DOCSLIB.ORG

The Boundary Between Privacy and Utility in Data Publishing∗

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Boundary Between Privacy and Utility in Data Publishing∗ The Boundary Between Privacy and Utility in Data Publishing∗ Vibhor Rastogi Dan Suciu Sungho Hong ABSTRACT Age Nationality Score Age Nationality Score 25 British 99 21-30 * 99 We consider the privacy problem in data publishing: given a 27 British 97 21-30 * 97 database instance containing sensitive information “anonymize” 21 Indian 82 21-30 * 82 it to obtain a view such that, on one hand attackers cannot 32 Indian 90 31-40 * 90 learn any sensitive information from the view, and on the 33 American 94 31-40 * 94 other hand legitimate users can use it to compute useful 36 American 94 31-40 * 94 statistics. These are conflicting goals. In this paper we (a) Test Scores (b) 2-diversity and prove an almost crisp separation of the case when a use- 3-anonymity [13] ful anonymization algorithm is possible from when it is not, based on the attacker’s prior knowledge. Our definition of Age Nationality Score privacy is derived from existing literature and relates the 25 British 99 attacker’s prior belief for a given tuple t, with the pos- 21 British 99 terior belief for the same tuple. Our definition of utility Age Nationality Score 22 Indian 89 is based on the error bound on the estimates of counting 25 British 99 32 Indian 90 queries. The main result has two parts. First we show that 28 Indian 99 28 Indian 99 if the prior beliefs for some tuples are large then there exists 29 American 81 29 American 81 no useful anonymization algorithm. Second, we show that 32 Indian 90 33 American 94 when the prior is bounded for all tuples then there exists 39 American 84 27 American 94 an anonymization algorithm that is both private and useful. 32 Indian 89 32 British 83 The anonymization algorithm that forms our positive result (c) FRAPP [3] 36 American 94 is novel, and improves the privacy/utility tradeoff of previ- 26 American 99 ously known algorithms with privacy/utility guarantees such 39 Indian 94 as FRAPP. (d) αβ algorithm 1. INTRODUCTION Table 1: Different data publishing methods The need to preserve private information while publishing data for statistical processing is a widespread problem. By studying medical data, consumer data, or insurance data, the utility of any anonymization method, as a function of analysts can often derive very valuable statistical facts, some- the attacker’s background knowledge. When the attacker times benefiting the society at large, but the concerns about has too much knowledge, we show that no anonymization individual privacy prevents the dissemination of such databases. method can achieve both. We therefore propose to study Clearly, any anonymization method needs to trade off anonymization methods that can protect against bounded between privacy and utility: removing all items from the adversary, which have some, but only limited knowledge. database achieves perfect privacy, but total uselessness, while We show that in this case the tradeoff can be achieved. publishing the entire data unaltered is at the other extreme. In this paper we study the tradeoff between the privacy and 1.1 Basic Concepts Throughout the paper we will denote with I the database ∗This work was partially supported by NSF Grants IIS- 0415193, IIS-0627585, and ITR IIS-0428168 instance containing the private data. I is a collection of records, and we denote n = |I| its cardinality. We also denote D the domain of all possible tuples, i.e. I ⊆ D and Permission to copy without fee all or part of this material is granted provided denote m = |D|. For example, the data instance I in Fig 1 that the copies are not made or distributed for direct commercial advantage, (a) consists of n = 6 records representing test scores, and the VLDB copyright notice and the title of the publication and its date appear, D is the domain of all triples (x, y, z) where x ∈ [16, 35] and notice is given that copying is by permission of the Very Large Data is an age, y is a nationality (say, from a list of 50 valid Base Endowment. To copy otherwise, or to republish, to post on servers nationalities), and z ∈ [1, 100] is a test score, thus m = 20 · or to redistribute to lists, requires a fee and/or special permission from the 50 · 100 = 100, 000. The goal of an anonymization algorithm publisher, ACM. VLDB ‘07, September 23-28, 2007, Vienna, Austria. is to compute a new data instance V from I that offers both Copyright 2007 VLDB Endowment, ACM 978-1-59593-649-3/07/09. privacy (hides the tuples in I) and utility. The notion of 531 Definition Meaning D Domain of tuples I Database instance I ⊆ D V Published view V ⊆ D n Database size n = |I| m Domain size m = |D|, n m n k Attacker’s prior prior of tuple t, Pr[t] ≤ k m γ Attacker’s posterior posterior Pr[t|V ] ≤ γ √ ρ Query estimation error |Q(I) − Q˜(V )| ≤ ρ n Table 2: Symbols used in the paper; formal defini- tions in Sec. 2. privacy that we use in this paper compares the attacker’s prior probability of a tuple belonging to I, Pr[t] = Pr[t ∈ I] Figure 1: Data anonymization: (1) Local perturba- with the a posteriori probability, Pr[t|V ] = Pr[t ∈ I|V ]. tion (2) Data publishing (3) Output perturbation. If the algorithm is private, then in particular: if Pr[t] is low, Pr[t|V ] must also be low. It makes sense to express the n attacker’s prior as Pr[t] = k m , for some k, since the database contains n tuples out of m. We also denote γ a bound on the algorithms. All results in this paper are for data publishing. a posteriori. The notion of utility that we use in this paper In output perturbation, (3), the data is kept on a trusted cen- measures how well a user can estimate counting queries. An tral server that accepts user queries, evaluates them locally, example of a counting query Q for the data in Fig 1 (a) is then returns a perturbed answer. The best privacy/utility count the number people from poor African countries that tradeoffs can be achieved in this setting, but the cost is that received a score > 98: assuming the user has a list of poor the user can never see the data directly, and can access it African countries, the answer of Q on I, denoted Q(I), can only through the interaction with the server, which often is simply be obtained by scanning the table I and counting limited in what kinds of queries it supports. Some output how many records satisfy the predicate. But the user doesn’t perturbation algorithms place a bound on the number of have access to I, only to V , hence she will compute instead queries, i.e. the server counts how many queries it answers an estimate, Q˜(V ), over V . Our definition of utility consists on behalf of a user and stops once a limit has been reached. in a guaranteed upper bound on the absolute error of the Referring to Fig. 1 we note that all “positive” results ex- estimator, more precisely, it is given by a parameter ρ s.t. tend automatically to the right (e.g. any local perturbation ˜ √ algorithm can also be used in data publishing), while all |Q√(I) − Q(V )| ≤ ρ n. (We explain the particular choice of ρ n in a moment.) These parameters are summarized in “negative” results extend to the left. Table 2, and defined formally in Sec. 2. The relevant results from the related work in the literature are captured in Table 3, where we attempted to present them 1.2 Our Main Results in a unified framework. We explain now the positive and negative results. In this paper we√ prove two complementary main results. Positive results There are several randomized algorithms First, when k = Ω( m) then no algorithm can achieve both for local perturbation [1, 9, 10, 18, 2, 15, 3]. Each tuple in utility and privacy (Theorem 3.3). In other words, if the the database I is locally perturbed by replacing it with a adversary is powerful, i.e. his prior is Pr[t] = k n = Ω( √n ) m m randomly chosen tuple according to a predefined probabil- for some tuples t, then no algorithm can achieve both privacy ity distribution. FRAPP [3] is a framework that generalizes and utility. This justifies us to consider adversaries that all algorithms in this class, and also achieves the (provably) are bounded in power, i.e. their prior is bounded. Second, best privacy/utility in this class: ρ = k/γ. Note that our when k = O(1), equivalently when the adversary’s prior algorithm improves this, by reducing ρ to ρ = pk/γ (note is bounded by Pr[t] ≤ k n = O( n ), then we describe an m m p that k/γ > 1 because k > 1 and γ < 1). The reason we algorithm that achieves a utility of ρ = k/γ (Theorems 4.3 could improve the utility is that we use the power of the & 4.4). Here, and throughout the paper, the notations O(−) trusted server to make better perturbation in the data. In or Ω(−) refer to asymptotic functions in n and m. data publishing, virtually all techniques described in the lit- erature are variations of the k-anonymity method (e.g. [19, 1.3 Related Work 13, 17, 20]), which do not guarantee the privacy and/or util- We discuss now the related work in order to place our re- ity, and, hence, do not relate directly to our results.
