An entropy approach to disclosure risk assessment: Lessons from real applications and simulated domains
نویسندگان
چکیده
We live in an increasingly mobile world, which leads to the duplication of information across domains. Though organizations attempt to obscure the identities of their constituents when sharing information for worthwhile purposes, such as basic research, the uncoordinated nature of such environment can lead to privacy vulnerabilities. For instance, disparate healthcare providers can collect information on the same patient. Federal policy requires that such providers share "de-identified" sensitive data, such as biomedical (e.g., clinical and genomic) records. But at the same time, such providers can share identified information, devoid of sensitive biomedical data, for administrative functions. On a provider-by-provider basis, the biomedical and identified records appear unrelated, however, links can be established when multiple providers' databases are studied jointly. The problem, known as trail disclosure, is a generalized phenomenon and occurs because an individual's location access pattern can be matched across the shared databases. Due to technical and legal constraints, it is often difficult to coordinate between providers and thus it is critical to assess the disclosure risk in distributed environments, so that we can develop techniques to mitigate such risks. Research on privacy protection has so far focused on developing technologies to suppress or encrypt identifiers associated with sensitive information. There is growing body of work on the formal assessment of the disclosure risk of database entries in publicly shared databases, but a less attention has been paid to the distributed setting. In this research, we review the trail disclosure problem in several domains with known vulnerabilities and show that disclosure risk is influenced by the distribution of how people visit service providers. Based on empirical evidence, we propose an entropy metric for assessing such risk in shared databases prior to their release. This metric assesses risk by leveraging the statistical characteristics of a visit distribution, as opposed to person-level data. It is computationally efficient and superior to existing risk assessment methods, which rely on ad hoc assessment that are often computationally expensive and unreliable. We evaluate our approach on a range of location access patterns in simulated environments. Our results demonstrate the approach is effective at estimating trail disclosure risks and the amount of self-information contained in a distributed system is one of the main driving factors.
منابع مشابه
Idiosyncratic Risk and Disclosure of Corporate Social Responsibility: Emphasizing the Role of Corporate Governance
In this study, the impact of corporate social responsibility (CSR ) disclosure on idiosyncratic risk has been investigated concerning three stakeholder theory, information asymmetry, and risk management. It also goes further and explores the impact of some corporate governance mechanisms such as ownership structure, board characteristics, and incentive contracts on this relationship. To achieve...
متن کاملDesign Software Failure Mode and Effect Analysis using Fuzzy TOPSIS Based on Fuzzy Entropy
One of the key pillars of any operating system is its proper software performance. Software failure can have dangerous effects and consequences and can lead to adverse and undesirable events in the design or use phases. The goal of this study is to identify and evaluate the most significant software risks based on the FMEA indices with respect to reduce the risk level by means of experts’ opini...
متن کاملMeasuring Disclosure Risk and Information Loss in Population Based Frequency Tables
Frequency tables disseminated by statistical agencies have always been of high interest. However, the agencies have to ensure that the risk of identifying individuals and disclosing individuals’ attributes from the released data is low. Therefore they assess the risk of disclosure and apply statistical disclosure control (SDC) methods if necessary. The main objective of this work is to measure ...
متن کاملRisk measurement and Implied volatility under Minimal Entropy Martingale Measure for Levy process
This paper focuses on two main issues that are based on two important concepts: exponential Levy process and minimal entropy martingale measure. First, we intend to obtain risk measurement such as value-at-risk (VaR) and conditional value-at-risk (CvaR) using Monte-Carlo methodunder minimal entropy martingale measure (MEMM) for exponential Levy process. This Martingale measure is used for the...
متن کاملA posteriori Disclosure Risk Measure for Tabular Data Based on Conditional Entropy∗
Statistical database protection, also known as Statistical Disclosure Control (SDC), is a part of information security which tries to prevent published statistical information (tables, individual records) from disclosing the contribution of specific respondents. This paper deals with the assessment of the disclosure risk associated to the release of tabular data. So-called sensitivity rules are...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Decision support systems
دوره 51 1 شماره
صفحات -
تاریخ انتشار 2011