Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Model Diagnostics for Remote Access Regression Servers
Statistics and Computing
Remote access systems for statistical analysis of microdata
Statistics and Computing
Modern Applied Statistics with S
Modern Applied Statistics with S
Regression output from a remote analysis server
Data & Knowledge Engineering
Improving security by using a database management system for integrated statistical data analysis
Proceedings of the 4th International Workshop on Privacy and Anonymity in the Information Society
An investigation of model-based microdata masking for magnitude tabular data release
PSD'12 Proceedings of the 2012 international conference on Privacy in Statistical Databases
Confidentialising maps of mixed point and diffuse spatial data
PSD'12 Proceedings of the 2012 international conference on Privacy in Statistical Databases
Hi-index | 0.01 |
This paper is concerned with the challenge of enabling the use of confidential or private data for research and policy analysis, while protecting confidentiality and privacy by reducing the risk of disclosure of sensitive information. Traditional solutions to the problem of reducing disclosure risk include releasing de-identified data and modifying data before release. In this paper we discuss the alternative approach of using a remote analysis server which does not enable any data release, but instead is designed to deliver useful results of user-specified statistical analyses with a low risk of disclosure. The techniques described in this paper enable a user to conduct a wide range of methods in exploratory data analysis, regression and survival analysis, while at the same time reducing the risk that the user can read or infer any individual record attribute value. We illustrate our methods with examples from biostatistics using publicly available data. We have implemented our techniques into a software demonstrator called Privacy-Preserving Analytics^(R)(PPA^(R)), via a web-based interface to the R software. We believe that PPA^(R) may provide an effective balance between the competing goals of providing useful information and reducing disclosure risk in some situations.