Visible to the public Anonymity

SoS Newsletter- Advanced Book Block

Anonymity


Minimizing privacy risk is one of the major problems attendant on the development of social media and hand-held smart phone technologies. K-anonymity is one main method for anonymizing data. Many of the articles cited here focus on k-anonymity to ensure privacy. Others look at elliptic keys and privacy enhancing techniques more generally. These articles were presented between January and September, 2014.

  • Wu, S.; Wang, X.; Wang, S.; Zhang, Z.; Tung, AK.H., "K-Anonymity for Crowdsourcing Database," Knowledge and Data Engineering, IEEE Transactions on , vol.26, no.9, pp.2207,2221, Sept. 2014. doi: 10.1109/TKDE.2013.93 In crowdsourcing database, human operators are embedded into the database engine and collaborate with other conventional database operators to process the queries. Each human operator publishes small HITs (Human Intelligent Task) to the crowdsourcing platform, which consists of a set of database records and corresponding questions for human workers. The human workers complete the HITs and return the results to the crowdsourcing database for further processing. In practice, published records in HITs may contain sensitive attributes, probably causing privacy leakage so that malicious workers could link them with other public databases to reveal individual private information. Conventional privacy protection techniques, such as K-Anonymity, can be applied to partially solve the problem. However, after generalizing the data, the result of standard K-Anonymity algorithms may render uncontrollable information loss and affects the accuracy of crowdsourcing. In this paper, we first study the tradeoff between the privacy and accuracy for the human operator within data anonymization process. A probability model is proposed to estimate the lower bound and upper bound of the accuracy for general K-Anonymity approaches. We show that searching the optimal anonymity approach is NP-Hard and only heuristic approach is available. The second contribution of the paper is a general feedback-based K-Anonymity scheme. In our scheme, synthetic samples are published to the human workers, the results of which are used to guide the selection on anonymity strategies. We apply the scheme on Mondrian algorithm by adaptively cutting the dimensions based on our feedback results on the synthetic samples. We evaluate the performance of the feedback-based approach on U.S. census dataset, and show that given a predefined (K) , our proposal outperforms standard K-Anonymity approaches on retaining the effectiveness- of crowdsourcing. Keywords: Crowdsourcing; Database Management; General; Information Technology and Systems; K-Anonymity; Query design and implementation languages; Security;and protection; data partition; database privacy; integrity (ID#:14-2289) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6529080&isnumber=6871455
  • Jianpei Zhang; Ying Zhao; Yue Yang; Jing Yang, "A K-anonymity Clustering Algorithm Based On The Information Entropy," Computer Supported Cooperative Work in Design (CSCWD), Proceedings of the 2014 IEEE 18th International Conference on , vol., no., pp.319,324, 21-23 May 2014. doi: 10.1109/CSCWD.2014.6846862 Data anonymization techniques are the main way to achieve privacy protection, and as a classical anonymity model, K-anonymity is the most effective and frequently-used. But the majority of K-anonymity algorithms can hardly balance the data quality and efficiency, and ignore the privacy of the data to improve the data quality. To solve the problems above, by introducing the concept of "diameter" and a new clustering criterion based on the parameter of the maximum threshold of equivalence classes, we proposed a K-anonymity clustering algorithm based on the information entropy. The results of experiments showed that both the algorithm efficiency and data security are improved, and meanwhile the total information loss is acceptable, so the proposed algorithm has some practicability in application. Keywords: data privacy; entropy; pattern clustering; security of data; K-anonymity clustering algorithm; classical anonymity model; data anonymization techniques; data efficiency; data quality improvement; data security; information entropy; maximum equivalence class threshold; privacy protection; Algorithm design and analysis; Classification algorithms; Clustering algorithms; Data security; Entropy; Information entropy; Loss measurement; K-anonymity; clustering; information entropy; privacy preserving (ID#:14-2290) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6846862&isnumber=6846800
