Full Text:   <2460>

Summary:  <1824>

CLC number: TP309

On-line Access: 2024-08-27

Received: 2023-10-17

Revision Accepted: 2024-05-08

Crosschecked: 2015-08-06

Cited: 2

Clicked: 6134

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Myung Ho Kim

http://orcid.org/0000-0002-1933-7987

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2015 Vol.16 No.9 P.720-731

http://doi.org/10.1631/FITEE.1400395


Towards a respondent-preferred ki-anonymity model


Author(s):  Kok-Seng Wong, Myung Ho Kim

Affiliation(s):  1School of Computer Science and Engineering, Soongsil University, Seoul 06978, Korea; more

Corresponding email(s):   kmh@ssu.ac.kr

Key Words:  Anonymous data collection, Respondent-preferred privacy protection, k-anonymity


Kok-Seng Wong, Myung Ho Kim. Towards a respondent-preferred ki-anonymity model[J]. Frontiers of Information Technology & Electronic Engineering, 2015, 16(9): 720-731.

@article{title="Towards a respondent-preferred ki-anonymity model",
author="Kok-Seng Wong, Myung Ho Kim",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="16",
number="9",
pages="720-731",
year="2015",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.1400395"
}

%0 Journal Article
%T Towards a respondent-preferred ki-anonymity model
%A Kok-Seng Wong
%A Myung Ho Kim
%J Frontiers of Information Technology & Electronic Engineering
%V 16
%N 9
%P 720-731
%@ 2095-9184
%D 2015
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.1400395

TY - JOUR
T1 - Towards a respondent-preferred ki-anonymity model
A1 - Kok-Seng Wong
A1 - Myung Ho Kim
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 16
IS - 9
SP - 720
EP - 731
%@ 2095-9184
Y1 - 2015
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.1400395


Abstract: 
Recently, privacy concerns about data collection have received an increasing amount of attention. In data collection process, a data collector (an agency) assumed that all respondents would be comfortable with submitting their data if the published data was anonymous. We believe that this assumption is not realistic because the increase in privacy concerns causes some respondents to refuse participation or to submit inaccurate data to such agencies. If respondents submit inaccurate data, then the usefulness of the results from analysis of the collected data cannot be guaranteed. Furthermore, we note that the level of anonymity (i.e., k-anonymity) guaranteed by an agency cannot be verified by respondents since they generally do not have access to all of the data that is released. Therefore, we introduce the notion of ki-anonymity, where ki is the level of anonymity preferred by each respondent i. Instead of placing full trust in an agency, our solution increases respondent confidence by allowing each to decide the preferred level of protection. As such, our protocol ensures that respondents achieve their preferred ki-anonymity during data collection and guarantees that the collected records are genuine and useful for data analysis.

面向优选应答的k-匿名模型

目的:数据采集的隐私保护问题近年来受到广泛关注。传统的数据采集过程中,采集机构假设在匿名发布数据的前提下,所有应答者对于提交各自数据的过程均是满意的。本文作者认为这一假设并不实际,因日益增长的隐私保护需求导致部分应答者拒绝或提交不准确的数据,从而将导致由这些数据得到的分析结果不可靠。因此,本文引入ki-匿名模型,由应答者选择自己偏好的匿名水平。
创新点:本文所提算法其背后主要思想是允许每个应答者学习自身记录的事件数目,即仅需获取自身约束条件的满意度得分。
方法:首先,生成唯一身份标识和约束条件。接着,检查约束条件的满意度情况。然后,计算满意度得分。最后,更新约束条件的满意度表格(图1)。
结论:引入ki-匿名模型的概念,允许应答者在提交数据前能够选择自己偏好的匿名保护水平。所提算法确保应答者在数据采集过程中实现其偏好的匿名保护水平,且所采集的数据真实并有效用于数据分析。

关键词:匿名数据采集;优选应答的隐私保护;k-匿名

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article

Reference

[1]Agrawal, R., Srikant, R., 2000. Privacy-preserving data mining. Proc. ACM SIGMOD Int. Conf. on Management of Data, p.439-450.

[2]Bella, G., Bistarelli, S., Massacci, F., 2005. Retaliation: can we live with flaws? NATO Sec. Sci. Ser. D, 6:3-14.

[3]Bella, G., Giustolisi, R., Riccobene, S., 2011. Enforcing privacy in e-commerce by balancing anonymity and trust. Comput. Secur., 30(8):705-718.

[4]Chaum, D.L., 1981. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84-90.

[5]Clifton, C., Tassa, T., 2013. On syntactic anonymity and differential privacy. Proc. IEEE 29th Int. Conf. on Data Engineering Workshops, p.88-93.

[6]Diamond, C.C., Mostashari, F., Shirky, C., 2009. Collecting and sharing data for population health: a new paradigm. Health Aff., 28(2):454-466.

