[2602.22699] DPSQL+: A Differentially Private SQL Library with a Minimum Frequency Rule

Computer Science > Cryptography and Security arXiv:2602.22699 (cs) [Submitted on 26 Feb 2026] Title:DPSQL+: A Differentially Private SQL Library with a Minimum Frequency Rule Authors:Tomoya Matsumoto, Shokichi Takakura, Shun Takagi, Satoshi Hasegawa View a PDF of the paper titled DPSQL+: A Differentially Private SQL Library with a Minimum Frequency Rule, by Tomoya Matsumoto and 3 other authors View PDF HTML (experimental) Abstract:SQL is the de facto interface for exploratory data analysis; however, releasing exact query results can expose sensitive information through membership or attribute inference attacks. Differential privacy (DP) provides rigorous privacy guarantees, but in practice, DP alone may not satisfy governance requirements such as the \emph{minimum frequency rule}, which requires each released group (cell) to include contributions from at least $k$ distinct individuals. In this paper, we present \textbf{DPSQL+}, a privacy-preserving SQL library that simultaneously enforces user-level $(\varepsilon,\delta)$-DP and the minimum frequency rule. DPSQL+ adopts a modular architecture consisting of: (i) a \emph{Validator} that statically restricts queries to a DP-safe subset of SQL; (ii) an \emph{Accountant} that consistently tracks cumulative privacy loss across multiple queries; and (iii) a \emph{Backend} that interfaces with various database engines, ensuring portability and extensibility. Experiments on the TPC-H benchmark demonstrate that DPSQL+ achieves pract...