Abstract
The evolution of the Information and Communication Technology has radically changed our electronic lives, making information the key driver for today’s society. Every action we perform requires the collection, elaboration, and dissemination of personal information. This situation has clearly brought a tremendous exposure of private and sensitive information to privacy breaches.
In this chapter, we describe how the techniques developed for protecting data have evolved in the years. We start by providing an overview of the first privacy definitions (k-anonymity, ℓ-diversity, t-closeness, and their extensions) aimed at ensuring proper data protection against identity and attribute disclosures. We then illustrate how changes in the underlying assumptions lead to scenarios characterized by different and more complex privacy requirements. In particular, we show the impact on privacy when considering multiple releases of the same data or dynamic data collections, fine-grained privacy definitions, generic privacy constraints, and the external knowledge that a potential adversary may exploit for inferring sensitive information. We also briefly present the concept of differential privacy that has recently emerged as an alternative privacy definition.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aggarwal, G., Feder, T., Kenthapadi, K., Motwani, R., Panigrahy, R., Thomas, D., Zhu, A.: Approximation algorithms for k-anonymity. Journal of Privacy Technology (November 2005)
Azzini, A., Marrara, S., Sassi, R., Scotti, F.: A fuzzy approach to multimodal biometric continuous authentication. Fuzzy Optimization and Decision Making 7(3), 215–302 (2008)
Barbaro, M., Zeller, T.: A face is exposed for AOL searcher no. 4417749. New York Times, August 9 (2006)
Bayardo, R.J., Agrawal, R.: Data privacy through optimal k-anonymization. In: Proc. of the 21st IEEE International Conference on Data Engineering (ICDE 2005), Tokyo, Japan (April 2005)
Bezzi, M., De Capitani di Vimercati, S., Livraga, G., Samarati, P.: Protecting privacy of sensitive value distributions in data release. In: Proc. of the 6th Workshop on Security and Trust Management (STM 2010), Athens, Greece (September 2010)
Chen, B.C., LeFevre, K., Ramakrishnan, R.: Privacy skyline: Privacy with multi-dimensional adversarial knowledge. In: Proc. of the 33rd International Conference on Very Large Data Bases (VLDB 2007), Vienna, Austria (September 2007)
Cimato, S., Gamassi, M., Piuri, V., Sassi, R., Scotti, F.: Privacy-aware biometrics: Design and implementation of a multimodal verification system. In: Proc. of the 24th Annual Computer Security Applications Conference (ACSAC 2008), Anaheim, CA, USA (December 2008)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation design for efficient query execution over sensitive distributed databases. In: Proc. of the 29th International Conference on Distributed Computing Systems (ICDCS 2009), Montreal, Canada (June 2009)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM Transactions on Information and System Security (TISSEC) 13(3), 22:1–22:33 (2010)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: k-Anonymity. In: Yu, T., Jajodia, S. (eds.) Secure Data Management in Decentralized Systems. Springer, Heidelberg (2007)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Microdata protection. In: Yu, T., Jajodia, S. (eds.) Secure Data Management in Decentralized Systems. Springer, Heidelberg (2007)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Theory of privacy and anonymity. In: Atallah, M., Blanton, M. (eds.) Algorithms and Theory of Computation Handbook, 2nd edn. CRC Press, Boca Raton (2009)
Dalenius, T.: Towards a methodology for statistical disclosure control. Statistik Tidskrift 15, 429–444 (1977)
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM Transactions on Database Systems (TODS) 35(2), 12:1–12:46 (2010)
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragments and loose associations: Respecting privacy in data publishing. Proc. of the VLDB Endowment 3(1), 1370–1381 (2010)
Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating Noise to Sensitivity in Private Data Analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)
Frikken, K.B., Zhang, Y.: Yet another privacy metric for publishing micro-data. In: Proc. of the 7th Workshop on Privacy in Electronic Society (WPES 2008), Alexandria, VA, USA (October 2008)
Gamassi, M., Lazzaroni, M., Misino, M., Piuri, V., Sana, D., Scotti, F.: Accuracy and performance of biometric systems. In: Proc. of the 2004 IEEE Instrumentation & Measurement Technology Conference (IMTC 2004), Como, Italy (May 2004)
Gamassi, M., Piuri, V., Sana, D., Scotti, F.: Robust fingerprint detection for access control. In: Proc. of the 2nd RoboCare Workshop (RoboCare 2005), Rome, Italy (May 2005)
Golle, P.: Revisiting the uniqueness of simple demographics in the US population. In: Proc. of the 5th Workshop on Privacy in the Electronic Society (WPES 2006), Alexandria, VA, USA (October 2006)
