E-Book, Englisch, 198 Seiten
Nin / Herranz Privacy and Anonymity in Information Management Systems
1. Auflage 2010
ISBN: 978-1-84996-238-4
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
New Techniques for New Practical Problems
E-Book, Englisch, 198 Seiten
Reihe: Advanced Information and Knowledge Processing
ISBN: 978-1-84996-238-4
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
As depicted in David Lodge's celebrated novel Small World, the perceived size of our world experienced a progressive decrease as jet airplanes became affordable to ever greater shares of the earth's population. Yet, the really dramatic shrinking had to wait until the mid-1990s, when Internet became widespread and the information age stopped being an empty buzzword. But small is not necessarily beautiful. We now live in a global village and, alas, some (often very powerful) voices state that we ought not expect any more privacy in it. Should this be true, we would have created our own nightmare: a global village combining the worst of conventional villages, where a lot of information on an individual is known by the other villagers, and conventional big cities, where the invidual feels lost in a grim and potentially dangerous place. Whereas security is essential for organizations to survive, individuals and so- times even companies also need some privacy to develop comfortably and lead a free life. This is the reason why individual privacy is mentioned in the Univ- sal Declaration of Human Rights (1948) and data privacy is protected by law in most Western countries. Indeed, without privacy, the rest of fundamental rights, like freedom of speech and democracy, are impaired. The outstanding challenge is to create technology that implements those legal guarantees in a way compatible with functionality and security. This book edited by Dr. Javier Herranz and Dr.
Jordi Nin (Barcelona, Catalonia, 1979; BSc 2004, MSc 2007, PhD 2008 all in Computer Science) is a post-doctoral researcher at the Artificial Intelligence Research Institute (IIIA-CSIC) near Barcelona, Catalonia, Spain. His fields of interest are privacy technologies, machine learning and soft computing tools. He has been involved in several research projects funded by the Catalan and Spanish governments and the European Community. His research has been published in specialized journals and major conferences (around 30 papers). Javier Herranz obtained his PhD in Applied Mathematics in 2005, in the Technial University of Catalonia (UPC, Barcelona, Spain). After that he spent 9 months in the Ecole Polytechnique (France) and 9 months in the Centrum voor Wiskunde en Informatica (CWI, The Netherlands), as a post-doctoral researcher, granted with an ERCIM fellowship. From January 2007, he works as a post-doctoral researcher at IIIA-CSIC (Bellaterra, Spain). His research interests include the design and analysis of cryptographic protols and the study of privacy preserving operations involving databases.
Autoren/Hrsg.
Weitere Infos & Material
1;Foreword;6
2;Acknowledgments;8
3;Contents;9
4;Contributors;11
5;Part I Overview;13
5.1;1 Introduction to Privacy and Anonymity in Information Management Systems ;14
5.1.1;1.1 Background and Motivation;14
5.1.2;1.2 Organization of the Book;15
5.1.2.1;1.2.1 Part II: Theory of SDC;15
5.1.2.2;1.2.2 Part III: Preserving Privacy in Distributed Applications;16
5.2;2 Advanced Privacy-Preserving Data Managementand Analysis;18
5.2.1;2.1 Introduction;18
5.2.2;2.2 Managing Anonymized Data;20
5.2.2.1;2.2.1 Randomization-Based Anonymization Techniques;20
5.2.2.2;2.2.2 Aggregation-Based Anonymization Techniques;22
5.2.3;2.3 Managing Time-Varying Anonymized Data;23
5.2.3.1;2.3.1 Anonymizing Multiple Releases;24
5.2.3.2;2.3.2 Anonymizing Data Streams;26
5.2.4;2.4 Privacy-Preserving Data Analysis (PPDA);27
5.2.4.1;2.4.1 Privacy-Preserving Association Rule Mining;27
5.2.4.2;2.4.2 Privacy-Preserving Classification;29
5.2.4.3;2.4.3 Privacy-Preserving Clustering;33
5.2.5;2.5 Conclusions;35
5.2.6;References;36
6;Part II Theory of SDC;39
6.1;3 Practical Applications in Statistical Disclosure ControlUsing R;40
6.1.1;3.1 Microdata Protection Using sdcMicro;40
6.1.1.1;3.1.1 Software Issues;41
6.1.1.2;3.1.2 The sdcMicro GUI;41
