Online Anonymity Protection in Computer-Mediated Communication

In any situation where a set of personal attributes are revealed, there is a chance that revealed data can be linked back to its owner. Examples of such situations are publishing user profile micro-data or information about social ties, sharing profile information on social networking sites, or revealing personal information in computer-mediated communication (CMC). Measuring user anonymity is the first step to ensuring that the identity of the owner of revealed information cannot be inferred. Most current measures of anonymity ignore important factors such as the probabilistic nature of identity inference, the inferrer's outside knowledge, and the correlation between user attributes. Furthermore, in the social computing domain, variations in personal information and various levels of information exchange among users make the problem more complicated. We present an information-entropy-based realistic estimation of the user anonymity level to deal with these issues in social computing in an effort to help predict the identity inference risks. We then address implementation issues of online protection by proposing complexity reduction methods that take advantage of basic information entropy properties. Our analysis and delay estimation based on experimental data show that our methods are viable, effective, and efficient in facilitating privacy in social computing and synchronous CMCs.

[1]  Alfred Kobsa,et al.  Privacy through pseudonymity in user-adaptive systems , 2003, TOIT.

[2]  Anne Campbell,et al.  An Ethical Approach to Practitioner Research : Dealing with Issues and Dilemmas in Action Research , 2007 .

[3]  Sachin Lodha,et al.  Probabilistic Anonymity , 2007, PinKDD.

[4]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[5]  Sushil Jajodia,et al.  Inference Problems in Multilevel Secure Database Management Systems , 2006 .

[6]  Loren G. Terveen,et al.  ContactMap: using personal social networks to organize communication in a social desktop , 2002, CSCW '02.

[7]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[8]  Mark S. Ackerman,et al.  Privacy critics: UI components to safeguard users' privacy , 1999, CHI Extended Abstracts.

[9]  Lisa Singh,et al.  Measuring Topological Anonymity in Social Networks , 2007, 2007 IEEE International Conference on Granular Computing (GRC 2007).

[10]  Dimitri P. Bertsekas,et al.  Data Networks , 1986 .

[11]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[12]  Quentin Jones,et al.  Preventing Unwanted Social Inferences with Classification Tree Analysis , 2009, 2009 21st IEEE International Conference on Tools with Artificial Intelligence.

[13]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[14]  Claude E. Shannon,et al.  Prediction and Entropy of Printed English , 1951 .

[15]  Eva Heinrich,et al.  Electronic Repositories of Marked Student Work and their Contributions to Formative Evaluation , 2004, J. Educ. Technol. Soc..

[16]  Michael Kreutzer,et al.  Pervasive Privacy with Identity Management , 2002 .

[17]  Mor Naaman,et al.  Social Inference Risk Modeling in Mobile and Social Applications , 2009, 2009 International Conference on Computational Science and Engineering.

[18]  Matthew Morgenstern,et al.  Controlling logical inference in multilevel database systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[19]  G. Tóth,et al.  Measuring Anonymity Revisited , 2004 .

[20]  Starr Roxanne Hiltz,et al.  Seven privacy worries in ubiquitous social computing , 2007, SOUPS '07.

[21]  S. Leigh,et al.  Probability and Random Processes for Electrical Engineering , 1989 .

[22]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[23]  Alina Campan,et al.  Data and Structural k-Anonymity in Social Networks , 2009, PinKDD.

[24]  Richard P. Schuler,et al.  Identity Inference as a Privacy Risk in Computer-Mediated Communication , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[25]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[26]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[27]  Matthew Morgenstern,et al.  Security and inference in multilevel database and knowledge-base systems , 1987, SIGMOD '87.

[28]  R. Motwani,et al.  Approximation Algorithms for k-Anonymity 1 , 2005 .

[29]  Bhavani M. Thuraisingham,et al.  Privacy constraint processing in a privacy-enhanced database management system , 2005, Data Knowl. Eng..

[30]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[31]  Michael K. Reiter,et al.  Anonymous Web transactions with Crowds , 1999, CACM.

[32]  Mingxuan Yuan,et al.  Dynamic privacy management: a plug-in service for the middleware in pervasive computing , 2005, Mobile HCI.

[33]  Rajeev Motwani,et al.  Approximation Algorithms for k-Anonymity , 2005 .

[34]  E. Yasunori,et al.  Agglomerative Hierarchical Clustering for Data with Tolerance , 2007, 2007 IEEE International Conference on Granular Computing (GRC 2007).