Abstract
Uncertainty and indistinguishability are two independent aspects of privacy. Uncertainty refers to the property that the attacker cannot tell which private value, among a group of values, an individual actually has, and indistinguishability refers to the property that the attacker cannot see the difference among a group of individuals. While uncertainty has been well studied and applied to many scenarios, to date, the only effort in providing indistinguishability has been the well-known notion of k-anonymity. However, k-anonymity only applies to anonymized tables. This paper defines indistinguishability for general situations based on the symmetry among the possible private values associated with individuals. The paper then discusses computational complexities of and provides practical algorithms for checking whether a set of database views provides enough indistinguishability.
The work was partially supported by the NSF grants IIS-0430402, IIS-0430165, and IIS-0242237.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adam, N.R., Wortmann, J.C.: Security-control methods for statistical databases: a comparative study. ACM Computing Surveys 21(4), 515–556 (1989)
Agrawal, D., Aggarwal, C.C.: On the design and quantification of privacy preserving data mining algorithms. In: Proceedings of the Twenty-third ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS) (2001)
Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD Conference), pp. 439–450 (2000)
Agrawal, S., Haritsa, J.R.: A framework for high-accuracy privacy-preserving mining. In: Proceedings of the 21st International Conference on Data Engineering (ICDE), pp. 193–204 (2005)
Brodsky, A., Farkas, C., Jajodia, S.: Secure databases: Constraints, inference channels, and monitoring disclosures. IEEE Transactions on Knowledge and Data Engineering 12(6), 900–919 (2000)
Chawla, S., Dwork, C., McSherry, F., Smith, A., Wee, H.: Toward privacy in public databases. In: Theory of Cryptography, Second Theory of Cryptography Conference (TCC), pp. 363–385 (2005)
Delugach, H.S., Hinke, T.H.: Wizard: A database inference analysis and detection system. IEEE Transactions on Knowledge and Data Engineering 8(1), 56–66 (1996)
Deutsch, A., Papakonstantinou, Y.: Privacy in database publishing. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 230–245. Springer, Heidelberg (2004)
Evfimievski, A.V., Gehrke, J., Srikant, R.: Limiting privacy breaches in privacy preserving data mining. In: Proceedings of the Twenty-third ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS), pp. 211–222 (2003)
Evfimievski, A.V., Srikant, R., Agrawal, R., Gehrke, J.: Privacy preserving mining of association rules. In: Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), pp. 217–228 (2002)
Gavison, R.: Privacy and the limits of the law. In: Johnson, D.G., Nissenbaum, H. (eds.) Computers, Ethics, and Social Values (1995)
Hale, J., Shenoi, S.: Catalytic inference analysis: Detecting inference threats due to knowledge discovery. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 188–199 (1997)
Ji, X., Mitchell, J.E.: Branch-and-price-and-cut on clique partition problem with minimum clique size requirement. In: IMA Special Workshop: Mixed-Integer Programming (2005)
Bayardo Jr, R.J., Agrawal, R.: Data privacy through optimal k-anonymization. In: Proceedings of the 21st International Conference on Data Engineering (ICDE), pp. 217–228 (2005)
Kantarcioglu, M., Jin, J., Clifton, C.: When do data mining results violate privacy? In: Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), pp. 599–604 (2004)
Kenthapadi, K., Mishra, N., Nissim, K.: Simulatable auditing. In: Proceedings of the Nineteenth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), pp. 118–127 (2005)
Kleinberg, J.M., Papadimitriou, C.H., Raghavan, P.: Auditing boolean attributes. In: Proceedings of the Nineteenth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), pp. 86–91 (2000)
LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD Conference), pp. 49–60 (2005)
Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: Proceedings of the 22nd International Conference on Data Engineering (ICDE), pp. 24–35 (2006)
Marks, D.G.: Inference in MLS database systems. IEEE Transactions on Knowledge and Data Engineering 8(1), 46–55 (1996)
Meyerson, A., Williams, R.: On the complexity of optimal k-anonymity. In: Proceedings of the Twenty-third ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS), pp. 223–228 (2004)
Miklau, G., Suciu, D.: A formal analysis of information disclosure in data exchange. In: Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD Conference), pp. 575–586 (2004)
Muralidhar, K., Sarathy, R.: Security of random data perturbation methods. ACM Transactions on Database Systems (TODS) 24(4), 487–493 (1999)
Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Transactions on Knowledge and Data Engineering 13(6), 1010–1027 (2001)
Sweeney, L.: Achieving k-anonymity privacy protection using generalization and suppression. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10(5), 571–578 (2002)
Wang, L., Wijesekera, D., Jajodia, S.: Cardinality-based inference control in sum-only data cubes. In: Proceedings of 7th European Symposium on Research in Computer Security (ESORICS), pp. 55–71 (2002)
Yao, C., Wang, X.S., Jajodia, S.: Checking for k-anonymity violation by views. In: Proceedings of the 31st International Conference on Very Large Data Bases (VLDB), pp. 910–921 (2005)
Zhang, Z., Mendelzon, A.O.: Authorization views and conditional query containment. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 259–273. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yao, C., Wang, L., Wang, S.X., Jajodia, S. (2006). Indistinguishability: The Other Aspect of Privacy. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2006. Lecture Notes in Computer Science, vol 4165. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11844662_1
Download citation
DOI: https://doi.org/10.1007/11844662_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-38984-2
Online ISBN: 978-3-540-38987-3
eBook Packages: Computer ScienceComputer Science (R0)