  • Liu, J.K.; Man Ho Au; Susilo, W.; Jianying Zhou, "Linkable Ring Signature with Unconditional Anonymity," Knowledge and Data Engineering, IEEE Transactions on, vol.26, no.1, pp.157,165, Jan. 2014. doi: 10.1109/TKDE.2013.17 In this paper, we construct a linkable ring signature scheme with unconditional anonymity. It has been regarded as an open problem in [22] since 2004 for the construction of an unconditional anonymous linkable ring signature scheme. We are the first to solve this open problem by giving a concrete instantiation, which is proven secure in the random oracle model. Our construction is even more efficient than other schemes that can only provide computational anonymity. Simultaneously, our scheme can act as an counterexample to show that [19, Theorem 1] is not always true, which stated that linkable ring signature scheme cannot provide strong anonymity. Yet we prove that our scheme can achieve strong anonymity (under one of the interpretations). Keywords: cryptography; digital signatures; computational anonymity ;random oracle model; unconditional anonymity; unconditional anonymous linkable ring signature scheme; Adaptive systems; Electronic voting; Games; Indexes; Mathematical model; Public key; Ring signature; anonymity; linkable (ID#:14-2291) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6420832&isnumber=6674933
  • Ren-Hung Hwang; Fu-Hui Huang, "SocialCloaking: A Distributed Architecture For K-Anonymity Location Privacy Protection," Computing, Networking and Communications (ICNC), 2014 International Conference on , vol., no., pp.247,251, 3-6 Feb. 2014. doi: 10.1109/ICCNC.2014.6785340 As location information becomes commonly available in smart phones, applications of Location Based Service (LBS) has also become very popular and are widely used by smart phone users. Since the query of LBS contains user's location, it raises a privacy concern of exposure of user's location. K-anonymity is a commonly adopted technique for location privacy protection. In the literature, a centralized architecture which consists of a trusted anonymity server is widely adopted. However, this approach exhibits several apparent weaknesses, such as single point of failure, performance bottleneck, serious security threats, and not trustable to users, etc. In this paper, we re-examine the location privacy protection problem in LBS applications. We first provide an overview of the problem itself, to include types of query, privacy protection methods, adversary models, system architectures, and their related works in the literature. We then discuss the challenges of adopting a distributed architecture which does not need to set up a trusted anonymity server and propose a solution by combining unique features of structured peer-to-peer architecture and trust relationships among users of their on-line social networking relations. Keywords: data privacy; mobile computing; query processing; social networking (online);trusted computing; K-anonymity location privacy protection; LBS query; SocialCloaking; adversary model; centralized architecture; distributed architecture; failure point; location information; location-based service; on-line social networking relation; security threat; smart phones; structured peer-to-peer architecture; system architecture;trust relationship; trusted anonymity server; user location; Computer architecture; Mobile communication; Mobile handsets; Peer-to-peer computing; Privacy; Servers; Trajectory; Distributed Anonymity Server Architecture; Location Based Service; Location Privacy; Peer-to-Peer; Social Networking (ID#:14-2292) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6785340&isnumber=6785290
  • Shinganjude, R.D.; Theng, D.P., "Inspecting the Ways of Source Anonymity in Wireless Sensor Network," Communication Systems and Network Technologies (CSNT), 2014 Fourth International Conference on, pp.705,707, 7-9 April 2014. doi: 10.1109/CSNT.2014.148 Sensor networks mainly deployed to monitor and report real events, and thus it is very difficult and expensive to achieve event source anonymity for it, as sensor networks are very limited in resources. Data obscurity i.e. the source anonymity problem implies that an unauthorized observer must be unable to detect the origin of events by analyzing the network traffic; this problem has emerged as an important topic in the security of wireless sensor networks. This work inspects the different approaches carried for attaining the source anonymity in wireless sensor network, with variety of techniques based on different adversarial assumptions. The approach meeting the best result in source anonymity is proposed for further improvement in the source location privacy. The paper suggests the implementation of most prominent and effective LSB Steganography technique for the improvement. Keywords: steganography; telecommunication traffic; wireless sensor networks ;LSB steganography technique; adversarial assumptions; event source anonymity; network traffic; source location privacy; wireless sensor networks; Communication systems; Wireless sensor network; anonymity; coding theory; persistent dummy traffic; statistical test; steganography (ID#:14-2293) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6821490&isnumber=6821334
