This paper addresses a novel threat to differential privacy in relational databases—where adversaries progressively infer sensitive information through multiple queries combined with relational reasoning. Method: We introduce a systematic modeling and defense framework, first defining “value-level metrics” and “labeled distributed transition semantics” for databases, thereby generalizing the notion of database adjacency. Based on this, we design the Distributed Labeled Transition System (DLTTS), integrating probabilistic automata, concurrent systems, and relational logic to formally characterize incremental knowledge leakage paths. Contributions: (1) We extend adjacency from tuple-level to value-level, enabling finer-grained privacy protection; (2) we establish a computable metric mechanism applicable across broad classes of relational databases; and (3) we provide a theoretical foundation and formal modeling tools for designing customized differential privacy mechanisms.

We introduce a logical framework named Distributed Labeled Tagged Transition System (DLTTS), using concepts from Probabilistic Automata, Probabilistic Concurrent Systems, and Probabilistic labelled transition systems. We show that DLTTS can be used to formally model how a given piece of private information P (e.g., a set of tuples) stored in a given database D can get captured progressively by an adversary A repeatedly querying D, enhancing the knowledge acquired from the answers to these queries with relational deductions using certain additional non-private data. The database D is assumed protected with generalization mechanisms. We also show that, on a large class of databases, metrics can be defined 'value-wise', and more general notions of adjacency between data bases can be defined, based on these metrics. These notions can also play a role in differentially private protection mechanisms.