[7]Dingledine, R., Mathewson, N., Syverson, P., 2004. Tor: the second-generation onion router. Proc. 13th Conf. on USENIX Security Symp., p.21.

[8]Domingo-Ferrer, J., 2010. Coprivacy: towards a theory of sustainable privacy. Proc. Int. Conf. on Privacy in Statistical Databases, p.258-268.

[9]Domingo-Ferrer, J., 2011. Coprivacy: an introduction to the theory and applications of co-operative privacy. Stat. Oper. Res. Trans., Special issue, p.25-40.

[10]Domingo-Ferrer, J., Soria-Comas, J., Ciobotaru, O., 2015. Co-utility: self-enforcing protocols without coordination mechanisms. Proc. Int. Conf. on Industrial Engineering and Operations Management, arXiv:1503.02563.

[11]Du, W., Zhan, Z., 2003. Using randomized response techniques for privacy-preserving data mining. Proc. 9th ACM SIGKDD Int. Conf. on Knowledge Discovery and Data Mining, p.505-510.

[12]Dwork, C., 2008. Differential privacy: a survey of results. Proc. 5th Int. Conf. on Theory and Applications of Models of Computation, p.1-19.

[13]Edman, M., Yener, B., 2009. On anonymity in an electronic society: a survey of anonymous communication systems. ACM Comput. Surv., 42(1), Article 5.

[14]Evfimievski, A., Srikant, R., Agrawal, R., et al., 2002. Privacy preserving mining of association rules. Proc. 8th ACM SIGKDD Int. Conf. on Knowledge Discovery and Data Mining, p.217-228.

[15]Kargupta, H., Datta, S., Wang, Q., et al., 2003. On the privacy preserving properties of random data perturbation techniques. Proc. 3rd IEEE Int. Conf. on Data Mining, p.99-106.

[16]Kumar, R., Gopal, R., Garfinkel, R., 2010. Freedom of privacy: anonymous data collection with respondent-defined privacy protection. INFORMS J. Comput., 22(3):471-481.

[17]Li, B., Erdin, E., Güneş, M.H., et al., 2011. An analysis of anonymity technology usage. Proc. 3rd Int. Conf. on Traffic Monitoring and Analysis, p.108-121.

[18]Li, N., Li, T., Venkatasubramanian, S., 2007. T-closeness: privacy beyond k-anonymity and l-diversity. Proc. 23rd Int. Conf. on Data Engineering, p.106-115.

[19]Machanavajjhala, A., Kifer, D., Gehrke, J., et al., 2007. L-diversity: privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data, 1(1), Article 3.

[20]Paillier, P., 1999. Public-key cryptosystems based on composite degree residuosity classes. Proc. 17th Int. Conf. on Theory and Application of Cryptographic Techniques, p.223-238.

[21]Samarati, P., 2001. Protecting respondents identities in microdata release. IEEE Trans. Knowl. Data Eng., 13(6):188-200.

[22]Sweeney, L., 1997. Weaving technology and policy together to maintain confidentiality. J. Law Med. Ethics, 25(2-3):98-110.

[23]Sweeney, L., 2002. k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzz. Knowl.-Based Syst., 10(5):557-570.

[24]Warner, S.L., 1965. Randomized response: a survey technique for eliminating evasive answer bias. J. Am. Stat. Assoc., 60(309):63-69.

[25]Wong, K.S., Kim, M.H., 2014a. Privacy-preserving data collection with self-awareness protection. In: Park, J.J., Zomaya, A., Jeong, H.Y., et al. (Eds.), Frontier and Innovation in Future Computing and Communications. Springer, Netherlands, p.365-371.

[26]Wong, K.S., Kim, M.H., 2014b. Towards self-awareness privacy protection for Internet of things data collection. J. Appl. Math., 2014:827959.1-827959.9.

[27]Wong, R.C.W., Li, J., Fu, A.W.C., et al., 2006. (α, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing. Proc. 12th ACM SIGKDD Int. Conf. on Knowledge Discovery and Data Mining, p.754-759.

[28]Wong, R.C.W., Fu, A.W.C., Wang, K., et al., 2007a. Minimality attack in privacy preserving data publishing. Proc. 33rd Int. Conf. on Very Large Data Bases, p.543-554.

[29]Wong, R.C.W., Liu, Y., Yin, J., et al., 2007b. (α, k)-anonymity based privacy preservation by lossy join. Proc. Joint 9th Asia-Pacific Web Conf. on Advances in Data and Web Management and 8th Int. Conf. on Web-Age Information Management, p.733-744.

[30]Zhang, N., Wang, S., Zhao, W., 2005. A new scheme on privacy-preserving data classification. Proc. 11th ACM SIGKDD Int. Conf. on Knowledge Discovery in Data Mining, p.374-383.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - 2024 Journal of Zhejiang University-SCIENCE