L-Cover: Preserving Diversity by Anonymity

To release micro-data tables containing sensitive data, generalization algorithms are usually required for satisfying given privacy properties, such as k -anonymity and l -diversity. It is well accepted that k -anonymity and l -diversity are proposed for different purposes, and the latter is a stronger property than the former. However, this paper uncovers an interesting relationship between these two properties when the generalization algorithms are publicly known. That is, preserving l -diversity in micro-data generalization can be done by preserving a new property, namely, l -cover, which is to satisfy l -anonymity in a special way. The practical impact of this discovery is that it may potentially lead to better heuristic generalization algorithms in terms of efficiency and data utility, that remain safe even when publicized.

[1]  Adam Meyerson,et al.  On the complexity of optimal K-anonymity , 2004, PODS.

[2]  Ya'acov Ritov,et al.  Foundations of statistical inference : proceedings of the Shoresh Conference 2000 , 2003 .

[3]  Dan Suciu,et al.  A formal analysis of information disclosure in data exchange , 2004, SIGMOD '04.

[4]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[5]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[6]  George T. Duncan,et al.  Obtaining Information while Preserving Privacy: A Markov Perturbation Method for Tabular Data , 1997 .

[7]  Hoeteck Wee,et al.  Toward Privacy in Public Databases , 2005, TCC.

[8]  Roberto J. Bayardo,et al.  Data privacy through optimal k-anonymization , 2005, 21st International Conference on Data Engineering (ICDE'05).

[9]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[10]  Sushil Jajodia,et al.  Information disclosure under realistic assumptions: privacy versus optimality , 2007, CCS '07.

[11]  Yufei Tao,et al.  Personalized privacy preservation , 2006, Privacy-Preserving Data Mining.

[12]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[13]  Ivan P. Fellegi,et al.  On the Question of Statistical Confidentiality , 1972 .

[14]  Stephen E. Fienberg,et al.  Bounds for Cell Entries in Two-Way Tables Given Conditional Relative Frequencies , 2004, Privacy in Statistical Databases.

[15]  Raymond Chi-Wing Wong,et al.  Minimality Attack in Privacy Preserving Data Publishing , 2007, VLDB.

[16]  S. Reiss,et al.  Data-swapping: A technique for disclosure control , 1982 .

[17]  S. Fienberg,et al.  Bounding Entries in Multi-way Contingency Tables Given a Set of Marginal Totals , 2003 .

[18]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[19]  L. Cox Suppression Methodology and Statistical Disclosure Control , 1980 .

[20]  P. Diaconis,et al.  Algebraic algorithms for sampling from conditional distributions , 1998 .

[21]  David J. DeWitt,et al.  Incognito: efficient full-domain K-anonymity , 2005, SIGMOD '05.