Load more

Recommended publications
  • Mathematics 144 Set Theory Fall 2012 Version
    MATHEMATICS 144 SET THEORY FALL 2012 VERSION Table of Contents I. General considerations.……………………………………………………………………………………………………….1 1. Overview of the course…………………………………………………………………………………………………1 2. Historical background and motivation………………………………………………………….………………4 3. Selected problems………………………………………………………………………………………………………13 I I. Basic concepts. ………………………………………………………………………………………………………………….15 1. Topics from logic…………………………………………………………………………………………………………16 2. Notation and first steps………………………………………………………………………………………………26 3. Simple examples…………………………………………………………………………………………………………30 I I I. Constructions in set theory.………………………………………………………………………………..……….34 1. Boolean algebra operations.……………………………………………………………………………………….34 2. Ordered pairs and Cartesian products……………………………………………………………………… ….40 3. Larger constructions………………………………………………………………………………………………..….42 4. A convenient assumption………………………………………………………………………………………… ….45 I V. Relations and functions ……………………………………………………………………………………………….49 1.Binary relations………………………………………………………………………………………………………… ….49 2. Partial and linear orderings……………………………..………………………………………………… ………… 56 3. Functions…………………………………………………………………………………………………………… ….…….. 61 4. Composite and inverse function.…………………………………………………………………………… …….. 70 5. Constructions involving functions ………………………………………………………………………… ……… 77 6. Order types……………………………………………………………………………………………………… …………… 80 i V. Number systems and set theory …………………………………………………………………………………. 84 1. The Natural Numbers and Integers…………………………………………………………………………….83 2. Finite induction
    [Show full text]
  • Biography Paper – Georg Cantor
    Mike Garkie Math 4010 – History of Math UCD Denver 4/1/08 Biography Paper – Georg Cantor Few mathematicians are house-hold names; perhaps only Newton and Euclid would qualify. But there is a second tier of mathematicians, those whose names might not be familiar, but whose discoveries are part of everyday math. Examples here are Napier with logarithms, Cauchy with limits and Georg Cantor (1845 – 1918) with sets. In fact, those who superficially familier with Georg Cantor probably have two impressions of the man: First, as a consequence of thinking about sets, Cantor developed a theory of the actual infinite. And second, that Cantor was a troubled genius, crippled by Freudian conflict and mental illness. The first impression is fundamentally true. Cantor almost single-handedly overturned the Aristotle’s concept of the potential infinite by developing the concept of transfinite numbers. And, even though Bolzano and Frege made significant contributions, “Set theory … is the creation of one person, Georg Cantor.” [4] The second impression is mostly false. Cantor certainly did suffer from mental illness later in his life, but the other emotional baggage assigned to him is mostly due his early biographers, particularly the infamous E.T. Bell in Men Of Mathematics [7]. In the racially charged atmosphere of 1930’s Europe, the sensational story mathematician who turned the idea of infinity on its head and went crazy in the process, probably make for good reading. The drama of the controversy over Cantor’s ideas only added spice. 1 Fortunately, modern scholars have corrected the errors and biases in older biographies.