  • Sabra, Z.; Artail, H., "Preserving Anonymity And Quality Of Service For VOIP Applications Over Hybrid Networks," Mediterranean Electrotechnical Conference (MELECON), 2014 17th IEEE , vol., no., pp.421,425, 13-16 April 2014. doi: 10.1109/MELCON.2014.6820571 In this work we seek to achieve VoIP end users' profile privacy without violating the QoS constraints on the throughput, end to end delay, and jitter, as these parameters are the most sensitive factors in multimedia applications. We propose an end-to-end user anonymity design that takes into consideration these constraints in a hybrid environment that involves ad-hoc and infrastructure networks. Using clusterheads for communication, and encryption of RTP payload, we prove using analysis and OPNET simulations, that our model can be easily integrated to present network infrastructures. Keywords: Internet telephony; cryptography; jitter; quality of service; OPNET simulations; QoS constraints; RTP payload; VoIP applications; anonymity preservation; encryption; end to end delay; hybrid networks; jitter; quality of service; Authentication; Conferences; Cryptography; Delays; Privacy; Protocols; Quality of service; Anonymity; Multimedia; QoS; VoIP; WLAN (ID#:14-2294) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6820571&isnumber=6820492
  • Liping Zhang; Shanyu Tang; Zhihua Cai, "Robust and Efficient Password Authenticated Key Agreement With User Anonymity For Session Initiation Protocol-Based Communications," Communications, IET , vol.8, no.1, pp.83,91, Jan. 3 2014. doi: 10.1049/iet-com.2012.0783 A suitable key agreement protocol plays an essential role in protecting the communications over open channels among users using voice over Internet protocol (VoIP). This study presents a robust and flexible password authenticated key agreement protocol with user anonymity for session initiation protocol (SIP) used by VoIP communications. Security analysis demonstrates that the proposed protocol enjoys many unique properties, such as user anonymity, no password table, session key agreement, mutual authentication, password updating freely, conveniently revoking lost smartcards and so on. Furthermore, the proposed protocol can resist the replay attack, the impersonation attack, the stolen-verifier attack, the man-in-middle attack, the Denning-Sacco attack and the offline dictionary attack with or without smartcards. Finally, the performance analysis shows that the protocol is more suitable for practical application in comparison with other related protocols. Keywords: Internet telephony; computer network security; cryptographic protocols; private key cryptography; public key cryptography; signaling protocols; Denning-Sacco attack; SIP; VoIP communications; flexible password authenticated key agreement protocol; impersonation attack; man-in-middle attack; offline dictionary attack; replay attack; security analysis; session initiation protocol-based communications; smartcards; stolen-verifier attack; user anonymity; voice over Internet protocol (ID#:14-2295) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6711996&isnumber=6711983
  • Burke, M.-J.; Kayem, AV.D.M., "K-Anonymity for Privacy Preserving Crime Data Publishing in Resource Constrained Environments," Advanced Information Networking and Applications Workshops (WAINA), 2014 28th International Conference on , vol., no., pp.833,840, 13-16 May 2014. doi: 10.1109/WAINA.2014.131 Mobile crime report services have become a pervasive approach to enabling community-based crime reporting (CBCR) in developing nations. These services hold the advantage of facilitating law enforcement when resource constraints make using standard crime investigation approaches challenging. However, CBCRs have failed to achieve widespread popularity in developing nations because of concerns for privacy. Users are hesitant to make crime reports with out strong guarantees of privacy preservation. Furthermore, oftentimes lack of data mining expertise within the law enforcement agencies implies that the reported data needs to be processed manually which is a time-consuming process. In this paper we make two contributions to facilitate effective and efficient CBCR and crime data mining as well as to address the user privacy concern. The first is a practical framework for mobile CBCR and the second, is a hybrid k-anonymity algorithm to guarantee privacy preservation of the reported crime data. We use a hierarchy-based generalization algorithm to classify the data to minimize information loss by optimizing the nodal degree of the classification tree. Results from our proof-of-concept implementation demonstrate that in addition to guaranteeing privacy, our proposed scheme offers a classification accuracy of about 38% and a drop in information loss of nearly 50% over previous schemes when compared on various sizes of datasets. Performance-wise we observe an average improvement of about 50ms proportionate to the size of the dataset. Keywords: criminal law; data mining; data privacy; generalisation (artificial intelligence);mobile computing; pattern classification; CBCR; classification accuracy; classification tree; community-based crime reporting; crime data mining; crime investigation approach; hierarchy-based generalization algorithm k-anonymity; law enforcement; mobile crime report services; pervasive approach; privacy preserving crime data publishing; resource constrained environment; user privacy concern; Cloud computing; Data privacy; Encryption; Law enforcement; Mobile communication; Privacy; Anonymity; Developing Countries; Encryption; Information Loss; Public/Private Key Cryptography; Resource Constrained Environments (ID#:14-2296) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6844743&isnumber=6844560
