A Model for Quantifying Information Leakage

Whang, Steven Euijong; Garcia-Molina, Hector

doi:10.1007/978-3-642-32873-2_3

A Model for Quantifying Information Leakage

Steven Euijong Whang¹⁸ &
Hector Garcia-Molina¹⁸

Conference paper

723 Accesses
6 Citations

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7482))

Abstract

We study data privacy in the context of information leakage. As more of our sensitive data gets exposed to merchants, health care providers, employers, social sites and so on, there is a higher chance that an adversary can “connect the dots” and piece together a lot of our information. The more complete the integrated information, the more our privacy is compromised. We present a model that captures this privacy loss (information leakage) relative to a target person, on a continuous scale from 0 (no information about the target is known by the adversary) to 1 (adversary knows everything about the target). The model takes into account the confidence the adversary has for the gathered information (leakage is less if the adversary is not confident), as well as incorrect information (leakage is less if the gathered information does not match the target’s). We compare our information leakage model with existing privacy models, and we propose several interesting problems that can be formulated with our model. We also propose efficient algorithms for computing information leakage and evaluate their performance and scalability.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 54.99; Price excludes VAT (USA)

Softcover Book: USD 72.00; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Mishra, N., Motwani, R., Srivastava, U., Thomas, D., Widom, J., Xu, Y.: Vision paper: Enabling privacy for the paranoids. In: VLDB, pp. 708–719 (2004)
Google Scholar
Becker, J., Chen, H.: Measuring privacy risk in online social networks. In: Workshop on Web 2.0 Security (2009)
Google Scholar
Dwork, C.: Differential Privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006, Part II. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)
Chapter Google Scholar
Elmagarmid, A.K., Ipeirotis, P.G., Verykios, V.S.: Duplicate record detection: A survey. IEEE Trans. Knowl. Data Eng. 19(1), 1–16 (2007)
Article Google Scholar
ICorrect, http://www.icorrect.com/
Kent, A., Berry, M.M., Luehrs Jr., F.U., Perry, J.W.: Machine literature searching VIII. Operational criteria for designing information retrieval systems. American Documentation 6(2), 93–101 (1955)
Article Google Scholar
Krishnamurthy, B., Malandrino, D., Wills, C.E.: Measuring privacy loss and the impact of privacy protection in web browsing. In: SOUPS, pp. 52–63 (2007)
Google Scholar
Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: ICDE, pp. 106–115 (2007)
Google Scholar
Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: ICDE, vol. 24 (2006)
Google Scholar
Manning, C.D., Raghavan, P., Schtze, H.: Introduction to Information Retrieval. Cambridge University Press, New York (2008)
Book MATH Google Scholar
Rastogi, V., Hong, S., Suciu, D.: The boundary between privacy and utility in data publishing. In: VLDB, pp. 531–542 (2007)
Google Scholar
Reputation.com, http://www.reputation.com
Reza, F.M.: An Introduction to Information Theory. Dover Publications (September 1994)
Google Scholar
Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)
Article MathSciNet MATH Google Scholar
TrackMeNot, http://cs.nyu.edu/trackmenot
van Rijsbergen, C.J.: Information Retrieval, 2nd edn. Butterworths, London (1979)
Google Scholar
Whang, S.E., Garcia-Molina, H.: Managing information leakage. In: CIDR, pp. 79–84 (2011)
Google Scholar
Whang, S.E., Garcia-Molina, H.: A model for quantifying information leakage. Technical report. Stanford University, http://ilpubs.stanford.edu:8090/1007/
Yao, D., Frikken, K.B., Atallah, M.J., Tamassia, R.: Private information: To reveal or not to reveal. ACM Trans. Inf. Syst. Secur. 12(1) (2008)
Google Scholar

Download references

Author information

Authors and Affiliations

Computer Science Department, Stanford University, 353 Serra Mall, Stanford, CA, 94305, USA
Steven Euijong Whang & Hector Garcia-Molina

Authors

Steven Euijong Whang
View author publications
You can also search for this author in PubMed Google Scholar
Hector Garcia-Molina
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Faculty of Electronical Engineering, Mathematics and Computer Science, University of Twente, P.O. Box 217, 7500 AE, Enschede, The Netherlands
Willem Jonker
Phillips Research Europe, High Tech Campus 34, 5656 AE, Eindhoven, The Netherlands
Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Whang, S.E., Garcia-Molina, H. (2012). A Model for Quantifying Information Leakage. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2012. Lecture Notes in Computer Science, vol 7482. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32873-2_3

Download citation

DOI: https://doi.org/10.1007/978-3-642-32873-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32872-5
Online ISBN: 978-3-642-32873-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics