Authors:
Yuichi Sei
and
Akihiko Ohsuga
Affiliation:
The University of Electro-Communications, Japan
Keyword(s):
Privacy, Data mining, Anonymization.
Related
Ontology
Subjects/Areas/Topics:
Data and Application Security and Privacy
;
Database Security and Privacy
;
Information and Systems Security
;
Privacy
;
Security in Information Systems
Abstract:
When a data holder wants to share databases that contain personal attributes, individual privacy needs to be
considered. Existing anonymization techniques, such as l-diversity, remove identifiers and generalize quasi-identifiers
(QIDs) from the database to ensure that adversaries cannot specify each individual’s sensitive attributes.
Usually, the database is anonymized based on one-size-fits-all measures. Therefore, it is possible
that several QIDs that a data user focuses on are all generalized, and the anonymized database has no value
for the user. Moreover, if a database does not satisfy the eligibility requirement, we cannot anonymize it by
existing methods. In this paper, we propose a new technique for l-diversity, which keeps QIDs unchanged and
randomizes sensitive attributes of each individual so that data users can analyze it based on QIDs they focus
on and does not require the eligibility requirement. Through mathematical analysis and simulations, we will
prove that
our proposed method for l-diversity can result in a better tradeoff between privacy and utility of the
anonymized database.
(More)