  • Sharma, V., "Methods For Privacy Protection Using K-Anonymity," Optimization, Reliability, and Information Technology (ICROIT), 2014 International Conference on, vol., no., pp.149,152, 6-8 Feb. 2014. doi: 10.1109/ICROIT.2014.6798301 Large amount of data is produced in electronic form by various governmental and nongovernmental organizations. This data also has information related to specific individual. Information related to specific individual needs to be protected, so that it may not harm the privacy. Moreover sensitive information related to organization also needs to be protected. Data is released from various organizations as it is demanded by researchers and data mining companies to develop newer and better methods for finding patterns and trends. Any organization who wished to release data has two goals, one is to release the data as close as possible to the original form and second to protect the privacy of individuals and sensitive information from being released. K-anonymity has been used as successful technique in this regard. This method provides a guarantee that released data is at least k-anonymous. Various methods have been suggested to achieve k-anonymity for the given dataset. I categories these methods into four main domains based on the principle these are based and methods they are applying to achieve k-anonymous data. These methods have their respective advantages and disadvantages relating to loss of information, feasibility in real world and suitability to the number of tuples in the dataset. Keywords: data mining; data protection; data mining; data privacy protection; governmental organizations; information loss; k-anonymous data; nongovernmental organizations; Computers; Data privacy; Diseases; Hypertension; Anonymity; generalization; privacy (ID#:14-2297) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6798301&isnumber=6798279
  • Ma, R.; Rath, H.K.; Balamuralidhar, P., "Design of a Mix Network Using Connectivity Index -- A Novel Privacy Enhancement Approach," Advanced Information Networking and Applications Workshops (WAINA), 2014 28th International Conference on, pp.512, 517, 13-16 May 2014. doi: 10.1109/WAINA.2014.86 Privacy Enhancing Techniques (PET) are key to the success in building the trust among the users of the digital world. Enhancing the communication privacy is getting attention nowadays. In this direction, anonymity schemes such as mix, mix networks, onion routing, crowds etc., have started in roads into the deployment at individual and community network levels. To measure the effectiveness and accuracy of such schemes, degree of anonymity is proposed as a privacy metric in literature. To measure the degree of anonymity, many empirical techniques are proposed. We observe that these techniques are computationally intensive and are infeasible for real-time requirements and thus may not be suitable to measure the degree of anonymity under the dynamic changes in the configuration of the network in real-time. In this direction, we propose a novel lightweight privacy metric to measure the degree of anonymity for mix, mix networks and their variants using graph theoretic approach based on Connectivity Index (CI). Further, we also extend this approach with Weighted Connectivity Index (WCI) and have demonstrated the usefulness of the metric through analytical analysis. Keywords: data privacy; graph theory; anonymity schemes; communication privacy; crowds; digital world; graph theoretic approach; lightweight privacy metric; mix network design; mix networks; onion routing; privacy enhancing techniques; real-time requirements; user trust; weighted connectivity index; Algorithm design and analysis; Complexity theory ;Indexes; Measurement; Ports (Computers); Privacy; Real-time systems; Anonymity; Connectivity Index; Mix; Mix Network; Privacy (ID#:14-2298) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6844688&isnumber=6844560
  • Pervaiz, Z.; Aref, W.G.; Ghafoor, A; Prabhu, N., "Accuracy-Constrained Privacy-Preserving Access Control Mechanismfor Relational Data," Knowledge and Data Engineering, IEEE Transactions on , vol.26, no.4, pp.795,807, April 2014. doi: 10.1109/TKDE.2013.71 Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized user can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization of relational data to anonymize and satisfy privacy requirements, e.g., k-anonymity and l-diversity, against identity and attribute disclosure. However, privacy is achieved at the cost of precision of authorized information. In this paper, we propose an accuracy-constrained privacy-preserving access control framework. The access control policies define selection predicates available to roles while the privacy requirement is to satisfy the k-anonymity or l-diversity. An additional constraint that needs to be satisfied by the PPM is the imprecision bound for each selection predicate. The techniques for workload-aware anonymization for selection predicates have been discussed in the literature. However, to the best of our knowledge, the problem of satisfying the accuracy constraints for multiple roles has not been studied before. In our formulation of the aforementioned problem, we propose heuristics for anonymization algorithms and show empirically that the proposed