2005-134 - CERIAS Tech Report 2005-134 Privacy-Preserving...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CERIAS Tech Report 2005-134 Privacy-Preserving Distributed k-Anonymity by Christopher Clifton Center for Education and Research Information Assurance and Security Purdue University, West Lafayette, IN 47907-2086 Privacy-Preserving Distributed k-Anonymity Wei Jiang and Chris Clifton Department of Computer Science, Purdue University, West Lafayette, IN 47907 { wjiang, clifton } @cs.purdue.edu http://www.cs.purdue.edu/people/wjiang http://www.cs.purdue.edu/people/clifton Abstract. k-anonymity provides a measure of privacy protection by preventing re-identification of data to fewer than a group of k data items. While algorithms exist for producing k-anonymous data, the model has been that of a single source wanting to publish data. This paper presents a k-anonymity protocol when the data is vertically partitioned between sites. A key contribution is a proof that the protocol preserves k-anonymity between the sites: While one site may have individually identifiable data, it learns nothing that violates k-anonymity with re- spect to the data at the other site. This is a fundamentally different distributed privacy definition than that of Secure Multiparty Computa- tion, and it provides a better match with both ethical and legal views of privacy. Keywords: k-anonymity, privacy, security. 1 Introduction Privacy is an important concept in our society, and has become very vulnera- ble in these technologically advanced times. Legislation has been proposed to protect individual privacy; a key component is the protection of individually identifiable data . Many techniques have been proposed to protect privacy, such as data perturbation [1], data swapping [2], query restriction [3], secure multi- party computation (SMC) [4,5,6], etc. One challenge is relating such techniques to a privacy definition that meets legal and societal norms. Anonymous data are generally considered to be exempt from privacy rules but what does it mean for data to be anonymous? Census agencies, which have long dealt with private data, have generally found that as long as data are aggregated over a group of individuals, release does not violate privacy. k-anonymity provides a formal way of generalizing this concept. As stated in [7,8], a data record is k-anonymous if and only if it is indistinguishable in its identifying information from at least k specific records or entities. The key step in making data anonymous is to gen- eralize a specific value. For example, the ages 18 and 21 could be generalized to This material is based upon work supported by the National Science Foundation under Grant No. 0428168. S. Jajodia and D. Wijesekera (Eds.): Data and Applications Security 2005, LNCS 3654, pp. 166177, 2005....
View Full Document

This note was uploaded on 09/21/2009 for the course CS 580 taught by Professor Fdfdf during the Spring '09 term at University of Toronto- Toronto.

Page1 / 13

2005-134 - CERIAS Tech Report 2005-134 Privacy-Preserving...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online