    [Show full text]
  • SRB MEASURES for ALMOST AXIOM a DIFFEOMORPHISMS José Alves, Renaud Leplaideur
    SRB MEASURES FOR ALMOST AXIOM A DIFFEOMORPHISMS José Alves, Renaud Leplaideur To cite this version: José Alves, Renaud Leplaideur. SRB MEASURES FOR ALMOST AXIOM A DIFFEOMORPHISMS. 2013. hal-00778407 HAL Id: hal-00778407 https://hal.archives-ouvertes.fr/hal-00778407 Preprint submitted on 20 Jan 2013 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. SRB MEASURES FOR ALMOST AXIOM A DIFFEOMORPHISMS JOSE´ F. ALVES AND RENAUD LEPLAIDEUR Abstract. We consider a diffeomorphism f of a compact manifold M which is Almost Axiom A, i.e. f is hyperbolic in a neighborhood of some compact f-invariant set, except in some singular set of neutral points. We prove that if there exists some f-invariant set of hyperbolic points with positive unstable-Lebesgue measure such that for every point in this set the stable and unstable leaves are \long enough", then f admits a probability SRB measure. Contents 1. Introduction 2 1.1. Background 2 1.2. Statement of results 2 1.3. Overview 4 2. Markov rectangles 5 2.1. Neighborhood of critical zone 5 2.2. First generation of rectangles 6 2.3. Second generation rectangles 7 2.4.
    [Show full text]
  • Bounding, Splitting and Almost Disjointness
    Bounding, splitting and almost disjointness Jonathan Schilhan Advisor: Vera Fischer Kurt G¨odelResearch Center Fakult¨atf¨urMathematik, Universit¨atWien Abstract This bachelor thesis provides an introduction to set theory, cardinal character- istics of the continuum and the generalized cardinal characteristics on arbitrary regular cardinals. It covers the well known ZFC relations of the bounding, the dominating, the almost disjointness and the splitting number as well as some more recent results about their generalizations to regular uncountable cardinals. We also present an overview on the currently known consistency results and formulate open questions. 1 CONTENTS Contents Introduction 3 1 Prerequisites 5 1.1 Model Theory/Predicate Logic . .5 1.2 Ordinals/Cardinals . .6 1.2.1 Ordinals . .7 1.2.2 Cardinals . .9 1.2.3 Regular Cardinals . 10 2 Cardinal Characteristics of the continuum 11 2.1 The bounding and the dominating number . 11 2.2 Splitting and mad families . 13 3 Cardinal Characteristics on regular uncountable cardinals 16 3.1 Generalized bounding, splitting and almost disjointness . 16 3.2 An unexpected inequality between the bounding and splitting numbers . 18 3.2.1 Elementary Submodels . 18 3.2.2 Filters and Ideals . 19 3.2.3 Proof of Theorem 3.2.1 (s(κ) ≤ b(κ)) . 20 3.3 A relation between generalized dominating and mad families . 23 References 28 2 Introduction @0 Since it was proven that the continuum hypothesis (2 = @1) is independent of the axioms of ZFC, the natural question arises what value 2@0 could take and it was shown @0 that 2 could be consistently nearly anything.
    [Show full text]
  • Almost-Free E-Rings of Cardinality ℵ1 Rudige¨ R Gob¨ El, Saharon Shelah and Lutz Strung¨ Mann
    Sh:785 Canad. J. Math. Vol. 55 (4), 2003 pp. 750–765 Almost-Free E-Rings of Cardinality @1 Rudige¨ r Gob¨ el, Saharon Shelah and Lutz Strung¨ mann Abstract. An E-ring is a unital ring R such that every endomorphism of the underlying abelian group R+ is multiplication by some ring element. The existence of almost-free E-rings of cardinality greater @ than 2 0 is undecidable in ZFC. While they exist in Godel'¨ s universe, they do not exist in other models @ of set theory. For a regular cardinal @1 ≤ λ ≤ 2 0 we construct E-rings of cardinality λ in ZFC which have @1-free additive structure. For λ = @1 we therefore obtain the existence of almost-free E-rings of cardinality @1 in ZFC. 1 Introduction + Recall that a unital ring R is an E-ring if the evaluation map ": EndZ(R ) ! R given by ' 7! '(1) is a bijection. Thus every endomorphism of the abelian group R+ is multiplication by some element r 2 R. E-rings were introduced by Schultz [20] and easy examples are subrings of the rationals Q or pure subrings of the ring of p-adic integers. Schultz characterized E-rings of finite rank and the books by Feigelstock [9, 10] and an article [18] survey the results obtained in the eighties, see also [8, 19]. In a natural way the notion of E-rings extends to modules by calling a left R-module M an E(R)-module or just E-module if HomZ(R; M) = HomR(R; M) holds, see [1].
