Microdata privacy enhancing

Removal of potentially unique IDs

Basic strategy

  • By removing potentially unique IDs we cannot link microdata items from several databases

Candidate IDs

  • Name

  • National IDs (passport, identity card, etc.)

  • Social Security ID, Tax ID, etc.

  • Phone numbers

  • Car plate numbers

Not enough!

  • A study in the States proved that 87% of its the population could be identified using a link attack using 3 non-unique attributes

    • 5-digit ZIP code, gender and birthday

Noise

Basic strategy

  • Add noise to stored data or to the result of queries

Issues

  • Privacy is achieved at the cost of integrity

Truncate

Basic strategy

  • Do not provide full data, limiting precision

Issues

  • Privacy is achieved at the cost of integrity

  • Difficult to balance usability with privacy

    • Privacy relates to the user providing information, which may not be the user accessing information

K-anonymity

Definition

  • No query can deliver an anonymity set with less than k entries

Privacy-critical attributes

  • (Unique) identifiers

  • Quasi-identifiers

    • When combined can produce unique tuples

  • Sensitive attributes

    • Potentially unique per subject

    • Disease, salary, crime committed

Implementation approaches

Suppression of quasi-identifiers

  • Simple to perform

  • Information loss

Generalization of quasi-identifiers

  • Transformation of quasi-identifiers in other ones less specific

    • e.g. 7-digit ZIP → 4-digit ZIP

    • e.g. ages w/ 1 year granularity → 5 or 10 year granularity

  • There is not a complete loss of information

    • But the generalization should not potentiate wrong data interpretations

  • We must ensure that there are at least k entries with equal generalized quasi-identifiers

Examples

Identifiers

Quasi identifiers

Sensitive attributes

K-anonymity

1st step: Remove unique identifiers

2nd step: Generalization

2-anonymity possible results

3-anonymity possible results

Sensitive attribute disclosure

Last updated