Bounds on Entries in 3-Dimensional Contingency Tables Subject to Given Marginal Totals
Inference Control in Statistical Databases, From Theory to Practice
Secure and useful data sharing
Decision Support Systems
Minimizing Information Loss and Preserving Privacy
Management Science
Maximizing Accuracy of Shared Databases when Concealing Sensitive Patterns
Information Systems Research
Privacy Protection in Data Mining: A Perturbation Approach for Categorical Data
Information Systems Research
Statistical confidentiality: Optimization techniques to protect tables
Computers and Operations Research
Disclosure Analysis and Control in Statistical Databases
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Identity disclosure protection: A data reconstruction approach for privacy-preserving data mining
Decision Support Systems
Privacy disclosure analysis and control for 2D contingency tables containing inaccurate data
PSD'10 Proceedings of the 2010 international conference on Privacy in statistical databases
Disclosure analysis for two-way contingency tables
PSD'06 Proceedings of the 2006 CENEX-SDC project international conference on Privacy in Statistical Databases
Class-Restricted Clustering and Microperturbation for Data Privacy
Management Science
Hi-index | 0.01 |
As databases grow more prevalent and comprehensive, database administrators seek to limit disclosure of confidential information while still providing access to data. Practical databases accommodate users with heterogeneous needs for access. Each class of data user is accorded access to only certain views. Other views are considered confidential, and hence to be protected. Using illustrations from health care and education, this article addresses inferential disclosure of confidential views in multidimensional categorical databases. It demonstrates that any structural, so data-value-independent method for detecting disclosure can fail. Consistent with previous work for two-way tables, it presents a data-value-dependent method to obtain tight lower and upper bounds for confidential data values. For two-dimensional projections of categorical databases, it exploits the network structure of a linear programming (LP) formulation to develop two transportation flow algorithms that are both computationally efficient and insightful. These algorithms can be easily implemented through two new matrix operators, cell-maxima and cell-minima. Collectively, this method is called matrix comparative assignment (MCA). Finally, it extends both the LP and MCA approaches to inferential disclosure when accessible views have been masked.