How Appropriate is K-Anonymity for Addressing the Conflict Between Privacy and Information Utility in Microdata ASnonymisation
نویسندگان
چکیده
Before statistical data, such as microdata, can be released to the public, it needs to be anonymised. Anonymisation protects the privacy of the individuals whose data is released. However, as microdata is anonymised, its level of privacy increases, while its level of information utility decreases. K-anonymity is often used to address the conflict between privacy and information utility in microdata anonymisation. In this paper, we determine the extent to which k-anonymity is appropriate for addressing this conflict. We argue that the way in which k-anonymity is currently used to address this conflict does not necessarily lead to an optimum balance between privacy and information utility. We also provide recommendations for an appropriate solution for addressing the conflict between privacy and information utility.
منابع مشابه
Improved Univariate Microaggregation for Integer Values
Privacy issues during data publishing is an increasing concern of involved entities. The problem is addressed in the field of statistical disclosure control with the aim of producing protected datasets that are also useful for interested end users such as government agencies and research communities. The problem of producing useful protected datasets is addressed in multiple computational priva...
متن کاملP-Sensitive K-Anonymity with Generalization Constraints
Numerous privacy models based on the k‐anonymity property and extending the k‐anonymity model have been introduced in the last few years in data privacy re‐ search: l‐diversity, p‐sensitive k‐anonymity, (α, k) – anonymity, t‐closeness, etc. While differing in their methods and quality of their results, they all focus first on masking the data, and then protecting the quality of the data as a wh...
متن کاملAnonymity: Formalisation of Privacy – k-anonymity
Microdata is the basis of statistical studies. If microdata is released, it can leak sensitive information about the participants, even if identifiers like name or social security number are removed. A proper anonymization for statistical microdata is essential. K-anonymity has been intensively discussed as a measure for anonymity in statistical data. Quasi identifiers are attributes that might...
متن کاملGenerating Microdata with P -Sensitive K -Anonymity Property
Existing privacy regulations together with large amounts of available data have created a huge interest in data privacy research. A main research direction is built around the k-anonymity property. Several shortcomings of the k-anonymity model have been fixed by new privacy models such as p-sensitive k-anonymity, l-diversity, (α, k)-anonymity, and t-closeness. In this paper we introduce the Enh...
متن کاملWorking Paper ENGLISH ONLY UNITED NATIONS ECONOMIC COMMISSION FOR EUROPE (UNECE) CONFERENCE OF EUROPEAN STATISTICIANS EUROPEAN COMMISSION STATISTICAL OFFICE OF THE EUROPEAN
The usual approach to generate k-anonymous data sets, based on generalization of the quasi-identifier attributes, does not provide any control on the variability of the confidential attributes within the k-anonymous groups. If the latter variability is too small, privacy is not sufficiently protected, while, for large variabilities, data utility is substantially damaged. Some refinements to the...
متن کامل