Kifer, D.: Attacks on privacy and deFinetti’s theorem. In: Proc. of the 2009 ACM SIGMOD International Conference on Management of Data (SIGMOD 2009), Providence, RI, USA (June 2009)
LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: Proc. of the 2005 ACM SIGMOD International Conference on Management of Data (SIGMOD 2005), Baltimore, MD, USA (June 2005)
LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Mondrian multidimensional k-anonymity. In: Proc. of the 22nd IEEE International Conference on Data Engineering (ICDE 2006), Atlanta, GA, USA (April 2006)
Li, F., Sun, J., Papadimitriou, S., Mihaila, G., Stanoi, I.: Hiding in the crowd: Privacy preservation on evolving streams through correlation tracking. In: Proc. of the 23rd IEEE International Conference on Data Engineering (ICDE 2007), Istanbul, Turkey (April 2007)
Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and ℓ-diversity. In: Proc.of the 23rd IEEE International Conference on Data Engineering (ICDE 2007), Istanbul, Turkey (April 2007)
Li, T., Li, N.: On the tradeoff between privacy and utility in data publishing. In: Proc. of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD 2009), Paris, France (June-July 2009)
Machanavajjhala, A., Gehrke, J., Götz, M.: Data publishing against realistic adversaries. Proc. of the VLDB Endowment 2(1), 790–801 (2009)
Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: ℓ-diversity: Privacy beyond k-anonymity. ACM Transactions on Knowledge Discovery from Data (TKDD) 1(1), 3:1–3:52 (2007)
Martin, D.J., Kifer, D., Machanavajjhala, A., Gehrke, J., Halpern, J.Y.: Worst-case background knowledge for privacy-preserving data publishing. In: Proc. of the 23rd IEEE International Conference on Data Engineering (ICDE 2007), Istanbul, Turkey (April 2007)
Meyerson, A., Williams, R.: On the complexity of optimal k-anonymity. In: Proc. of the 23rd ACM-SIGMOD-SIGACT-SIGART Symposium on the Principles of Database Systems (PODS 2004), Paris, France (June 2004)
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: Proc. of the 2008 IEEE Symposium on Security and Privacy (SP 2008), Berkeley/Oakland, CA, USA (May 2008)
Narayanan, A., Shmatikov, V.: Myths and fallacies of personally identifiable information. Communications of the ACM (CACM) 53, 24–26 (2010)
Nergiz, M.E., Atzori, M., Clifton, C.: Hiding the presence of individuals from shared databases. In: Proc. of the 2007 ACM SIGMOD International Conference on Management of Data (SIGMOD 2007), Beijing, China (June 2007)
Nergiz, M., Clifton, C., Nergiz, A.: Multirelational k-anonymity. In: Proc. of the 23rd IEEE International Conference on Data Engineering (ICDE 2007), Istanbul, Turkey (April 2007)
Pei, J., Tao, Y., Li, J., Xiao, X.: Privacy preserving publishing on multiple quasi-identifiers. In: Proc. of the 25th IEEE International Conference on Data Engineering (ICDE 2009), Shanghai, China (March-April 2009)
Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Transactions on Knowledge and Data Engineering (TKDE) 13(6), 1010–1027 (2001)
Terrovitis, M., Mamoulis, N., Kalnis, P.: Privacy-preserving anonymization of set-valued data. Proc. of the VLDB Endowment 1, 115–125 (2008)
Wang, K., Fung, B.C.M.: Anonymizing sequential releases. In: Proc. of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD 2006), Philadelphia, PA, USA (August 2006)
Wang, K., Xu, Y., Wong, R., Fu, A.: Anonymizing temporal data. In: Proc. of the 2010 IEEE International Conference on Data Mining (ICDM 2010), Sydney, Australia (December 2010)
Xiao, X., Tao, Y.: Anatomy: Simple and effective privacy preservation. In: Proc. of the 32nd International Conference on Very Large Data Bases (VLDB 2006), Seoul, Korea (September 2006)
Xiao, X., Tao, Y.: Personalized privacy preservation. In: Proc. of the 2006 ACM SIGMOD International Conference on Management of Data (SIGMOD 2006), Chicago, IL, USA (June 2006)
Xiao, X., Tao, Y.: m-invariance: Towards privacy preserving re-publication of dynamic datasets. In: Proc. of the 2007 ACM SIGMOD International Conference on Management of Data (SIGMOD 2007), Beijing, China (June 2007)
Xiao, X., Yi, K., Tao, Y.: The hardness and approximation algorithms for ℓ-diversity. In: Proc. of the 13th International Conference on Extending Database Technology (EDBT 2010), Lausanne, Switzerland (March 2010)
Zhou, B., Han, Y., Pei, J., Jiang, B., Tao, Y., Jia, Y.: Continuous privacy preserving publishing of data streams. In: Proc. of the 12th International Conference on Extending Database Technology (EDBT 2009), Saint Petersburg, Russia (March 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
De Capitani di Vimercati, S., Foresti, S., Livraga, G., Samarati, P. (2011). Protecting Privacy in Data Release. In: Aldini, A., Gorrieri, R. (eds) Foundations of Security Analysis and Design VI. FOSAD 2011. Lecture Notes in Computer Science, vol 6858. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23082-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-23082-0_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23081-3
Online ISBN: 978-3-642-23082-0
eBook Packages: Computer ScienceComputer Science (R0)