Abstract
We study data privacy in the context of information leakage. As more of our sensitive data gets exposed to merchants, health care providers, employers, social sites and so on, there is a higher chance that an adversary can “connect the dots” and piece together a lot of our information. The more complete the integrated information, the more our privacy is compromised. We present a model that captures this privacy loss (information leakage) relative to a target person, on a continuous scale from 0 (no information about the target is known by the adversary) to 1 (adversary knows everything about the target). The model takes into account the confidence the adversary has for the gathered information (leakage is less if the adversary is not confident), as well as incorrect information (leakage is less if the gathered information does not match the target’s). We compare our information leakage model with existing privacy models, and we propose several interesting problems that can be formulated with our model. We also propose efficient algorithms for computing information leakage and evaluate their performance and scalability.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Mishra, N., Motwani, R., Srivastava, U., Thomas, D., Widom, J., Xu, Y.: Vision paper: Enabling privacy for the paranoids. In: VLDB, pp. 708–719 (2004)
Becker, J., Chen, H.: Measuring privacy risk in online social networks. In: Workshop on Web 2.0 Security (2009)
Dwork, C.: Differential Privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006, Part II. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)
Elmagarmid, A.K., Ipeirotis, P.G., Verykios, V.S.: Duplicate record detection: A survey. IEEE Trans. Knowl. Data Eng. 19(1), 1–16 (2007)
ICorrect, http://www.icorrect.com/
Kent, A., Berry, M.M., Luehrs Jr., F.U., Perry, J.W.: Machine literature searching VIII. Operational criteria for designing information retrieval systems. American Documentation 6(2), 93–101 (1955)
Krishnamurthy, B., Malandrino, D., Wills, C.E.: Measuring privacy loss and the impact of privacy protection in web browsing. In: SOUPS, pp. 52–63 (2007)
Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: ICDE, pp. 106–115 (2007)
Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: ICDE, vol. 24 (2006)
Manning, C.D., Raghavan, P., Schtze, H.: Introduction to Information Retrieval. Cambridge University Press, New York (2008)
Rastogi, V., Hong, S., Suciu, D.: The boundary between privacy and utility in data publishing. In: VLDB, pp. 531–542 (2007)
Reputation.com, http://www.reputation.com
Reza, F.M.: An Introduction to Information Theory. Dover Publications (September 1994)
Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)
TrackMeNot, http://cs.nyu.edu/trackmenot
van Rijsbergen, C.J.: Information Retrieval, 2nd edn. Butterworths, London (1979)
Whang, S.E., Garcia-Molina, H.: Managing information leakage. In: CIDR, pp. 79–84 (2011)
Whang, S.E., Garcia-Molina, H.: A model for quantifying information leakage. Technical report. Stanford University, http://ilpubs.stanford.edu:8090/1007/
Yao, D., Frikken, K.B., Atallah, M.J., Tamassia, R.: Private information: To reveal or not to reveal. ACM Trans. Inf. Syst. Secur. 12(1) (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Whang, S.E., Garcia-Molina, H. (2012). A Model for Quantifying Information Leakage. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2012. Lecture Notes in Computer Science, vol 7482. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32873-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-32873-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32872-5
Online ISBN: 978-3-642-32873-2
eBook Packages: Computer ScienceComputer Science (R0)