    [Show full text]
  • The Axiom of Choice and Its Implications
    THE AXIOM OF CHOICE AND ITS IMPLICATIONS KEVIN BARNUM Abstract. In this paper we will look at the Axiom of Choice and some of the various implications it has. These implications include a number of equivalent statements, and also some less accepted ideas. The proofs discussed will give us an idea of why the Axiom of Choice is so powerful, but also so controversial. Contents 1. Introduction 1 2. The Axiom of Choice and Its Equivalents 1 2.1. The Axiom of Choice and its Well-known Equivalents 1 2.2. Some Other Less Well-known Equivalents of the Axiom of Choice 3 3. Applications of the Axiom of Choice 5 3.1. Equivalence Between The Axiom of Choice and the Claim that Every Vector Space has a Basis 5 3.2. Some More Applications of the Axiom of Choice 6 4. Controversial Results 10 Acknowledgments 11 References 11 1. Introduction The Axiom of Choice states that for any family of nonempty disjoint sets, there exists a set that consists of exactly one element from each element of the family. It seems strange at first that such an innocuous sounding idea can be so powerful and controversial, but it certainly is both. To understand why, we will start by looking at some statements that are equivalent to the axiom of choice. Many of these equivalences are very useful, and we devote much time to one, namely, that every vector space has a basis. We go on from there to see a few more applications of the Axiom of Choice and its equivalents, and finish by looking at some of the reasons why the Axiom of Choice is so controversial.
    [Show full text]
  • Cardinal Invariants Concerning Functions Whose Sum Is Almost Continuous Krzysztof Ciesielski West Virginia University, [email protected]
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by The Research Repository @ WVU (West Virginia University) Faculty Scholarship 1995 Cardinal Invariants Concerning Functions Whose Sum Is Almost Continuous Krzysztof Ciesielski West Virginia University, [email protected] Follow this and additional works at: https://researchrepository.wvu.edu/faculty_publications Part of the Mathematics Commons Digital Commons Citation Ciesielski, Krzysztof, "Cardinal Invariants Concerning Functions Whose Sum Is Almost Continuous" (1995). Faculty Scholarship. 822. https://researchrepository.wvu.edu/faculty_publications/822 This Article is brought to you for free and open access by The Research Repository @ WVU. It has been accepted for inclusion in Faculty Scholarship by an authorized administrator of The Research Repository @ WVU. For more information, please contact [email protected]. Cardinal invariants concerning functions whose sum is almost continuous. Krzysztof Ciesielski1, Department of Mathematics, West Virginia University, Mor- gantown, WV 26506-6310 ([email protected]) Arnold W. Miller1, York University, Department of Mathematics, North York, Ontario M3J 1P3, Canada, Permanent address: University of Wisconsin-Madison, Department of Mathematics, Van Vleck Hall, 480 Lincoln Drive, Madison, Wis- consin 53706-1388, USA ([email protected]) Abstract Let A stand for the class of all almost continuous functions from R to R and let A(A) be the smallest cardinality of a family F ⊆ RR for which there is no g: R → R with the property that f + g ∈ A for all f ∈ F . We define cardinal number A(D) for the class D of all real functions with the Darboux property similarly.
