| CPC G06F 21/6254 (2013.01) [G06F 16/2452 (2019.01); G06F 21/6227 (2013.01)] | 4 Claims |
|
1. An analysis query response system comprising:
a user terminal that generates and transmits an analysis query, the analysis query including at least information about a function that performs an analysis calculation; and
a database apparatus including an analysis query verification apparatus that includes processing circuitry configured to perform a first verification of whether the analysis query satisfies a predetermined privacy preservation indicator, and an analysis query execution apparatus that includes processing circuitry configured to, in a case where the first verification is successful, performs an analysis corresponding to the analysis query on personal data read from a personal data memory that stores personal data to acquire an analysis result, and apply a predetermined privacy-preserving mechanism to the acquired analysis result,
wherein:
the user terminal generates the analysis query under the predetermined privacy preservation indicator and a predetermined programming language,
the processing circuitry of the analysis query execution apparatus is configured to discard the analysis query in a case where the first verification is unsuccessful,
the user terminal additionally generates and transmits proof information, the proof information being information related to a proof that the analysis query satisfies the predetermined privacy preservation indicator,
the processing circuitry of the analysis query verification apparatus is configured to use the proof information to perform the first verification of whether the analysis query satisfies the predetermined privacy preservation indicator,
the predetermined privacy preservation indicator is ε-differential privacy.
|