A probabilistic approach to mitigate composition attacks on privacy in non-coordinated environments

作者:

Highlights:

摘要

Organizations share data about individuals to drive business and comply with law and regulation. However, an adversary may expose confidential information by tracking an individual across disparate data publications using quasi-identifying attributes (e.g., age, geocode and sex) associated with the records. Various studies have shown that well-established privacy protection models (e.g., k-anonymity and its extensions) fail to protect an individual’s privacy against this “composition attack”. This type of attack can be thwarted when organizations coordinate prior to data publication, but such a practice is not always feasible. In this paper, we introduce a probabilistic model called (d,α)-linkable, which mitigates composition attack without coordination. The model ensures that d confidential values are associated with a quasi-identifying group with a likelihood of α. We realize this model through an efficient extension to k-anonymization and use extensive experiments to show our strategy significantly reduces the likelihood of a successful composition attack and can preserve more utility than alternative privacy models, such as differential privacy.

论文关键词:Databases,Data publication,Privacy,Composition attack,Anonymization

论文评审过程:Received 18 November 2013, Revised 4 April 2014, Accepted 10 April 2014, Available online 24 April 2014.

论文官网地址:https://doi.org/10.1016/j.knosys.2014.04.019