Abstract
Privacy-preserving data publishing (PPDP) has become one of the hot topics in the field of networksecurity. The existing privacy-preserving work cannot deal with vulnerability in sensitivity, under which anattacker can effectively infer the victim’s sensitivity of the sensitive value with limited knowledge. In thispaper, we propose a novel privacy model, (V,L)-anonymity, to avoid sensitivity vulnerability while having thecapabilities of the existing PPDP models. This model considers the difference among sensitive values (SV)and applies SV classification, named as sensitivity levels. The model can be applied not only to the singleattribute, but also to multiple sensitive attributes situation. We use (l1, l2)-diversity to validate the capabilityof our model theoretically. We carry out extensive experiments to verify the improvement on effectiveness andefficiency. Furthermore, we present a Levels of Sensitive Values (LSV) measure to calculate the sensitivity level.
创新点
文章提出了一个新的隐私模型匿名, 在拥有现有隐私模型能力的同时, 解决了隐私泄露这一威胁。文章考虑了敏感值的差异并对敏感值分类, 称为敏感级。模型不仅适用于单个敏感属性, 而且适用于多敏感属性的情形。实验验证了模型的改进是有效且高效的。此外, 提出了一种敏感值级别测量方法以计算敏感级。
Similar content being viewed by others
References
Yang X C, Wang B, Yu G. Efficient secure data publishing algorithms for supporting information sharing. Sci China Ser-F: Inf Sci, 2009, 52: 627–644
Fung B C M, Wang K, Chen R, et al. Privacy-preserving data publishing: A survey of recent developments. ACM Comput Surv, 2010, 42: 1–53
Huang X Z, Liu J Q, Han Z, et al. A new anonymity model for privacy-preserving data publishing. China Commun, 2014, 11: 47–59
Zakerzadeh H, Osborn H. Delay-sensitive approaches for anonymizing numerical streaming data. Inter J Inf Secur, 2013, 12: 423–437
Samarati P, Sweeney L. Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. SRI Computer Science Laboratory Technical Report SRI-CSL-98-04, 1998
Samarati P. Protecting respondents’ identities in microdata release. IEEE Trans Knowl Data Eng, 2001, 13: 1010–1027
Sweeney L. k-anonymity: a model for protecting privacy. Int J Uncertainty Fuzziness Knowl-Based Syst, 2002, 10: 557–570
Machanavajjhala A, Gehrke J, Kifer D, et al. l-diversity: privacy beyond k-anonymity. In: Proceedings of 2013 IEEE 29th International Conference on Data Engineering, Atlanta, 2013. 24
Li N H, Li T C, Venkatasubramanian S. t-closeness: privacy beyond k-anonymity and l-diversity. In: Proceedings of IEEE 23rd International Conference on Data Engineering, Istanbul, 2007. 106–115
Dwork C. Differential privacy. In: Prodeedings of the 33rd International Colloquium on Automata, Languages and Programming, Venice, 2006. 1–12
Wong R C, Li J Y, Fu A W, et al. (a, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing. In: Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York: ACM, 2006. 754–759
Zhang Q, Koudas N, Srivastava D, et al. Aggregate query answering on anonymized tables. In: Proceedings of IEEE 23rd International Conference on Data Engineering, Istanbul, 2007. 116–125
Li J X, Tao Y F, Xiao X K. Preservation of proximity privacy in publishing numerical sensitive data. In: Proceedings of the 2008 ACM SIGMOD International Conference on Management of Data. New York: ACM, 2008. 473–486
Li N H, Li T C, Venkatasubramanian S. Closeness: a new privacy measure for data publishing. IEEE Trans Knowl Data Eng, 2010, 22: 943–956
Cao J N, Karras P, Kalnis P, et al. Sabre: a sensitive attribute bucketization and redistribution framework for t-closeness. VLDB J, 2011, 20: 59–81
Cao J N, Karras P. Publishing microdata with a robust privacy guarantee. In: Proceedings of the 38th Intermational Conference on Very Large Data Bases, Istanbul, 2012. 1388–1399
Ye Y, Liu Y, Wang C, et al. Decomposition: privacy preservation for multiple sensitive attributes. In: Proceedings of the 14th International Conference on Database Systems for Advanced Applications. Berlin: Springer, 2009: 486–490
Gal T S, Chen Z Y, Gangopadhyay A. A privacy protection model for patient data with multiple sensitive attributes. Int J Inf Secur Priv, 2008, 2: 28–44
Abdalaal A, Nergiz M E, Saygin Y. Privacy-preserving publishing of opinion polls. Comput Secur, 2013, 37: 143–154
Xiao X K, Tao Y F. Personalized privacy preservation. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data. New York: ACM, 2006. 229–240
Cao J N, Carminati B, Ferrari E, et al. Castle: continuously anonymizing data streams. IEEE Trans Dependable Secur Comput, 2011, 8: 337–352
Ghinita G, Karras P, Kalnis P, et al. Fast data anonymization with low information loss. In: Proceedings of the 33rd International Conference on Very Large Data Bases, Vienna, 2007. 758–769
le Fevre K, de Witt D J, Ramakrishnan R. Incognito: efficient full-domain k-anonymity. In: Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data. New York: ACM, 2005. 49–60
Cheng Q S. Attribute recognition theoretical model with application. Acta Sci Naturalium Univ Pekinensis, 1997, 33: 12–20
Fang Y, Ashrafi M Z, Ng S K. Privacy beyond single sensitive attribute. In: Proceedings of the 22nd International Conference on Database and Expert Systems Applications. Berlin: Springer, 2011. 187–201
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Huang, X., Liu, J., Han, Z. et al. Privacy beyond sensitive values. Sci. China Inf. Sci. 58, 1–15 (2015). https://doi.org/10.1007/s11432-014-5232-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-014-5232-3