Abstract
k-Anonymity is a privacy model requiring that all combinations of key attributes in a database be repeated at least for k records. It has been shown that k-anonymity alone does not always ensure privacy. A number of sophistications of k-anonymity have been proposed, like p-sensitive k-anonymity, l-diversity and t-closeness. We identify some shortcomings of those models and propose a new model called (k,p,q,r)-anonymity. Also, we propose a computational procedure to achieve this new model that relies on microaggregation.
The authors are with the UNESCO Chair in Data Privacy, but the views expressed in this paper are those of the authors and do not commit UNESCO. This work was partly supported by the Spanish Government through projects TSI2007-65406-C03-01 “E-AEGIS” and CONSOLIDER INGENIO 2010 CSD2007-00004 “ARES” and by the Government of Catalonia under grant 2005 SGR 00446.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agrawal, R., Srikant, R.: Privacy preserving data mining. In: Proceedings of the ACM SIGMOD, pp. 439–450 (2000)
Brand, R., Domingo-Ferrer, J., Mateo-Sanz, J.M.: Reference data sets to test and compare SDC methods for protection of numerical microdata., European Project IST-2000-25069 CASC (2002), http://neon.vb.cbs.nl/casc
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: IEEE Symposium on Foundations of Computer Science (FOCS), pp. 41–50 (1995)
Dalenius, T.: The invasion of privacy problem and statistics production. An overview. Statistik Tidskrift 12, 213–225 (1974)
Dalenius, T.: Finding a needle in a haystack - or identifying anonymous census records. Journal of Official Statistics 2(3), 329–336 (1986)
Domingo-Ferrer, J.: A three-dimensional conceptual framework for database privacy. In: Jonker, W., Petković, M. (eds.) SDM 2007. LNCS, vol. 4721, pp. 193–202. Springer, Heidelberg (2007)
Domingo-Ferrer, J., Solanas, A.: A measure of variance for nominal attributes (manuscript, 2008)
Domingo-Ferrer, J., Mateo-Sanz, J.: Practical data-oriented microaggregation for statistical disclosure control. IEEE Transactions on Knowledge and Data Engineering 14, 189–201 (2002)
Domingo-Ferrer, J., Torra, V.: Ordinal, continuous and heterogeneous k-anonymity through microaggregation. Data Mining and Knowledge Discovery 11(2), 195–212 (2005)
Li, N., Li, T., Venkatasubramanian, S.: t-Closeness: privacy beyond k-anonymity and l-diversity. In: Proceedings of the IEEE ICDE (2007)
Lindell, Y., Pinkas, B.: Privacy preserving data mining. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 36–53. Springer, Heidelberg (2000)
Machanavajjhala, A., Gehrke, J., Kiefer, D., Venkatasubramanian, S.: l-Diversity: privacy beyond k-anonymity. In: Proceedings of the IEEE ICDE 2006 (2006)
Martin, D.J., Kiefer, D., Machanavajjhala, A., Gehrke, J.: Worst-case background knowledge for privacy-preserving data publishing. In: Proceedings of the IEEE ICDE 2007 (2007)
Samarati, P., Sweeney, L.: Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression., Tech. Report, SRI International (1998)
Samarati, P.: Protecting respondents identities in microdata release. IEEE Transactions on Knowledge and Data Engineering 13(6), 1010–1027 (2001)
Solanas, A., Sebé, F., Domingo-Ferrer, J.: Micro-aggregation-based heuristics for p-sensitive k-anonymity: one step beyond. In: Extending Database Technology, EDBT 2008 (2008)
Truta, T.M., Vinay, B.: Privacy protection: p-sensitive k-anonymity property. In: 2nd International Workshop on Private Data Management PDM 2006. IEEE Computer Society Press, Los Alamitos (2006)
Willenborg, L., DeWaal, T.: Elements of Statistical Disclosure Control. Springer, Heidelberg (2001)
Wong, R.C.-W., Li, J., Fu, A.W.-C., Wang, K.: (α,k)-Anonymity: An enhanced k-anonymity model for privacy-preserving data publishing. In: Proceedings of the KDD 2006 (2006)
Wong, R.C.-W., Fu, A.W.-C., Wang, K., Pei, J.: Minimality attack in privacy preserving data publishing. In: Proceedings of the VLDB 2007, pp. 543–554 (2007)
Xiao, X., Tao, Y.: Personalized privacy preservation. In: SIGMOD Conference 2006, pp. 229–240 (2006)
Yao, C., Wang, L., Wang, X.S., Jajodia, S.: Indistinguishability: The Other Aspect of Privacy. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 1–17. Springer, Heidelberg (2006)
Zhang, Q., Koudas, N., Srivastava, D., Yu, T.: Aggregate query answering on anonymized tables. In: Proceedings of the IEEE ICDE 2007, pp. 116–125 (2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Domingo-Ferrer, J., Sebé, F., Solanas, A. (2008). An Anonymity Model Achievable Via Microaggregation. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2008. Lecture Notes in Computer Science, vol 5159. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85259-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-85259-9_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85258-2
Online ISBN: 978-3-540-85259-9
eBook Packages: Computer ScienceComputer Science (R0)