Privacy inference attacking and prevention on multiple relative k-anonymized microdata sets

Authors:
Yalong Dong;Zude Li;Xiaojun Ye
Affiliations:
Key Laboratory for Information System Security, Ministry of Education, School of Software, Tsinghua University, Beijing, China;Computer Science Dept., University of Western Ontario, London, Ontario, Canada;Key Laboratory for Information System Security, Ministry of Education, School of Software, Tsinghua University, Beijing, China
Venue:
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Year:
2008

Citing 9
Cited 0

k-anonymity: a model for protecting privacy

International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Achieving k-anonymity privacy protection using generalization and suppression

International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
On the complexity of optimal K-anonymity

PODS '04 Proceedings of the twenty-third ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Incognito: efficient full-domain K-anonymity

Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Checking for k-anonymity violation by views

VLDB '05 Proceedings of the 31st international conference on Very large data bases
\ell -Diversity: Privacy Beyond \kappa -Anonymity

ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Injecting utility into anonymized datasets

Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Capture inference attacks for K-anonymity with privacy inference logic

DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
Towards a more reasonable generalization cost metric for k-anonymization

BNCOD'06 Proceedings of the 23rd British National Conference on Databases, conference on Flexible and Efficient Information Handling

Quantified Score

Hi-index	0.00

Visualization

Abstract

In k-anonymity modeling process, it is widely assumed that a relational table of microdata is published with a single sensitive attribute. This assumption is too simple and unreasonable. We observe that multiple sensitive attributes in one or more tables may incur privacy inference violations that are not visible under the single sensitive attribute assumption. In this paper, a new (k, l)-anonymity model is introduced beyond the existed l-diversity mechanism, which is an improved microdata publication model that can effectively prevent these multiple-attributed privacy violations. The (k, l)-anonymity process consists of two phases: k-anonymization on identifying attributes and l-diversity on sensitive attributes. The related (k, l)-anonymity algorithms are proposed and the data generalization metric is provided for minimizing the anonymization cost. A running example illustrates this technique in detail, which also convinces its effectiveness.