ℓ-diversity: Privacy beyond k-anonymity

ℓ-diversity: Privacy beyond k-anonymity (2006)

Cached

Download Links

by Ashwin Machanavajjhala , Daniel Kifer , Johannes Gehrke , Muthuramakrishnan Venkitasubramaniam

Venue:	In ICDE
Citations:	294 - 8 self

BibTeX

@INPROCEEDINGS{Machanavajjhala06ℓ-diversity:privacy,
    author = {Ashwin Machanavajjhala and Daniel Kifer and Johannes Gehrke and Muthuramakrishnan Venkitasubramaniam},
    title = {ℓ-diversity: Privacy beyond k-anonymity},
    booktitle = {In ICDE},
    year = {2006}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Publishing data about individuals without revealing sensitive information about them is an important problem. In recent years, a new definition of privacy called k-anonymity has gained popularity. In a k-anonymized dataset, each record is indistinguishable from at least k − 1 other records with respect to certain “identifying ” attributes. In this paper we show using two simple attacks that a k-anonymized dataset has some subtle, but severe privacy problems. First, an attacker can discover the values of sensitive attributes when there is little diversity in those sensitive attributes. This kind of attack is a known problem [60]. Second, attackers often have background knowledge, and we show that k-anonymity does not guarantee privacy against attackers using background knowledge. We give a detailed analysis of these two attacks and we propose a novel and powerful privacy criterion called ℓ-diversity that can defend against such attacks. In addition to building a formal foundation for ℓ-diversity, we show in an experimental evaluation that ℓ-diversity is practical and can be implemented efficiently. 1.

Citations

574	A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation - Ben-Or, Goldwasser, et al. - 1988
556	Fast Algorithms for mining association rules in large databases - Agrawal, Srikant - 1994
536	K-Anonymity: a model for protecting privacy - Sweeney
366	I.: Multiparty unconditionally secure protocols - Chaum, Crépeau, et al. - 1988
350	How to play any mental game - Goldreich, Micali, et al. - 1987
264	Security-control methods for statistical databases: a comparative study - Adam, Worthmann - 1989
236	Protecting respondents identities in micro data release - Samarati
198	Limiting Privacy Breaches in Privacy Preserving Data Mining - Evfimievski, Gehrke, et al. - 2003
197	Data privacy through optimal k-anonymization - Bayardo, Agrawal - 2005
177	Incognito: Efficient full-domain kanonymity - LeFevre, DeWitt, et al. - 2005
160	Information sharing across private databases - Agrawal, Evfimievski, et al. - 2003
160	Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression - Samarati, Sweeney - 1998
159	Privacy preserving association rule mining in vertically partitioned data - Vaidya, Clifton - 2002
156	Hippocratic databases - Agrawal, Kiernan, et al. - 2002
156	R.: On the complexity of optimal k-anonymity - Meyerson, Williams - 2004
153	Algebraic algorithms for sampling from conditional distributions - Diaconis, Sturmfels - 1998
141	Revealing information while preserving privacy - DINUR, K - 2003
121	Privacy-preserving distributed mining of association rules on horizontally partitioned data - Kantarcioglu
108	Practical privacy: the SuLQ framework - Blum, Dwork, et al.
104	From statistical knowledge bases to degrees of belief - Bacchus, Grove, et al. - 1996
103	Privacy preserving data mining - Agrawal, Srikant
95	On the Privacy Preserving Properties of Random Data Perturbation Techniques - Kargupta, Datta, et al. - 2003
84	Randomized response: A survey technique for eliminating evasive answer bias - Warner - 1965
75	Controlling access to published data using cryptography - Miklau, Suciu - 2003
68	Secure Databases: Protection Against User Influence - Dobkin, Jones, et al. - 1979
66	Toward privacy in public databases - Chawla, Dwork, et al. - 2005
66	Deriving Private Information from Randomized Data - Huang, Du, et al. - 2005
65	Secure statistical databases with random sample queries - Denning - 1980
65	A formal analysis of information disclosure in data exchange - Miklau, Suciu
63	Suppression methodology and statistical disclosure control - Cox - 1980
61	Data swapping: A technique for disclosure control - Dalenius, Reiss - 1982
56	Worst-case background knowledge for privacy-preserving data publishing - Martin, Kifer, et al. - 2007
53	The Statistical Security of a Statistical Database - TRAUB, YEMINI, et al. - 1984
52	Limiting disclosure in hippocratic databases - LeFevre, Agrawal, et al. - 2004
50	A condensation approach to privacy preserving data mining - Aggarwal, Yu - 2004
44	The tracker: a threat to statistical database security - Denning, Denning - 1979
44	On the question of statistical confidentiality - Fellegi - 1972
42	Auditing boolean attributes - Kleinberg, Papadimitriou, et al. - 2000
42	Privacy preserving OLAP - Agrawal, Srikant, et al. - 2005
35	A Security Mechanism for Statistical Databases - Beck - 1980
32	Auditing compliance with a hippocratic database - Agrawal, Jr, et al. - 2004
30	Simulatable auditing - Kenthapadi, Mishra, et al. - 2005
30	Tamper Detection in Audit Logs - Snodgrass, Yao, et al. - 2004
30	Privacyenhancing k-anonymization of customer data - Zhong, Yang, et al. - 2005
29	Network models for complementary cell suppression - Cox - 1995
28	A practical approach to solve secure multi-party computation problems - Du, Zhan - 2002
27	Privacy Preserving Data Mining - Vaidya, Zhu, et al. - 2005
25	Commodity-based cryptography - Beaver - 1997
23	A Study of Several Specific Secure Two-Party Computation Problems - Du - 2001
23	Uniqueness of Simple Demographics in the U.S. Population - Sweeney - 2000