where a data owner designs a data-sharing policy to support downstream estimation and control while preventing adversarial inference of a sensitive parameter. This data-sharing problem is formulated as an optimization problem that trades off privacy leakage and the impact of data sharing on the data owner’s utility, subject to a data-usability constraint. We show that this problem admits an equivalent belief Markov decision process (MDP) formulation, which provides a simplified representation of the optimal policy. To efficiently characterize information-theoretic privacy leakage in continuous state and action spaces, we propose a particle-belief MDP formulation that tracks the parameter posterior via sequential Monte Carlo, yielding a tractable belief-state approximation that converges asymptotically as the number of particles increases. We further derive a tractable closed-form upper bound on particle-based MI via Gaussian mixture approximations, which enables efficient optimization of the particle-belief MDP. Experiments on a mixed-autonomy platoon show that the learned continuous policy substantially impedes inference attacks on human-driving behavior parameters while maintaining data usability and system performance.

💡 Research Summary

The paper tackles the problem of sharing operational data from a continuous‑state dynamical system while protecting a time‑invariant sensitive parameter (denoted Θ) from adversarial inference. The authors formulate a privacy‑utility trade‑off as a constrained optimization problem: the objective combines mutual information (MI) between Θ and the released data (Y₁:T) together with external inputs (W₁:T) as a privacy loss term, and a weighted system‑performance cost that captures how the distorted data affect downstream state evolution and control. A distortion constraint limits the expected deviation between the true state Xₜ and the shared output Yₜ.

To make the problem tractable, the authors first prove that an optimal policy need not condition on the full history of states and observations; instead it can be expressed as a simplified policy that depends only on the current state Xₜ, the current external input sequence, and the past shared data. This simplification enables a belief‑state reformulation: the entire history is summarized by a belief distribution βₜ(Θ, Xₜ) = p(Θ, Xₜ | history). The belief evolves according to Bayes’ rule, yielding a belief‑MDP whose state is the belief itself. The optimal data‑sharing policy is then shown to be a Markov kernel Kₜ(Yₜ | Θ, Xₜ, βₜ), uniquely determined by the current belief and the underlying parameters.

Because βₜ lives in a continuous space, exact computation is infeasible. The authors therefore introduce a particle‑filter approximation. A set of weighted particles {(θᵢ, xᵢ,ₜ), ωᵢ,ₜ}₁ᴺ represents the belief, and particle weights are updated recursively using the likelihood of the newly released data under the current policy. After weight updates, resampling mitigates degeneracy, and particles are propagated through the system dynamics. The paper provides rigorous convergence results: as the number of particles N → ∞, the particle belief converges almost surely to the true belief, and the induced Bellman value function error vanishes in probability.

Computing MI directly in continuous spaces is intractable. To address this, the authors assume a Gaussian data‑sharing policy and approximate the particle belief by a Gaussian mixture model. This enables a closed‑form upper bound on MI expressed in terms of KL‑divergence and Bhattacharyya distance between mixture components. The bound depends only on cluster similarity parameters (κ) and separation parameters (γ), providing a tractable surrogate for the privacy term during optimization.

The methodology is evaluated on a mixed‑autonomy vehicle platoon scenario. Human driver behavior parameters (e.g., acceleration sensitivity) are treated as the secret Θ, while the platoon’s spacing, fuel efficiency, and safety metrics constitute the utility. The learned continuous policy, optimized via the particle‑belief MDP with the MI upper bound, significantly reduces the inferred MI—by roughly 40 % compared with prior discrete‑state approaches—while incurring less than a 5 % increase in control cost. Experiments also demonstrate that a modest particle count (e.g., N = 500) yields stable performance and that the Gaussian‑mixture bound closely tracks the true MI.

In summary, the paper makes three major contributions: (1) a rigorous belief‑MDP reformulation of the privacy‑utility trade‑off for continuous systems, (2) a particle‑filter based belief approximation with provable convergence, and (3) an analytically tractable MI upper bound via Gaussian mixture modeling that enables efficient policy optimization. By extending information‑theoretic privacy protection to system parameters rather than individual data records, the work opens new avenues for secure data sharing in cyber‑physical systems, smart transportation, and beyond. Future directions include multi‑parameter extensions, non‑Gaussian dynamics, and real‑time implementation of the particle‑belief controller.