An Information-Theoretic Privacy Criterion for Query Forgery in Information Retrieval

  • David Rebollo-Monedero
  • Javier Parra-Arnau
  • Jordi Forné
Part of the Communications in Computer and Information Science book series (CCIS, volume 259)


In previous work, we presented a novel information-theoretic privacy criterion for query forgery in the domain of information retrieval. Our criterion measured privacy risk as a divergence between the user’s and the population’s query distribution, and contemplated the entropy of the user’s distribution as a particular case. In this work, we make a twofold contribution. First, we thoroughly interpret and justify the privacy metric proposed in our previous work, elaborating on the intimate connection between the celebrated method of entropy maximization and the use of entropies and divergences as measures of privacy. Secondly, we attempt to bridge the gap between the privacy and the information-theoretic communities by substantially adapting some technicalities of our original work to reach a wider audience, not intimately familiar with information theory and the method of types.


Information Retrieval Relative Entropy Trusted Third Party Reference Distribution Large Deviation Theory 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Fallows, D.: Search engine users, Pew Internet and Amer. Life Project, Res. Rep. (January 2005)Google Scholar
  2. 2.
    Rebollo-Monedero, D., Forné, J.: Optimal query forgery for private information retrieval. IEEE Trans. Inform. Theory 56(9), 4631–4642 (2010)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Mokbel, M.F., Chow, C., Aref, W.G.: The new Casper: query processing for location services without compromising privacy. In: Proc. Int. Conf. Very Large Databases, Seoul, Korea, pp. 763–774 (2006)Google Scholar
  4. 4.
    Duckham, M., Mason, K., Stell, J., Worboys, M.: A formal approach to imperfection in geographic information. Elsevier Comput., Environ., Urban Syst. 25(1), 89–103 (2001)CrossRefGoogle Scholar
  5. 5.
    Rebollo-Monedero, D., Forné, J., Subirats, L., Solanas, A., Martínez-Ballesté, A.: A collaborative protocol for private retrieval of location-based information. In: Proc. IADIS Int. Conf. e-Society, Barcelona, Spain (February 2009)Google Scholar
  6. 6.
    Rebollo-Monedero, D., Forné, J., Solanas, A., Martínez-Ballesté, T.: Private location-based information retrieval through user collaboration. Elsevier Comput. Commun. 33(6), 762–774 (2010), CrossRefGoogle Scholar
  7. 7.
    Elovici, Y., Shapira, B., Maschiach, A.: A new privacy model for hiding group interests while accessing the web. In: Proc. ACM Workshop on Privacy in the Electron. Society, pp. 63–70. ACM, Washington, DC (2002)CrossRefGoogle Scholar
  8. 8.
    Shapira, B., Elovici, Y., Meshiach, A., Kuflik, T.: PRAW – The model for PRivAte Web. J. Amer. Soc. Inform. Sci., Technol. 56(2), 159–172 (2005)CrossRefGoogle Scholar
  9. 9.
    Samarati, P., Sweeney, L.: Protecting privacy when disclosing information: k-Anonymity and its enforcement through generalization and suppression. SRI Int., Tech. Rep (1998)Google Scholar
  10. 10.
    Sun, X., Wang, H., Li, J., Truta, T.M.: Enhanced p-sensitive k-anonymity models for privacy preserving data publishing. Trans. Data Privacy 1(2), 53–66 (2008)MathSciNetGoogle Scholar
  11. 11.
    Truta, T.M., Vinay, B.: Privacy protection: p-sensitive k-anonymity property. In: Proc. Int. Workshop Privacy Data Manage (PDM), Atlanta, GA, p. 94 (2006)Google Scholar
  12. 12.
    Machanavajjhala, A., Gehrke, J., Kiefer, D., Venkitasubramanian, M.: l-Diversity: Privacy beyond k-anonymity. In: Proc. IEEE Int. Conf. Data Eng (ICDE), Atlanta, GA, p. 24 (April 2006)Google Scholar
  13. 13.
    Jian-min, H., Ting-ting, C., Hui-qun, Y.: An improved V-MDAV algorithm for l-diversity. In: Proc. IEEE Int. Symp. Inform. Processing (ISIP), Moscow, Russia, pp. 733–739 (May 2008)Google Scholar
  14. 14.
    Domingo-Ferrer, J., Torra, V.: A critique of k-anonymity and some of its enhancements. In: Proc. Workshop Privacy, Security, Artif. Intell. (PSAI), Barcelona, Spain, pp. 990–993 (2008)Google Scholar
  15. 15.
    Li, N., Li, T., Venkatasubramanian, S.: t-Closeness: Privacy beyond k-anonymity and l-diversity. In: Proc. IEEE Int. Conf. Data Eng (ICDE), Istanbul, Turkey, pp. 106–115 (April 2007)Google Scholar
  16. 16.
    Rebollo-Monedero, D., Forné, J., Domingo-Ferrer, J.: From t-Closeness to PRAM and Noise Addition Via Information Theory. In: Domingo-Ferrer, J., Saygın, Y. (eds.) PSD 2008. LNCS, vol. 5262, pp. 100–112. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  17. 17.
    Rebollo-Monedero, D., Forné, J., Domingo-Ferrer, J.: From t-closeness-like privacy to postrandomization via information theory. IEEE Trans. Knowl. Data Eng. 22(11), 1623–1636 (2010), CrossRefGoogle Scholar
  18. 18.
    Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards Measuring Anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Díaz, C.: Anonymity and privacy in electronic services. Ph.D. dissertation, Katholieke Univ. Leuven (December 2005)Google Scholar
  20. 20.
    Parra-Arnau, J., Rebollo-Monedero, D., Forné, J.: A Privacy-Preserving Architecture for the Semantic Web Based on Tag Suppression. In: Katsikas, S., Lopez, J., Soriano, M. (eds.) TrustBus 2010. LNCS, vol. 6264, pp. 58–68. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory, 2nd edn. Wiley, New York (2006)zbMATHGoogle Scholar
  22. 22.
    Jaynes, E.T.: On the rationale of maximum-entropy methods. Proc. IEEE 70(9), 939–952 (1982)CrossRefGoogle Scholar
  23. 23.
    Brillouin, L.: Science and Information Theory. Academic-Press, New York (1962)zbMATHGoogle Scholar
  24. 24.
    Jaynes, E.T.: Papers on Probability, Statistics and Statistical Physics. Reidel, Dordrecht (1982)zbMATHGoogle Scholar
  25. 25.
    Burg, J.P.: Maximum entropy spectral analysis. Ph.D. dissertation, Stanford Univ. (1975)Google Scholar
  26. 26.
    Berger, A.L., Della Pietra, J., Della Pietra, A.: A maximum entropy approach to natural language processing. MIT Comput. Ling. 22(1), 39–71 (1996)Google Scholar
  27. 27.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Syst., Tech. J. (1949)Google Scholar
  28. 28.
    Wyner, A.: The wiretap channel. Bell Syst., Tech. J. 54 (1975)Google Scholar
  29. 29.
    Csiszár, I., Körner, J.: Broadcast channels with confidential messages. IEEE Trans. Inform. Theory 24, 339–348 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  30. 30.
    Jaynes, E.T.: Information theory and statistical mechanics II. Phys. Review Ser. II 108(2), 171–190 (1957)MathSciNetzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • David Rebollo-Monedero
    • 1
  • Javier Parra-Arnau
    • 1
  • Jordi Forné
    • 1
  1. 1.Department of Telematics EngineeringTechnical University of Catalonia (UPC)BarcelonaSpain

Personalised recommendations