ℓ-diversity: Privacy beyond k-anonymity

DMCA

ℓ-diversity: Privacy beyond k-anonymity (2006)

Cached

Download Links

by Ashwin Machanavajjhala , Daniel Kifer , Johannes Gehrke , Muthuramakrishnan Venkitasubramaniam

Venue:	IN ICDE
Citations:	671 - 13 self

BibTeX

@INPROCEEDINGS{Machanavajjhala06ℓ-diversity:privacy,
    author = {Ashwin Machanavajjhala and Daniel Kifer and Johannes Gehrke and Muthuramakrishnan Venkitasubramaniam},
    title = {ℓ-diversity: Privacy beyond k-anonymity},
    booktitle = {IN ICDE},
    year = {2006},
    publisher = {}
}

OpenURL

Abstract

Publishing data about individuals without revealing sensitive information about them is an important problem. In recent years, a new definition of privacy called k-anonymity has gained popularity. In a k-anonymized dataset, each record is indistinguishable from at least k − 1 other records with respect to certain “identifying ” attributes. In this paper we show using two simple attacks that a k-anonymized dataset has some subtle, but severe privacy problems. First, an attacker can discover the values of sensitive attributes when there is little diversity in those sensitive attributes. This kind of attack is a known problem [60]. Second, attackers often have background knowledge, and we show that k-anonymity does not guarantee privacy against attackers using background knowledge. We give a detailed analysis of these two attacks and we propose a novel and powerful privacy criterion called ℓ-diversity that can defend against such attacks. In addition to building a formal foundation for ℓ-diversity, we show in an experimental evaluation that ℓ-diversity is practical and can be implemented efficiently.

Keyphrases

sensitive attribute k-anonymized dataset new definition certain identifying attribute severe privacy problem detailed analysis important problem powerful privacy criterion experimental evaluation simple attack background knowledge little diversity formal foundation recent year sensitive information known problem

DMCA