6.1.1.3;3.1.3 Anonymization of Categorical Variables;43
6.1.1.4;3.1.4 Anonymization of Numerical Variables;52
6.1.1.5;3.1.5 Disclosure Risk;55
6.1.1.6;3.1.6 Case Study Using Real-World Data;57
6.1.2;3.2 Tabular Data Protection Using sdcTable;59
6.1.2.1;3.2.1 Frequency and Magnitude Tables;59
6.1.2.2;3.2.2 Primary Sensitive Cells;60
6.1.2.3;3.2.3 Secondary Cell Suppression;61
6.1.2.4;3.2.4 Software Issues;61
6.1.2.5;3.2.5 Anonymizing Tables Using sdcTable -- A Guided Tour;63
6.1.2.6;3.2.6 Summary;68
6.1.3;3.3 Summary;68
6.1.4;References;69
6.2;4 Disclosure Risk Assessment for Sample Microdata Through Probabilistic Modeling ;72
6.2.1;4.1 Introduction;72
6.2.2;4.2 Disclosure Risk Measures and Their Estimation;75
6.2.2.1;4.2.1 Notation and Definitions;75
6.2.2.2;4.2.2 Estimating the Disclosure Risk;76
6.2.2.3;4.2.3 Model Selection and Goodness-of-Fit Criteria;78
6.2.3;4.3 Complex Survey Designs;80
6.2.4;4.4 Measurement Error Models for Disclosure Risk Measures;81
6.2.5;4.5 Variance Estimation for Global Disclosure Risk Measures;83
6.2.6;4.6 Examples of Applications;85
6.2.6.1;4.6.1 Estimating Disclosure Risk Measures Under No Misclassification;85
6.2.6.2;4.6.2 Estimating Disclosure Risk Measures Under Misclassification;90
6.2.6.3;4.6.3 Variance Estimation and Confidence Intervals;93
6.2.7;4.7 Extensions to Probabilistic Modeling for Disclosure Risk Estimation;93
6.2.8;References;97
6.3;5 Exploiting Auxiliary Information in the Estimation of Per-Record Risk of Disclosure ;99
6.3.1;5.1 Introduction;100
6.3.2;5.2 Risk Measures and Models for Risk Estimation;101
6.3.2.1;5.2.1 Superpopulation Models for Risk Estimation with Survey Data;102
6.3.2.2;5.2.2 SPREE-Type Estimators for Cross-Classifications;104
6.3.3;5.3 Simulation Plan and Data;108
6.3.4;5.4 Risk Estimators and Simulation Results;110
6.3.5;5.5 Comments;116
6.3.6;References;118
6.4;6 Statistical Disclosure Control in Tabular Data ;120
6.4.1;6.1 Introduction;120
6.4.2;6.2 Tabular Data: Types and Modeling;122
6.4.2.1;6.2.1 Classification of Tables;122
6.4.2.2;6.2.2 Modeling Tables;124
6.4.3;6.3 Sensitive Cells and Sensitivity Rules;127
6.4.3.1;6.3.1 The Threshold Rule for Frequency Tables;127
6.4.3.2;6.3.2 The (n,k) and p% Rules for Magnitude Tables;127
6.4.4;6.4 Tabular Data Protection Methods;129
6.4.4.1;6.4.1 Recoding;129
6.4.4.2;6.4.2 Cell Suppression;130
6.4.4.3;6.4.3 Controlled Rounding;133
6.4.4.4;6.4.4 Controlled Tabular Adjustment;134
6.4.5;6.5 Conclusions;136
6.4.6;References;136
7;Part III Preserving Privacy in Distributed Applications;139
7.1;7 From Collaborative to Privacy-Preserving SequentialPattern Mining;140
7.1.1;7.1 Introduction;140
7.1.2;7.2 Problem Statement;142
7.1.2.1;7.2.1 Mining of Sequential Patterns;142
7.1.2.2;7.2.2 From Collaborative to Privacy-Preserving Sequential Pattern Mining;144
7.1.3;7.3 The PRIPSEP Approach;145
7.1.3.1;7.3.1 Collaborative Sequential Pattern Mining;146
7.1.3.2;7.3.2 From Collaborative to Privacy-Preserving Sequential Pattern Mining;148
7.1.3.3;7.3.3 Improving the Robustness of the System;157
7.1.4;7.4 Conclusion;158
7.1.5;References;159
7.2;8 Pseudonymized Data Sharing ;162
7.2.1;8.1 Introduction;162
7.2.1.1;8.1.1 Security Properties;163
7.2.1.2;8.1.2 Relevance;165
7.2.1.3;8.1.3 Related Work;165
7.2.2;8.2 Description of a Pseudonymized Data Sharing System;165
7.2.2.1;8.2.1 Syntax;166
7.2.2.2;8.2.2 Security Requirements;167
7.2.2.3;8.2.3 Notation;167
7.2.3;8.3 Basic Tools;169
7.2.3.1;8.3.1 Symmetric Encryption with Semantic Security;169
7.2.3.2;8.3.2 Decisional Diffie--Hellman Assumption;170
7.2.3.3;8.3.3 Pairings;170
7.2.3.4;8.3.4 Commutative Encryption;171
7.2.3.5;8.3.5 Intersection Protocol;172
7.2.4;8.4 A Pseudonym Scheme with Ubiquitous TTP;173
7.2.5;8.5 A Basic Pseudonym Scheme with Light TTP;175
7.2.6;8.6 A Fully Secure Pseudonym Scheme with Light TTP;179
7.2.7;8.7 Conclusion;183
7.2.8;References;183
7.3;9 Privacy-Aware Access Control in Social Networks: Issues and Solutions ;185
7.3.1;9.1 Introduction;185
7.3.2;9.2 Access Control Requirements;187
7.3.3;9.3 Privacy Issues in OSN Access Control;190
7.3.4;9.4 Review of the Literature;191
7.3.4.1;9.4.1 Access Control Models;191
7.3.4.2;9.4.2 Privacy-Aware Access Control;194
7.3.5;9.5 Conclusions and Future Research Directions;197
7.3.6;References;198
8;Index;200