approach satisfies imprecision bounds for more permissions and has lower total imprecision than the current state of the art. Keywords: authorisation; data protection; query processing; relational databases; PPM; access control policies; accuracy constraints; accuracy-constrained privacy-preserving access control mechanism; anonymization algorithms; attribute disclosure; authorized information precision; authorized user; empirical analysis; identity disclosure; imprecision bound; imprecision bounds; k-anonymity ;l-diversity; person privacy; privacy protection mechanism; privacy requirement anonymization; privacy requirement satisfaction; query processing; relational data generalization; relational data suppression; selection predicates; sensitive information protection; sensitive information sharing; unauthorized users; workload-aware anonymization; $k$ -anonymity; Access control; privacy; query evaluation (ID#:14-2299) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6512493&isnumber=6777369
  • Zakhary, S.; Radenkovic, M.; Benslimane, A, "Efficient Location Privacy-Aware Forwarding in Opportunistic Mobile Networks," Vehicular Technology, IEEE Transactions on , vol.63, no.2, pp.893,906, Feb. 2014. doi: 10.1109/TVT.2013.2279671 This paper proposes a novel fully distributed and collaborative k-anonymity protocol (LPAF) to protect users' location information and ensure better privacy while forwarding queries/replies to/from untrusted location-based service (LBS) over opportunistic mobile networks (OppMNets). We utilize a lightweight multihop Markov-based stochastic model for location prediction to guide queries toward the LBS's location and to reduce required resources in terms of retransmission overheads. We develop a formal analytical model and present theoretical analysis and simulation of the proposed protocol performance. We further validate our results by performing extensive simulation experiments over a pseudorealistic city map using map-based mobility models and using real-world data trace to compare LPAF to existing location privacy and benchmark protocols. We show that LPAF manages to keep higher privacy levels in terms of k-anonymity and quality of service in terms of success ratio and delay, as compared with other protocols, while maintaining lower overheads. Simulation results show that LPAF achieves up to an 11% improvement in success ratio for pseudorealistic scenarios, whereas real-world data trace experiments show up to a 24% improvement with a slight increase in the average delay. Keywords: Markov processes; mobile ad hoc networks; mobility management (mobile radio);protocols; quality of service; telecommunication security ;LBS; LPAF; OppMNets; benchmark protocols; collaborative k-anonymity protocol; lightweight multihop Markov-based stochastic model; location prediction; location privacy-aware forwarding; location-based service; map-based mobility models; opportunistic mobile networks; pseudorealistic city map; quality of service; retransmission overhead; success ratio; Analytical models; Delays; Equations; Markov processes; Mathematical model; Privacy; Protocols; Anonymity; distributed computing; location privacy; mobile ad hoc network (ID#:14-2300) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6587139&isnumber=6739143
  • Banerjee, D.; Bo Dong; Biswas, S.; Taghizadeh, M., "Privacy-Preserving Channel Access Using Blindfolded Packet Transmissions," Communication Systems and Networks (COMSNETS), 2014 Sixth International Conference on, pp.1,8, 6-10 Jan. 2014. doi: 10.1109/COMSNETS.2014.6734887 This paper proposes a novel wireless MAC-layer approach towards achieving channel access anonymity. Nodes autonomously select periodic TDMA-like time-slots for channel access by employing a novel channel sensing strategy, and they do so without explicitly sharing any identity information with other nodes in the network. An add-on hardware module for the proposed channel sensing has been developed and the proposed protocol has been implemented in Tinyos-2.x. Extensive evaluation has been done on a test-bed consisting of Mica2 hardware, where we have studied the protocol's functionality and convergence characteristics. The functionality results collected at a sniffer node using RSSI traces validate the syntax and semantics of the protocol. Experimentally evaluated convergence characteristics from the Tinyos test-bed were also found to be satisfactory. Keywords: data privacy; time division multiple access; wireless channels; wireless sensor networks;Mica2 hardware;RSSI;Tinyos-2x test-bed implementation; add-on hardware module; blindfolded packet transmission; channel sensing strategy; periodic TDMA-Iike time-slot; privacy-preserving channel access anonymity; protocol; wireless MAC-layer approach; Convergence; Cryptography; Equations; Google; Heating; Interference; Noise; Anonymity; MAC protocols; Privacy; TDMA (ID#:14-2301) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6734887&isnumber=6734849
  • Ullah, R.; Nizamuddin; Umar, AI; ul Amin, N., "Blind Signcryption Scheme Based On Elliptic Curves," Information Assurance and Cyber Security (CIACS), 2014 Conference on , vol., no., pp.51,54, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861332 In this paper blind signcryption using elliptic curves cryptosystem is presented. It satisfies the functionalities of Confidentiality, Message Integrity, Unforgeability, Signer Non-repudiation, Message Unlink-ability, Sender anonymity and Forward Secrecy. The proposed scheme has low computation and communication overhead as compared to existing blind Signcryption schemes and best suited for mobile phone voting and m-commerce. Keywords: public key cryptography; blind signcryption scheme; communication overhead;confidentiality; elliptic curves cryptosystem; forward secrecy; m-commerce; message integrity; message unlink-ability; mobile phone voting; sender anonymity; signer nonrepudiation; unforgeability; Digital signatures; Elliptic curve cryptography; Elliptic curves; Equations; Mobile handsets; Anonymity; Blind Signature; Blind Signcryption; (ID#:14-2302) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861332&isnumber=6861314
  • Perez-Gonzalez, F.; Troncoso, C.; Oya, S., "A Least Squares Approach to the Static Traffic Analysis of High-Latency Anonymous Communication Systems," Information Forensics and Security, IEEE Transactions on , vol.9, no.9, pp.1341,1355, Sept. 2014. doi: 10.1109/TIFS.2014.2330696 Mixes, relaying routers that hide the relation between incoming and outgoing messages, are the main building block of high-latency anonymous communication networks. A number of so-called disclosure attacks have been proposed to effectively deanonymize traffic sent through these channels. Yet, the dependence of their success on the system parameters is not well-understood. We propose the least squares disclosure attack (LSDA), in which user profiles are estimated by solving a least squares problem. We show that LSDA is not only suitable for the analysis of threshold mixes, but can be easily extended to attack pool mixes. Furthermore, contrary to previous heuristic-based attacks, our approach allows us to analytically derive expressions that characterize the profiling error of LSDA with respect to the system parameters. We empirically demonstrate that LSDA recovers users' profiles with greater accuracy than its statistical predecessors and verify that our analysis closely predicts actual performance. Keywords: cryptography; least squares approximations ;LSDA; cryptographic means; disclosure attacks; high-latency anonymous communication systems ;least squares disclosure attack; pool mixes; static traffic analysis; statistical predecessors; Accuracy; Bayes methods; Estimation; Least squares approximations; Random variables; Receivers; Vectors; Anonymity; disclosure attacks; mixes (ID#:14-2304) URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6832564&isnumber=6867417
  • Fouad, M.R.; Elbassioni, K.; Bertino, E., "A Supermodularity-Based Differential Privacy Preserving Algorithm for Data Anonymization," Knowledge and Data Engineering, IEEE Transactions on , vol.26, no.7, pp.1591,1601, July 2014. doi: 10.1109/TKDE.2013.107 Maximizing data usage and minimizing privacy risk are two conflicting goals. Organizations always apply a set of transformations on their data before releasing it. While determining the best set of transformations has been the focus of extensive work in the database community, most of this work suffered from one or both of the following major problems: scalability and privacy guarantee. Differential Privacy provides a theoretical formulation for privacy that ensures that the system essentially behaves the same way regardless of whether any individual is included in the database. In this paper, we address both scalability and privacy risk of data anonymization. We propose a scalable algorithm that meets differential privacy when applying a specific random sampling. The contribution of the paper is two-fold: 1) we propose a personalized anonymization technique based on an aggregate formulation and prove that it can be implemented in polynomial time; and 2) we show that combining the proposed aggregate formulation with specific sampling gives an anonymization algorithm that satisfies differential privacy. Our results rely heavily on exploring the supermodularity properties of the risk function, which allow us to employ techniques from convex optimization. Through experimental studies we compare our proposed algorithm with other anonymization schemes in terms of both time and privacy risk. Keywords: data privacy; optimisation; convex optimization; data anonymization; data usage maximization; database community; privacy risk; privacy risk minimization; random sampling; scalability risk; supermodularity-based differential privacy preserving algorithm; Aggregates; Communities; Data privacy; Databases; Privacy; Scalability; Security; Data; Data sharing; Database Management; Database design; Differential privacy; General ;Information Storage and Retrieval; Information Technology and Systems; Knowledge and data engineering tools and techniques; Online Information Services; Security; and protection; anonymity; data sharing; data utility; integrity; modeling and management; risk management; scalability; security (ID#:14-2305) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6709680&isnumber=6851230


Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.