Abstract
As far as we know, there is no good privacy metric for quantifying how privacy-efficient an anonymity system is. This paper discusses first the features needed for defining such a metric and proposes a new metric based on information theory and named DR for Discrimination Rate. The DR is the first metric enabling some fine-grained measurements down to the attribute level to quantify the attribute identification capacity with a score scaling from 0 to 1 for any given anonymity system. The DR can be easily applied in practice, thanks to the algorithms provided in the paper. The DR measurement onto attributes enables to reflect the attacker’s capacity, and to evaluate how much the attribute is able to refine the anonymity set. The formalization brought by the DR permits to give more accurate definitions of identifiers and to introduce new notions like sketchy-identifiers, zero-identifiers, and partial-identifiers. Finally, the usefulness and practical dimensions of the DR are illustrated through evaluation and comparison of the k-anonymity and l-diversity mechanisms over a dataset.
This is a preview of subscription content, log in via an institution to check access.
Access this article
We’re sorry, something doesn't seem to be working properly.
Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.
Similar content being viewed by others
Notes
Location service: service delivered through mobile platforms and based on location data.
d.r.v.: discrete random variable.
References
Chabridon S, Laborde R, Desprats T, Oglaza A, Marie P, Marquez SM (2014) A survey on addressing privacy together with quality of context for context management in the internet of things. Ann Telecommun 69 (1-2):47–62
Chokkathukalam A, Jankevics A, Creek DJ, Achcar F, Barrett MP, Breitling R (2013) mzMatch–ISO: an R tool for the annotation and relative quantification of isotope-labelled mass spectrometry data. Bioinformatics 29(2):281–283
Diaz C, Seys S, Claessens J, Preneel B (2003) Towards measuring anonymity. In: Privacy enhancing technologies. Springer, pp 54–68
Diaz C, Troncoso C, Danezis G (2007) Does additional information always reduce anonymity?. In: Proceedings of the 2007 ACM workshop on privacy in electronic society. ACM, pp 72–75
Domingo-Ferrer J, Torra V (2008) A critique of k-anonymity and some of its enhancements. In: Third international conference on availability, reliability and security ARES 08, p 2008
Ghinita G, Kalnis P, Skiadopoulos S (2007) PRIVE: anonymous location-based queries in distributed mobile systems. In: Proceedings of the 16th international conference on World Wide Web. ACM, pp 371–380
Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the 1st international conference on mobile systems, applications and services. ACM, pp 31–42
Kolmogorov A (1956) On the shannon theory of information transmission in the case of continuous signals. IRE Trans Inf Theory 4(2):102–108
Li N, Li T, Venkatasubramanian S (2007) T-closeness: privacy beyond k-anonymity and l-diversity. In: ICDE 2007. IEEE 23rd International conference on data engineering, 2007. IEEE, pp 106–115
Machanavajjhala A, Kifer D, Gehrke J, Venkitasubramaniam M (2007) l-diversity: privacy beyond k-anonymity. ACM Trans Knowl Discov Data (TKDD) 1(1):3
Pfitzmann A, Hansen M (2010) A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity and identity management
Polonetsky J, Tene O, Jerome J (2014) Benefit-risk analysis for big data projects. In: Future of privacy forum
Reiter MK, Rubin AD (1998) Crowds: anonymity for web transactions. ACM Trans Inf Syst Secur (TISSEC) 1(1):66–92
Samarati P, Sweeney L (1998) Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical report, SRI International
Serjantov A, Danezis G (2002) Towards an information theoretic metric for anonymity. In: Privacy enhancing technologies. Springer, pp 41–53
Shin KG, Ju X, Chen Z, Hu X (2012) Privacy protection for users of location-based services. IEEE Wirel Commun 19(1):30–39
Shin KG, Ju X, Chen Z, Hu X (2012) Privacy protection for users of location-based services. IEEE Wirel Commun 19(1):30–39
Singh A, Bansal D, Sofat S (2014) Privacy preserving techniques in social networks data publishing—a review. International Journal of Computer Applications, 87(15)
Tóth G, Hornák Z, Vajda F (2004) Measuring anonymity revisited. In: Proceedings of the ninth nordic workshop on secure IT systems. Espoo, Finland, pp 85–90
Wernke M, Skvortsov P, Dürr F, Rothermel K (2014) A classification of location privacy attacks and approaches. Pers Ubiquit Comput 18(1):163–175
Willenborg L, De Waal T (2012) Elements of statistical disclosure control, volume 155 Springer Science & Business Media
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Sondeck, L.P., Laurent, M. & Frey, V. Discrimination rate: an attribute-centric metric to measure privacy. Ann. Telecommun. 72, 755–766 (2017). https://doi.org/10.1007/s12243-017-0581-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-017-0581-8