Protecting Respondents' Identities in Microdata Release
IEEE Transactions on Knowledge and Data Engineering
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Achieving k-anonymity privacy protection using generalization and suppression
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Transforming data to satisfy privacy constraints
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Bottom-Up Generalization: A Data Mining Solution to Privacy Protection
ICDM '04 Proceedings of the Fourth IEEE International Conference on Data Mining
Top-Down Specialization for Information and Privacy Preservation
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Data Privacy through Optimal k-Anonymization
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Mondrian Multidimensional K-Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
\ell -Diversity: Privacy Beyond \kappa -Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Privacy Protection: p-Sensitive k-Anonymity Property
ICDEW '06 Proceedings of the 22nd International Conference on Data Engineering Workshops
Personalized privacy preservation
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
A crossover operator for the k- anonymity problem
Proceedings of the 8th annual conference on Genetic and evolutionary computation
Utility-based anonymization using local recoding
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Capturing data usefulness and privacy protection in K-anonymisation
Proceedings of the 2007 ACM symposium on Applied computing
Data & Knowledge Engineering
OptRR: Optimizing Randomized Response Schemes for Privacy-Preserving Data Mining
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
On the Optimal Selection of k in the k-Anonymity Problem
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Performance assessment of multiobjective optimizers: an analysis and review
IEEE Transactions on Evolutionary Computation
On the identification of property based generalizations in microdata anonymization
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Hi-index | 0.00 |
Privacy models such as k-anonymity and l-diversity typically offer an aggregate or scalar notion of the privacy property that holds collectively on the entire anonymized data set. However, they fail to give an accurate measure of privacy with respect to the individual tuples. For example, two anonymizations achieving the same value of k in the k-anonymity model will be considered equally good with respect to privacy protection. However, it is quite possible that for one of the anonymizations a majority of the individual tuples have lesser probabilities of privacy breaches than their counterparts in the other anonymization. We therefore reject the notion that all anonymizations satisfying a particular privacy property, such as k-anonymity, are equally good. The scalar or aggregate value used in privacy models is often biased towards a fraction of the data set, resulting in higher privacy for some individuals and minimalistic for others. Consequently, to better compare anonymization algorithms, there is a need to formalize and measure this bias. Towards this end, we advocate the use of vector-based methods for representing privacy and other measurable properties of an anonymization. We represent the measure of a given property for an anonymized data set using a property vector. Anonymizations are then compared using quality index functions that quantify the effectiveness of the property vectors. A formal analysis with respect to their scope and limitations is provided. Finally, we present preference based techniques when comparisons are to be made across multiple properties induced by anonymizations.