k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Achieving k-anonymity privacy protection using generalization and suppression
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
On the complexity of optimal K-anonymity
PODS '04 Proceedings of the twenty-third ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Incognito: efficient full-domain K-anonymity
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Checking for k-anonymity violation by views
VLDB '05 Proceedings of the 31st international conference on Very large data bases
\ell -Diversity: Privacy Beyond \kappa -Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Injecting utility into anonymized datasets
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Capture inference attacks for K-anonymity with privacy inference logic
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
Towards a more reasonable generalization cost metric for k-anonymization
BNCOD'06 Proceedings of the 23rd British National Conference on Databases, conference on Flexible and Efficient Information Handling
Hi-index | 0.00 |
In k-anonymity modeling process, it is widely assumed that a relational table of microdata is published with a single sensitive attribute. This assumption is too simple and unreasonable. We observe that multiple sensitive attributes in one or more tables may incur privacy inference violations that are not visible under the single sensitive attribute assumption. In this paper, a new (k, l)-anonymity model is introduced beyond the existed l-diversity mechanism, which is an improved microdata publication model that can effectively prevent these multiple-attributed privacy violations. The (k, l)-anonymity process consists of two phases: k-anonymization on identifying attributes and l-diversity on sensitive attributes. The related (k, l)-anonymity algorithms are proposed and the data generalization metric is provided for minimizing the anonymization cost. A running example illustrates this technique in detail, which also convinces its effectiveness.