    [Show full text]
  • Georg Cantor English Version
    GEORG CANTOR (March 3, 1845 – January 6, 1918) by HEINZ KLAUS STRICK, Germany There is hardly another mathematician whose reputation among his contemporary colleagues reflected such a wide disparity of opinion: for some, GEORG FERDINAND LUDWIG PHILIPP CANTOR was a corruptor of youth (KRONECKER), while for others, he was an exceptionally gifted mathematical researcher (DAVID HILBERT 1925: Let no one be allowed to drive us from the paradise that CANTOR created for us.) GEORG CANTOR’s father was a successful merchant and stockbroker in St. Petersburg, where he lived with his family, which included six children, in the large German colony until he was forced by ill health to move to the milder climate of Germany. In Russia, GEORG was instructed by private tutors. He then attended secondary schools in Wiesbaden and Darmstadt. After he had completed his schooling with excellent grades, particularly in mathematics, his father acceded to his son’s request to pursue mathematical studies in Zurich. GEORG CANTOR could equally well have chosen a career as a violinist, in which case he would have continued the tradition of his two grandmothers, both of whom were active as respected professional musicians in St. Petersburg. When in 1863 his father died, CANTOR transferred to Berlin, where he attended lectures by KARL WEIERSTRASS, ERNST EDUARD KUMMER, and LEOPOLD KRONECKER. On completing his doctorate in 1867 with a dissertation on a topic in number theory, CANTOR did not obtain a permanent academic position. He taught for a while at a girls’ school and at an institution for training teachers, all the while working on his habilitation thesis, which led to a teaching position at the university in Halle.
    [Show full text]
  • Almost-At-A-Distance-Accepted
    Almost at-a-distance Andrew McKenzie (Kansas) and Lydia Newkirk (Rutgers) accepted draft in Linguistics & Philosophy [email protected] [email protected] https://doi.org/10.1007/s10988-019-09275-6 Abstract We claim that the meaning of the adverbial almost contains both a scalar proximity measure and a modal that allows it to work sometimes when proximity fails, what we call the at-a-distance reading. Essentially, almost can hold if the proposition follows from the normal uninterrupted out- comes of adding a small enough number of premises to a selection of rel- evant facts. Almost at-a-distance is blocked when the temporal properties of the topic time and Davidsonian event prevent normal outcomes from coming true when they need to. This approach to almost differs from the two general approaches that have emerged in the literature, by replacing the negative polar condition (not p) with a positive antecedent condition that entails not p while avoid- ing the numerous well-documented complications of employing a polar condition. Since this approach to almost involves a circumstantial base with a non-interrupting ordering source, almost behaves in certain ways like the progressive, and shows contextual variability of the same kinds that we see with premise sets. 1 Introduction The adverbial almost has a clear intuitive meaning, but has proven very difficult to reconcile with a formal semantics. Two basic approaches characterize our understanding of almost in the literature. Under scalar alternative accounts, almost p holds when p is false but some close alternative proposition q is true. Modal closeness accounts argue that almost p holds of world w when p is false in w, but true in some close alternative world w0.
    [Show full text]
  • Equivalents to the Axiom of Choice and Their Uses A
    EQUIVALENTS TO THE AXIOM OF CHOICE AND THEIR USES A Thesis Presented to The Faculty of the Department of Mathematics California State University, Los Angeles In Partial Fulfillment of the Requirements for the Degree Master of Science in Mathematics By James Szufu Yang c 2015 James Szufu Yang ALL RIGHTS RESERVED ii The thesis of James Szufu Yang is approved. Mike Krebs, Ph.D. Kristin Webster, Ph.D. Michael Hoffman, Ph.D., Committee Chair Grant Fraser, Ph.D., Department Chair California State University, Los Angeles June 2015 iii ABSTRACT Equivalents to the Axiom of Choice and Their Uses By James Szufu Yang In set theory, the Axiom of Choice (AC) was formulated in 1904 by Ernst Zermelo. It is an addition to the older Zermelo-Fraenkel (ZF) set theory. We call it Zermelo-Fraenkel set theory with the Axiom of Choice and abbreviate it as ZFC. This paper starts with an introduction to the foundations of ZFC set the- ory, which includes the Zermelo-Fraenkel axioms, partially ordered sets (posets), the Cartesian product, the Axiom of Choice, and their related proofs. It then intro- duces several equivalent forms of the Axiom of Choice and proves that they are all equivalent. In the end, equivalents to the Axiom of Choice are used to prove a few fundamental theorems in set theory, linear analysis, and abstract algebra. This paper is concluded by a brief review of the work in it, followed by a few points of interest for further study in mathematics and/or set theory. iv ACKNOWLEDGMENTS Between the two department requirements to complete a master's degree in mathematics − the comprehensive exams and a thesis, I really wanted to experience doing a research and writing a serious academic paper.
