A User-Oriented Anonymization Mechanism for Public Data

  • Shinsaku Kiyomoto
  • Toshiaki Tanaka
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6514)


A challenging task in privacy protection for public data is to realize an algorithm that generalizes a table according to a user’s requirement. In this paper, we propose an anonymization scheme for generating a k-anonymous table, and show evaluation results using three different tables. Our scheme is based on full-domain generalization and the requirements are automatically incorporated into the generated table. The scheme calculates the scores of intermediate tables based on user-defined priorities for attributes and selects a table suitable for the user’s requirements. Thus, the generated table meets user’s requirements and is employed in the services provided by users without any modification or evaluation.


Basic Algorithm Prototype System Privacy Protection Generalization Algorithm Transaction Time 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adam, N.R., Wortmann, J.C.: Security-control methods for statistical database: a comparative study. ACM Comp. Surv. 21(4), 515–556 (1989)CrossRefGoogle Scholar
  2. 2.
    Aggarwal, C.C., Yu, P.S.: On variable constraints in privacy preserving data mining. In: Proc. of the 5th SIAM International Conference on Data Mining, pp. 115–125 (2005)Google Scholar
  3. 3.
    Aggarwal, G., Feder, T., Kenthapadi, K., Motwani, R., Panigrahy, R., Thomas, D., Zhu, A.: Anonymizing tables. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 246–258. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Aggarwal, G., Feder, T., Kenthapadi, K., Motwani, R., Panigrahy, R., Thomas, D., Zhu, A.: Approximation algorithms for k-anonymity. Journal of Privacy Technology (2005)Google Scholar
  5. 5.
    Al-Fedaghi, S.S.: Balanced k-anonymity. In: Proc. of WASET, vol. 6, pp. 179–182 (2005)Google Scholar
  6. 6.
    Asuncion, A., Newman, D.J.: UCI machine learning repository (2007)Google Scholar
  7. 7.
    Bayardo, R.J., Agrawal, R.: Data privacy through optimal k-anonymity. In: Proc. of ICDE 2005, pp. 217–228 (2005)Google Scholar
  8. 8.
    Byun, J.-W., Kamra, A., Bertino, E., Li, N.: Efficient k-anonymity using clustering technique. In: Proc. of the International Conference on Database Systems for Advanced Applications, pp. 188–200 (2007)Google Scholar
  9. 9.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: k-anonymous data mining: A survey. In: Privacy-Preserving Data Mining: Models and Algorithms. Springer, Heidelberg (2008)Google Scholar
  10. 10.
    Dalenius, T.: Finding a needle in a haystack —or identifying anonymous census record. Journal of Official Statistics 2(3), 329–336 (1986)Google Scholar
  11. 11.
    Duncan, G., Lambert, D.: The risk of disclosure for microdata. J. Buisiness & Economic Statistics 7, 207–217 (1989)Google Scholar
  12. 12.
    Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Dwork, C.: Differential privacy: A survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: Privacy via distributed noise generation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 486–503. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Fienberg, S.E., McIntyre, J.: Data swapping: Variations on a theme by dalenius and reiss. In: Domingo-Ferrer, J., Torra, V. (eds.) PSD 2004. LNCS, vol. 3050, pp. 14–29. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Iyengar, V.S.: Transforming data to satisfy privacy constraints. In: Proc. of ACM SIGKDD 2002, pp. 279–288. ACM, New York (2002)Google Scholar
  18. 18.
    Kiyomoto, S., Martin, K.M.: Towards a common notion of privacy leakage on public database. In: Proc. of BWCCA 2010 (2010) (to appear)Google Scholar
  19. 19.
    LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: Proc. of SIGMOD 2005, pp. 49–60 (2005)Google Scholar
  20. 20.
    LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Mondrian multidimensional k-anonymity. In: Proc. of the 22nd International Conference on Data Engineering (ICDE 2006), pp. 25–35. IEEE, Los Alamitos (2006)CrossRefGoogle Scholar
