From t-Closeness-Like Privacy to Postrandomization via Information Theory

Rebollo-Monedero, David; Forné, Jordi; Domingo‐Ferrer, Josep

doi:10.1109/tkde.2009.190

Cited by 166 publications

(139 citation statements)

References 24 publications

(47 reference statements)

Supporting

Mentioning

139

Contrasting

Order By: Relevance

“…To solve this kind of problems, Li et al considered the relationships between global privacy and individual privacy and proposed tcloseness model [7]. In this model, approximation degree of two distributions ha ve been measured by the function of earth mover's distance (EMD), and the differences of distribution between sensitive attributes and the whole published table are required to be no more than t. Reference [8] proposed a complete anonymous algorithm framework based on t-closeness model, which is called SABRE. All of the above methods use generalization technology to meet the privacy requirement of anonymous data.…”

Section: Related Workmentioning

confidence: 99%

“…Therefore, they proposed K-anonymity method [4][5] to handle the privacy issues during data publication. After that, many scholars have carried out lots of researches based on K-anonymity rules and put forward some improved strategies and anonymous algorithms [6][7][8][9][10][11][12] . The main approach to achieve K-anonymity privacy preserving is generalization, which defines attributes can be associated with others as quasi identifiers.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

FSSPCM: Fuzzy Publication of Data for Privacy Preserving

Yan¹,

Hao²,

Wan-jun³

2016

IJSIA

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

FSSPCM: Fuzzy Publication of Data for Privacy Preserving

Yan¹,

Hao²,

Wan-jun³

2016

IJSIA

View full text Add to dashboard Cite

show abstract

“…To prevent inference of Y from the release, one can apply a distortion f (X) on X; the goal is then to find the minimal distortion so that the mutual information between f (X) and Y is below a threshold. This problem was originally addressed in the asymptotic regime [39,45], while a series of recent works study it in a non-asymptotic setting [7,28,36,38]. Broadly speaking, our work can be cast in this framework by treating a user's ratings as X, her private feature as Y , and employing a correlation structure between them as specified by matrix factorization (namely, (7)).…”

Section: Related Workmentioning

confidence: 99%

Privacy tradeoffs in predictive analytics

IoannidisStratis

MontanariAndrea

WeinsbergUdi

et al. 2014

SIGMETRICS Perform. Eval. Rev.

View full text Add to dashboard Cite

Online services routinely mine user data to predict user preferences, make recommendations, and place targeted ads. Recent research has demonstrated that several private user attributes (such as political affiliation, sexual orientation, and gender) can be inferred from such data. Can a privacy-conscious user benefit from personalization while simultaneously protecting her private attributes? We study this question in the context of a rating prediction service based on matrix factorization. We construct a protocol of interactions between the service and users that has remarkable optimality properties: it is privacy-preserving, in that no inference algorithm can succeed in inferring a user's private attribute with a probability better than random guessing; it has maximal accuracy, in that no other privacy-preserving protocol improves rating prediction; and, finally, it involves a minimal disclosure, as the prediction accuracy strictly decreases when the service reveals less information. We extensively evaluate our protocol using several rating datasets, demonstrating that it successfully blocks the inference of gender, age and political affiliation, while incurring less than 5% decrease in the accuracy of rating prediction.

show abstract

“…However, the problem of k-anonymity, and of enhancements [19][20][21][22] such as l-diversity, is their vulnerability against skewness and similarity attacks [23]. In order to overcome these deficiencies, yet another privacy criterion was considered in [24]: a dataset is said to satisfy t-closeness if for each group of records sharing a combination of key attributes, a certain measure of divergence between the within-group distribution of confidential attributes and the distribution of those attributes for the entire dataset does not exceed a threshold t. An average-case version of the worst-case t-closeness criterion, using the Kullback-Leibler divergence as a measure of discrepancy, turns out to be equivalent to a mutual information, and lend itself to a generalization of Shannon's rate-distortion problem [25,26].…”

Section: Privacy Criteriamentioning

confidence: 99%

“…More recent studies [27,28] rescue the suitable applicability of the concept of entropy as a measure of privacy, by proposing to measure the degree of anonymity observable by an attacker as the entropy of the probability distribution of possible senders of a given message. More recent work has taken initial steps in relating privacy to information-theoretic quantities [3,[24][25][26].…”

Section: Measuring the Privacy Of User Profilesmentioning

confidence: 99%

An Information-Theoretic Privacy Criterion for Query Forgery in Information Retrieval

Rebollo-Monedero

Parra-Arnau

Forné

2011

Security Technology

Self Cite

View full text Add to dashboard Cite

Abstract. In previous work, we presented a novel information-theoretic privacy criterion for query forgery in the domain of information retrieval. Our criterion measured privacy risk as a divergence between the user's and the population's query distribution, and contemplated the entropy of the user's distribution as a particular case. In this work, we make a twofold contribution. First, we thoroughly interpret and justify the privacy metric proposed in our previous work, elaborating on the intimate connection between the celebrated method of entropy maximization and the use of entropies and divergences as measures of privacy. Secondly, we attempt to bridge the gap between the privacy and the informationtheoretic communities by substantially adapting some technicalities of our original work to reach a wider audience, not intimately familiar with information theory and the method of types.

show abstract

From t-Closeness-Like Privacy to Postrandomization via Information Theory

Cited by 166 publications

References 24 publications

FSSPCM: Fuzzy Publication of Data for Privacy Preserving

FSSPCM: Fuzzy Publication of Data for Privacy Preserving

Privacy tradeoffs in predictive analytics

An Information-Theoretic Privacy Criterion for Query Forgery in Information Retrieval

Contact Info

Product

Resources

About