Anonymization of Sensitive Quasi-Identifiers for l-Diversity and t-Closeness

Citations Over TimeTop 10% of 2017 papers

Abstract

A number of studies on privacy-preserving data mining have been proposed. Most of them assume that they can separate quasi-identifiers (QIDs) from sensitive attributes. For instance, they assume that address, job, and age are QIDs but are not sensitive attributes and that a disease name is a sensitive attribute but is not a QID. However, all of these attributes can have features that are both sensitive attributes and QIDs in practice. In this paper, we refer to these attributes as sensitive QIDs and we propose novel privacy models, namely, (l1, ..., lq)-diversity and (t1, ..., tq)-closeness, and a method that can treat sensitive QIDs. Our method is composed of two algorithms: An anonymization algorithm and a reconstruction algorithm. The anonymization algorithm, which is conducted by data holders, is simple but effective, whereas the reconstruction algorithm, which is conducted by data analyzers, can be conducted according to each data analyzer's objective. Our proposed method was experimentally evaluated using real data sets.

Related Papers

• → Creating closeness: Discerning and measuring strategies for fostering closer relationships(2007)35 cited
• → Maternal Employment and Parent-Child Relations in Families of Seventh Graders(1990)16 cited
• → A de-identification tool for users in medical operations and public health(2016)4 cited
• → Enhancing privacy for automatically detected quasi identifier using data anonymization(2023)1 cited