Privacy-Preserving Technologies

This chapter introduces privacy and data protection by design, and reviews privacy-enhancing techniques (PETs). Although privacy by design includes both technical and operational measures, the chapter focuses on the technical measures. First, it enumerates design strategies. Next, it considers privacy-enhancing techniques that directly address the hide strategy, but also aid in implementing the separate, control and enforce strategies. Specifically, it addresses PETs for: (1) identification, authentication and anonymity; (2) private communications; (3) privacy-preserving computations; (4) privacy in databases; and (5) discrimination prevention in data mining.

[1]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.

[2]  Markus Jakobsson,et al.  Implicit authentication for mobile devices , 2009 .

[3]  Mukesh K. Mohania,et al.  Efficient techniques for document sanitization , 2008, CIKM '08.

[4]  David Sánchez,et al.  Detecting Sensitive Information from Textual Documents: An Information-Theoretic Approach , 2012, MDAI.

[5]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[6]  Jessica Staddon,et al.  The Rules of Redaction: Identify, Protect, Review (and Repeat) , 2009, IEEE Security & Privacy.

[7]  Rayid Ghani,et al.  A Machine Learning Based System for Semi-Automatically Redacting Documents , 2011, IAAI.

[8]  Moni Naor,et al.  Differential privacy under continual observation , 2010, STOC '10.

[9]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[10]  Jim Burridge,et al.  Information preserving statistical obfuscation , 2003, Stat. Comput..

[11]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[12]  Jimeng Sun,et al.  Hiding in the Crowd: Privacy Preservation on Evolving Streams through Correlation Tracking , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[13]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[14]  Christopher D. Manning,et al.  Incorporating Non-local Information into Information Extraction Systems by Gibbs Sampling , 2005, ACL.

[15]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[16]  Aleksandar Nikolov,et al.  Private decayed predicate sums on streams , 2013, ICDT '13.

[17]  Yon Dohn Chung,et al.  A framework to preserve the privacy of electronic health data streams , 2014, J. Biomed. Informatics.

[18]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[19]  Guo Shaniqng,et al.  Attribute-based Signature Scheme , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[20]  Jerome P. Reiter,et al.  Privacy-Preserving Analysis of Vertically Partitioned Data Using Secure Matrix Products , 2009 .

[21]  Josep Domingo-Ferrer,et al.  Flexible and Robust Privacy-Preserving Implicit Authentication , 2015, SEC.

[22]  Josep Domingo-Ferrer,et al.  Outsourcing scalar products and matrix products on privacy-protected unencrypted data stored in untrusted clouds , 2018, Inf. Sci..

[23]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[24]  Josep Domingo-Ferrer,et al.  Hybrid microdata using microaggregation , 2010, Inf. Sci..

[25]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[26]  J. Domingo-Ferrer,et al.  Steered Microaggregation: A Unified Primitive for Anonymization of Data Sets and Data Streams , 2017, 2017 IEEE International Conference on Data Mining Workshops (ICDMW).

[27]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.

[28]  Panos Kalnis,et al.  SABRE: a Sensitive Attribute Bucketization and REdistribution framework for t-closeness , 2011, The VLDB Journal.

[29]  Josep Domingo-Ferrer,et al.  New directions in anonymization: Permutation paradigm, verifiability by subjects and intruders, transparency to users , 2015, Inf. Sci..

[30]  Josep Domingo-Ferrer,et al.  Statistical Disclosure Control: Hundepool/Statistical Disclosure Control , 2012 .

[31]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[32]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[33]  A. Reisner,et al.  De-identification algorithm for free-text nursing notes , 2005, Computers in Cardiology, 2005.

[34]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[35]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[36]  L. Sweeney Replacing personally-identifying information in medical records, the Scrub system. , 1996, Proceedings : a conference of the American Medical Informatics Association. AMIA Fall Symposium.

[37]  L. Cox Statistical Disclosure Limitation , 2006 .

[38]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[39]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[40]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[41]  Josep Domingo-Ferrer,et al.  Statistical Disclosure Control , 2012 .

[42]  Josep Domingo-Ferrer,et al.  Generalization-based privacy preservation and discrimination prevention in data publishing and mining , 2014, Data Mining and Knowledge Discovery.

[43]  Josep Domingo-Ferrer,et al.  H(k)-private Information Retrieval from Privacy-uncooperative Queryable Databases.">h(k)-private Information Retrieval from Privacy-uncooperative Queryable Databases , 2009, Online Inf. Rev..

[44]  Josep Domingo-Ferrer,et al.  Ordinal, Continuous and Heterogeneous k-Anonymity Through Microaggregation , 2005, Data Mining and Knowledge Discovery.

[45]  Josep Domingo-Ferrer,et al.  Efficient privacy-preserving implicit authentication , 2018, Comput. Commun..

[46]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[47]  R. Caplan HIPAA. Health Insurance Portability and Accountability Act of 1996. , 2003, Dental assistant.

[48]  Josep Domingo-Ferrer,et al.  Practical Data-Oriented Microaggregation for Statistical Disclosure Control , 2002, IEEE Trans. Knowl. Data Eng..

[49]  Josep Domingo-Ferrer,et al.  Discrimination- and privacy-aware patterns , 2014, Data Mining and Knowledge Discovery.

[50]  Chris Clifton,et al.  Privacy-preserving k-means clustering over vertically partitioned data , 2003, KDD '03.

[51]  Guillermo Navarro-Arribas,et al.  On the Declassification of Confidential Documents , 2011, MDAI.

[52]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[53]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[54]  Rakesh Agrawal,et al.  Privacy-preserving data mining , 2000, SIGMOD 2000.

[55]  Reihaneh Safavi-Naini,et al.  Privacy-Preserving Implicit Authentication , 2014, IACR Cryptol. ePrint Arch..

[56]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[57]  Rebecca N. Wright,et al.  Privacy-preserving distributed k-means clustering over arbitrarily partitioned data , 2005, KDD '05.

[58]  David Sánchez,et al.  Automatic General-Purpose Sanitization of Textual Documents , 2013, IEEE Transactions on Information Forensics and Security.

[59]  Josep Domingo-Ferrer,et al.  Reverse Mapping to Preserve the Marginal Distributions of Attributes in Masked Microdata , 2014, Privacy in Statistical Databases.

[60]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[61]  Kian-Lee Tan,et al.  CASTLE: Continuously Anonymizing Data Streams , 2011, IEEE Transactions on Dependable and Secure Computing.

[62]  Josep Domingo-Ferrer,et al.  A Methodology for Direct and Indirect Discrimination Prevention in Data Mining , 2013, IEEE Transactions on Knowledge and Data Engineering.

[63]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[64]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[65]  Elisa Bertino,et al.  State-of-the-art in privacy preserving data mining , 2004, SGMD.

[66]  Yunghsiang Sam Han,et al.  Privacy-Preserving Multivariate Statistical Analysis: Linear Regression and Classification , 2004, SDM.