General (˛, k)-anonymity model is a widely used method in privacy-preserving data publishing, but it cannot provide personalized anonymity. At present, two main schemes for personalized anonymity are the individual-oriented anonymity and the sensitive value-oriented anonymity. Unfortunately, the existing personalized anonymity models, designed for any of the aforementioned schemes for privacy-preserving data publishing, are not effective enough to meet the personalized privacy preservation requirement. In this paper, we propose a novel personalized extended scheme to provide the personalized services in general (˛, k)-anonymity model. The sensitive value-oriented anonymity is combined with the individual-oriented anonymity in the new personalized extended (˛, k)-anonymity model by the following two steps: (1) The sensitive attribute values are divided into several groups according to their sensitivities, and each group is assigned with its own frequency constraint threshold. (2) A guarding node is set for each individual to replace his/her sensitive value if necessary. We implement the personalized extended (˛, k)-anonymity model with a clustering algorithm. The performance evaluation finally shows that our model can provide stronger privacy preservation efficiently as well as achieving the personalized service. k-anonymity model assumes that each particular individual corresponds to a record in a twodimensional data set. Each record contains three types of attributes: identifier, quasi-identifier (QI), and sensitive attribute. Identifier is removed first; QI values are replaced with values that lessspecific but semantically consistent. As a result, each record in the modified data set is identical to at least k -1 other records with respect to QI. Based on k-anonymity model, a variety of improved privacy principles, such as l-diversity model [2], t-closeness model [3], general (˛, k)-anonymity model [4], are put forth to model and quantify privacy.The traditional anonymization principles mentioned earlier, however, focus on a universal approach that exerts the same amount of preservation for all individuals and do not take the personalized privacy preservation requirement into account. Individuals may have many differences in the sensitivity of the same privacy information in real life, which would lead to different privacy preservation requirements. Therefore, it is necessary to provide the privacy preservation of personalized service. The notion of personalized anonymity [5] was first proposed by Xiao et al., and some personalized anonymization solutions were subsequently given out [6][7][8][9][10]. In general, these personalized anonymization principles include two kinds of schemes, individual-oriented personalized anonymity and sensitive value-oriented personalized anonymity. The former may result in the impropriety of some parameters relevant to privacy constraint if complying with the privacy preservation requirements of individuals only. The latter ignores the privacy preservation requirements of individu...