Abstract
As a privacy-preserving microdata publication model, K-Anonymity has some application limits, such as (1) it cannot satisfy the individual-defined k mechanism requirement, and (2) it is attached with a certain extent potential privacy disclosure risk on published microdata, i.e. existing high-probability inference violations under some prior knowledge on k-anonymized microdata that can surely result in personal private information disclosure. We propose the (k, ℓ)-anonymity model with data generalization approach to support more flexible and anti-inference k-anonymization on a tabular microdata, where k indicates the anonymization level of an identifying attribute cluster and ℓ refers to the diversity level of a sensitive attribute cluster on a record. Within the model, k and ℓ are designed on each record and they can be defined subjectively by the corresponding individual. Beside, the model can prevent two kinds of inference attacks for microdata publication, (1) inferring identifying attributes values when their value domains are known; (2) inferring sensitive attributes values with respect to some value associations in the microdata. Further, we propose an algorithm to describe the k-anonymization process in the model. Finally, we take a scenario to illustrate its feasibility, flexibility, and generality.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aggarwal, G., Feder, T., et al.: Anonymizing tables for privacy protection (2004), Available: http://theory.standford.edu/~rajeev/privacy.html
Aggarwal, G., Feder, T., et al.: Approximation algorithms for k-anonymity. Journal of Privacy Technology (November 2005)
Dalenius, T., Reiss, S.: Data swapping: A technique for disclosure control. Journal of Statistical Planning and Inference 6 (1982)
Duncan, G.T., Feinberg, S.E.: Obtaining information while preserving privacy: A markov perturbation method for tabular data. Joint Statistical Meetings (1997)
Fung, B.C.M., Wang, K., Yu, P.S.: Top-down specialization for information and privacy protection. In: Proc. of ICDE 2006 (2006)
Jajodia, S., Sandhu, R.S.: Toward a multilevel secure relational data model. In: Proc. of SIGMOD 1991, pp. 50–59 (1991)
Bayardo, R.J., Agrawal, R.: Data privacy through optimal k-anonymization. In: Proc. of ICDE 2005 (2005)
LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Multidimensional k-anonymity. Technical Report, Available: http://www.cs.wisc.edu/techreports/2005/
Lefevre, K., DeWitt, D.J., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: Proc. of SIGMOD 2005 (2005)
Li, Z., Zhan, G., Ye, X.: Towards a More Reasonable Generalization Cost Metric for K-Anonymization. In: Bell, D.A., Hong, J. (eds.) BNCOD 2006. LNCS, vol. 4042, pp. 258–261. Springer, Heidelberg (2006)
Lyengar, V.S.: Transforming data to satisfying privacy constraints. In: Proc. of SIGKDD 2002 (2002)
Machanavajjhala, A., Gehrke, J., Kifer, D.: ℓ-diversity: Privacy beyond k-anonymity. In: Proc. of ICDE 2006 (2006)
Meyerson, A., Williams, R.: On the complexity of optimal k-anonymity. In: Proc. of PODS 2004, France (2004)
Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: SIDMOD 2004 (June 2004)
Samarati, P., Sweeney, L.: Protecting privacy when disclosing information: K-anonymity and its enforcement through generalization and suppression. Technical Report, SRI Computer Science Lab. (1998)
Sandhu, R., Chen, F.: The multilevel relational (mlr) data model. ACM Transactions on Information and System Security 1(1), 93–132 (1998)
Sweeney, L.: Guaranteeing anonymity when sharing medical data, the datafly system. Journal of the American Medical Informatics Association (1997)
Sweeney, L.: Achieving k-anonymity privacy protection using generalization and suppression. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10(5), 571–588 (2002)
Sweeney, L.: K-anonymity: A model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10(5), 557–570 (2002)
won Byun, J., Bertino, E.: Vison paper: Micro-views, or how to protect privacy while enhancing data usability. SIGMOD Record (March 2005)
won Byun, J., Bertino, E., Li, N.: Purpose-based access control of complex data for privacy protection. In: Proc. of SACMAT 2005, Stockholm, Sweden (June 2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Z., Zhan, G., Ye, X. (2006). Towards an Anti-inference (K, ℓ)-Anonymity Model with Value Association Rules. In: Bressan, S., Küng, J., Wagner, R. (eds) Database and Expert Systems Applications. DEXA 2006. Lecture Notes in Computer Science, vol 4080. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11827405_86
Download citation
DOI: https://doi.org/10.1007/11827405_86
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-37871-6
Online ISBN: 978-3-540-37872-3
eBook Packages: Computer ScienceComputer Science (R0)