    [Show full text]
  • Canonical Models for Fragments of the Axiom of Choice∗
    Canonical models for fragments of the axiom of choice∗ Paul Larson y Jindˇrich Zapletal z Miami University University of Florida June 23, 2015 Abstract We develop a technology for investigation of natural forcing extensions of the model L(R) which satisfy such statements as \there is an ultrafil- ter" or \there is a total selector for the Vitali equivalence relation". The technology reduces many questions about ZF implications between con- sequences of the axiom of choice to natural ZFC forcing problems. 1 Introduction In this paper, we develop a technology for obtaining certain type of consistency results in choiceless set theory, showing that various consequences of the axiom of choice are independent of each other. We will consider the consequences of a certain syntactical form. 2 ! Definition 1.1. AΣ1 sentence Φ is tame if it is of the form 9A ⊂ ! (8~x 2 !! 9~y 2 A φ(~x;~y))^(8~x 2 A (~x)), where φ, are formulas which contain only numerical quantifiers and do not refer to A anymore, and may refer to a fixed analytic subset of 2! as a predicate. The formula are called the resolvent of the sentence. This is a syntactical class familiar from the general treatment of cardinal invari- ants in [11, Section 6.1]. It is clear that many consequences of Axiom of Choice are of this form: Example 1.2. The following statements are tame consequences of the axiom of choice: 1. there is a nonprincipal ultrafilter on !. The resolvent formula is \T rng(x) is infinite”; ∗2000 AMS subject classification 03E17, 03E40.
    [Show full text]
  • Regularity Properties and Determinacy
    Regularity Properties and Determinacy MSc Thesis (Afstudeerscriptie) written by Yurii Khomskii (born September 5, 1980 in Moscow, Russia) under the supervision of Dr. Benedikt L¨owe, and submitted to the Board of Examiners in partial fulfillment of the requirements for the degree of MSc in Logic at the Universiteit van Amsterdam. Date of the public defense: Members of the Thesis Committee: August 14, 2007 Dr. Benedikt L¨owe Prof. Dr. Jouko V¨a¨an¨anen Prof. Dr. Joel David Hamkins Prof. Dr. Peter van Emde Boas Brian Semmes i Contents 0. Introduction............................ 1 1. Preliminaries ........................... 4 1.1 Notation. ........................... 4 1.2 The Real Numbers. ...................... 5 1.3 Trees. ............................. 6 1.4 The Forcing Notions. ..................... 7 2. ClasswiseConsequencesofDeterminacy . 11 2.1 Regularity Properties. .................... 11 2.2 Infinite Games. ........................ 14 2.3 Classwise Implications. .................... 16 3. The Marczewski-Burstin Algebra and the Baire Property . 20 3.1 MB and BP. ......................... 20 3.2 Fusion Sequences. ...................... 23 3.3 Counter-examples. ...................... 26 4. DeterminacyandtheBaireProperty.. 29 4.1 Generalized MB-algebras. .................. 29 4.2 Determinacy and BP(P). ................... 31 4.3 Determinacy and wBP(P). .................. 34 5. Determinacy andAsymmetric Properties. 39 5.1 The Asymmetric Properties. ................. 39 5.2 The General Definition of Asym(P). ............. 43 5.3 Determinacy and Asym(P). ................. 46 ii iii 0. Introduction One of the most intriguing developments of modern set theory is the investi- gation of two-player infinite games of perfect information. Of course, it is clear that applied game theory, as any other branch of mathematics, can be modeled in set theory. But we are talking about the converse: the use of infinite games as a tool to study fundamental set theoretic questions.
    [Show full text]