Skip to search formSkip to main contentSkip to account menu
DOI:10.1142/S0218488502001648 - Corpus ID: 361794
@article{Sweeney2002kAnonymityAM, title={k-Anonymity: A Model for Protecting Privacy}, author={Latanya Sweeney}, journal={Int. J. Uncertain. Fuzziness Knowl. Based Syst.}, year={2002}, volume={10}, pages={557-570}, url={https://api.semanticscholar.org/CorpusID:361794}}
- L. Sweeney
- Published in Int. J. Uncertain. Fuzziness… 1 October 2002
- Computer Science
- Int. J. Uncertain. Fuzziness Knowl. Based Syst.
The solution provided in this paper includes a formal protection model named k-anonymity and a set of accompanying policies for deployment and examines re-identification attacks that can be realized on releases that adhere to k- anonymity unless accompanying policies are respected.
8,242 Citations
612
4,083
1,712
33
Figures from this paper
- figure 1
- figure 2
- figure 3
- figure 4
- figure 5
Topics
k-Anonymity (opens in a new tab)Data Holder (opens in a new tab)Re-identification Attacks (opens in a new tab)Field Structured Data (opens in a new tab)Re-identified (opens in a new tab)Datafly (opens in a new tab)Privacy Protection (opens in a new tab)Protecting Privacy (opens in a new tab)u-Argus (opens in a new tab)Scientific Guarantees (opens in a new tab)
8,242 Citations
- L. Sweeney
- 2002
Computer Science
Int. J. Uncertain. Fuzziness Knowl. Based Syst.
This paper provides a formal presentation of combining generalization and suppression to achieve k-anonymity and shows that Datafly can over distort data and µ-Argus can additionally fail to provide adequate protection.
- Maurizio Atzori
- 2006
Computer Science
ISC
This paper gives a weaker definition of k-anonymity, allowing lower distortion on the anonymized data, and shows that, under the hypothesis in which the adversary is not sure a priori about the presence of a person in the table, the privacy properties are respected also in the weak k-Anonymity framework.
- 20
- Janosch Maier BetreuerRalph Holz
- 2013
Computer Science
It is shown, how l-diversity and t-closeness provide a stronger level of anonymity as k-anonymity, and a value generalization hierarchy based on the attributes model, device, version and network is provided.
- 1
- Highly Influenced
- PDF
- Gagan AggarwalT. Feder An Zhu
- 2005
Computer Science, Mathematics
It is shown that the k-Anonymity problem is NP-hard even when the attribute values are ternary and the author provides an O(k)-approximation algorithm for the problem.
- 282
- Wei JiangChris Clifton
- 2005
Computer Science
DBSec
A key contribution is a proof that the protocol preserves k-anonymity between the sites, a fundamentally different distributed privacy definition than that of Secure Multiparty Computation, and it provides a better match with both ethical and legal views of privacy.
- 94
- PDF
- A. BasuToru NakamuraSeira HidanoS. Kiyomoto
- 2015
Computer Science
2015 IEEE Trustcom/BigDataSE/ISPA
This work quantifies risk as the probability of re-identification and proposes a mechanism to compute the empirical risk with respect to the cost of acquiring the knowledge about quasi-identifiers, using an real-world dataset released with some k-anonymity guarantee.
- 15
- Sheng ZhongZhiqiang YangTingting Chen
- 2009
Computer Science
Inf. Sci.
- 5
- PDF
- Daniel SlamanigChristian Stingl
- 2010
Computer Science, Medicine
HEALTHINF
A novel approach based on generalized redactable signatures that realizes k-anonymity for sets of digitally signed records is proposed that allows any party to verify the original digital signatures for medical data, although these data are modified during the process of achieving k-Anonymity.
- 2
- PDF
- Masoud RahimiM. BateniHosein Mohammadinejad
- 2015
Computer Science, Mathematics
An algorithm is proposed that fully protects the propagated micro data against identity and attribute disclosure and significantly reduces the distortion ratio during the anonymity process.
- 15
- Highly Influenced
- PDF
- N. MaheshwarkarK. PathakV. Chourey
- 2011
Computer Science
Some privacy issues for k-anonymity model are discussed and its integrity is checked while using some approaches.
- 14
- PDF
...
...
28 References
- L. Sweeney
- 1997
Computer Science, Medicine
AMIA
We present a computer program named Datafly that maintains anonymity in medical data by automatically generalizing, substituting, and removing information as appropriate without losing many of the…
- 298
- PDF
- G. DuncanR. Pearson
- 1991
Computer Science, Political Science
This article presents a scenario for the future of research access to federally collected microdata, as they relate to improvements in database techniques, computer and analytical method- ologies and legal and administrative arrangements for access to and protection of federal statistics.
- 179
- PDF
- D. Denning
- 1982
Computer Science, Mathematics
The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.
- 1,951
- L. Sweeney
- 1998
Medicine, Computer Science
This work presents a new computational technique based on stepwise consideration of all sub-combinations of sensitive fields that can be used within the Datafly or m-Argus architectures to help achieve optimal disclosure and shows that doing so provides more specific data than Datafly would normally release and improves the confidentiality of results from m- Argus.
- 12
- PDF
- D. DenningP. DenningM. Schwartz
- 1979
Computer Science
TODS
It is shown that the compromise of small query sets can in fact almost always be accomplished with the help of characteristic formulas called trackers, and security is not guaranteed by the lack of a general tracker.
- 217
- PDF
- G. DuncanSumitra Mukherjee
- 1991
Computer Science
Proceedings. 1991 IEEE Computer Society Symposium…
A probabilistic framework is used to assess the strengths and weaknesses of two existing disclosure control mechanisms and an alternative scheme combining query set size restriction and random sample query control results in a significant decrease in the risk of disclosure.
- 32
- I. Fellegi
- 1972
Computer Science
Abstract In Section 1 the nature of statistical confidentiality is explored, i.e., its essential role in the collection of data by statistical offices, its relationship to privacy and the need for…
- 210
- Xiaolei QianM. StickelP. KarpT. LuntT. Garvey
- 1993
Computer Science
Proceedings 1993 IEEE Computer Society Symposium…
A global optimization approach to upgrading is suggested to block a set of inference problems that allows upgrade costs to be considered, and supports security categories as well as levels.
- 69
- T. Lunt
- 1989
Computer Science
Proceedings. 1989 IEEE Symposium on Security and…
It is shown that sensitive associations among entities of different types are best treated by representing the sensitive association separately and classifying the individual entities low and the relationship high, and the suggested approaches allow the mandatory reference monitor to protect the sensitive associations.
- 91
- PDF
- D. DenningT. LuntR. SchellM. HeckmanW. Shockley
- 1987
Computer Science
1987 IEEE Symposium on Security and Privacy
The model is defined in terms of the standard relational model, but lends itself to a design and implementation that offers a high level of assurance for mandatory security.
- 201
...
...
Related Papers
Showing 1 through 3 of 0 Related Papers