  21. 21.
    LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Workload-aware anonymization. In: Proc. ACM SIGKDD 2006, pp. 277–286. ACM, New York (2006)Google Scholar
  22. 22.
    Lin, J.-L., Wei, M.-C.: An efficient clustering method for k-anonymization. In: Proc. of the 2008 International Workshop on Privacy and Anonymity in Information Society (PAIS 2008), pp. 46–50. ACM, New York (2008)CrossRefGoogle Scholar
  23. 23.
    Loukides, G., Tziatzios, A., Shao, J.: Towards preference-constrained k-anonymisation, pp. 231–245 (2009)Google Scholar
  24. 24.
    Machanavajjhala, A., Gehrke, J., Kifer, D.: l-diversity: Privacy beyond k-anonymity. In: Proc. of ICDE 2006, pp. 24–35 (2006)Google Scholar
  25. 25.
    Machanavajjhala, A., Gehrke, J., Kifer, D.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: Proc. of ICDE 2007, pp. 106–115 (2007)Google Scholar
  26. 26.
    Meyerson, A., Williams, R.: On the complexity of optimal k-anonymity. In: Proc. of PODS 2004, pp. 223–228 (2004)Google Scholar
  27. 27.
    Miller, J., Campan, A., Truta, T.M.: Constrained k-anonymity: Privacy with generalization boundaries. In: Proc. of the Practical Preserving Data Mining Workshop, P3DM 2008 (2008)Google Scholar
  28. 28.
    Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Trans. on Knowledge and Data Engineering 13(6), 1010–1027 (2001)CrossRefGoogle Scholar
  29. 29.
    Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information. In: Proc. of the 17th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS 1998), p. 188 (1998)Google Scholar
  30. 30.
    Sun, X., Wang, H., Li, J., Truta, T.M., Li, P.: (p  + , α)-sensitive k-anonymity: a new enhanced privacy protection model. In: Proc. of CIT 2008, pp. 59–64 (2008)Google Scholar
  31. 31.
    Sweeney, L.: Achieving k-anonymity privacy protection using generalization and suppression. J. Uncertainty, Fuzziness, and Knowledge-Base Systems 10(5), 571–588 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Truta, T.M., Campan, A.: K-anonymization incremental maintenance and optimization techniques. In: Proceedings of the 2007 ACM Symposium on Applied Computing (SAC 2007), pp. 380–387. ACM, New York (2007)Google Scholar
  33. 33.
    Truta, T.M., Vinay, B.: Privacy protection: p-sensitive k-anonymity property. In: Proc. of ICDE 2006, pp. 94–103 (2006)Google Scholar
  34. 34.
    Willenborg, L., de Waal, T.: Elements of Statistical Disclosure Control. LNS, vol. 155. Springer, Heidelberg (2001)zbMATHGoogle Scholar
  35. 35.
    Winkler, W.E.: Masking and re-identification methods for public-use microdata: Overview and research problems. In: Domingo-Ferrer, J., Torra, V. (eds.) PSD 2004. LNCS, vol. 3050, pp. 231–246. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  36. 36.
    Wong, R.C.-W., Li, J., Fu, A.W.-C., Wang, K.: (α, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing. In: Proc. of ACM SIGKDD 2006, pp. 754–759 (2006)Google Scholar
  37. 37.
    Xiao, X., Tao, Y.: Personalized privacy preservation. In: Proc. of SIGMOD 2006, pp. 229–240. ACM, New York (2006)Google Scholar
  38. 38.
    Xu, J., Wang, W., Pei, J., Wang, X., Shi, B., Fu, A.W.-C.: Utility-based anonymization for privacy preservation with less information loss. SIGKDD Explor. Newsl. 8(2), 21–30 (2006)CrossRefGoogle Scholar
  39. 39.
    Xu, J., Wang, W., Pei, J., Wang, X., Shi, B., Fu, A.W.-C.: Utility-based anonymization using local recoding. In: Proc. of ACM SIGKDD 2006, pp. 785–790. ACM, New York (2006)Google Scholar
  40. 40.
    Zhu, H., Ye, X.: Achieving k-anonymity via a density-based clustering method. In: Dong, G., Lin, X., Wang, W., Yang, Y., Yu, J.X. (eds.) APWeb/WAIM 2007. LNCS, vol. 4505, pp. 745–752. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Shinsaku Kiyomoto
    • 1
  • Toshiaki Tanaka
    • 1
  1. 1.KDDI R & D Laboratories Inc.Fujimino-shiJapan

Personalised recommendations