Skip to main content
SpringerLink
Log in

Privacy-Enhancing Technologies and Metrics in Personalized Information Systems

  • Chapter
  • First Online:
Advanced Research in Data Privacy

Part of the book series: Studies in Computational Intelligence ((SCI,volume 567))

Abstract

In recent times we are witnessing the emergence of a wide variety of information systems that tailor the information-exchange functionality to meet the specific interests of their users. Most of these personalized information systems capitalize on, or lend themselves to, the construction of user profiles, either directly declared by a user, or inferred from past activity. The ability of these systems to profile users is therefore what enables such intelligent functionality, but at the same time, it is the source of serious privacy concerns. The purpose of this paper is twofold. First, we survey the state of the art in privacy-enhancing technologies for applications where personalization comes in. In particular, we examine the assumptions upon which such technologies build, and then classify them into five broad categories, namely, basic anti-tracking technologies, cryptography-based methods from private information retrieval, approaches relying on trusted third parties, collaborative mechanisms and data-perturbative techniques. Secondly, we review several approaches for evaluating the effectiveness of those technologies. Specifically, our study of privacy metrics explores the measurement of the privacy of user profiles in the still emergent field of personalized information systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Technically, machines, not users, are identified by addresses.

  2. 2.

    http://unescoprivacychair.urv.cat/goopir.php.

  3. 3.

    Shannon’s entropy of a discrete r.v. is a measure of the uncertainty of the outcome of this r.v.

References

  1. Ritholtz, B.: Things that happen on internet every sixty seconds. http://www.ritholtz.com/blog/2011/12/60-seconds-things-that-happen-every-sixty-seconds/ (2011)

  2. Grossman, W.M.: alt.scientology.war (1996)

    Google Scholar 

  3. AOL search data scandal: http://en.wikipedia.org/wiki/AOL-search-data-leak (2006). Accessed 15 Nov 2013

  4. Shen, X., Tan, B., Zhai, C.: Privacy protection in personalized search. ACM Spec. Interest Group Inform. Retrieval (SIGIR). Forum 41(1), 4–17 (2007)

    Google Scholar 

  5. Srisuresh, P., Holdrege, M.: IP network address translator (NAT) terminology and considerations. RFC 2663 (Informational) (1999)

    Google Scholar 

  6. Droms, R.: Dynamic host configuration protocol. RFC 2131 (Draft Standard) Updated by RFCs 3396, 4361, 5494, 6842 (1997)

    Google Scholar 

  7. Ostrovsky, R., Skeith III, W.E.: A survey of single-database PIR: Techniques and applications. In: Proceedings of International Conference on Practice, Theory Public-Key Cryptography (PKC). Lecture Notes in Computer Science (LNCS), vol. 4450, pp. 393–411. Beijing, China, Springer-Verlag (2007)

    Google Scholar 

  8. Ghinita, G., Kalnis, P., Khoshgozaran, A., Shahabi, C., Tan, K.L.: Private queries in location based services: anonymizers are not necessary. In: Proceedings ACM SIGMOD International Conference Management of Data, pp. 121–132. Vancouver, Canada (2008)

    Google Scholar 

  9. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings IEEE Annual Symposium Foundations of Computer Science (FOCS), pp. 41–50. Milwaukee, WI (1995)

    Google Scholar 

  10. Kushilevitz, E., Ostrovsky, R.: Replication is not needed: single database, computationally-private information retrieval. In: Proceedings of the IEEE Annual Symposium Foundations on Computer Science (FOCS), pp. 364–373. IEEE Computer Society (1997)

    Google Scholar 

  11. Yekhanin, S.: Private information retrieval. Commun. ACM 53(4), 68–73 (2010)

    Google Scholar 

  12. Canny, J.: Collaborative filtering with privacy via factor analysis. In: Proceedings ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 238–245. Tampere, Finland, ACM (2002)

    Google Scholar 

  13. Canny, J.F.: Collaborative filtering with privacy. In: Proceedings of the IEEE Symposium on Security and Privacy (SP), pp. 45–57 (2002)

    Google Scholar 

  14. Ahmad, W., Khokhar, A.: An architecture for privacy preserving collaborative filtering on Web portals. In: Proceedings IEEE International Symposium on Information Assurance and Security (IAS), pp. 273–278. IEEE Computer Society, Washington, DC (2007)

    Google Scholar 

  15. Zhan, J., Hsieh, C.L., Wang, I.C., Hsu, T.S., Liau, C.J., Wang, D.W.: Privacy-preserving collaborative recommender systems. IEEE Trans. Syst. Man, Cybern. 40(4), 472–476 (2010)

    Google Scholar 

  16. Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)

    Google Scholar 

  17. Benjumea, V., López, J., Linero, J.M.T.: Specification of a framework for the anonymous use of privileges. Telemat. Informat. 23(3), 179–195 (2006)

    Google Scholar 

  18. Bianchi, G., Bonola, M., Falletta, V., Proto, F.S., Teofili, S.: The SPARTA pseudonym and authorization system. Sci. Comput. Program. 74(1–2), 23–33 (2008)

    Article  MathSciNet  Google Scholar 

  19. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)

    Article  Google Scholar 

  20. Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: active attacks on several mix types. In: Proceedings of Information Hiding Workshop (IH), pp. 36–52. Springer-Verlag (2002)

    Google Scholar 

  21. Serjantov, A., Newman, R.E.: On the anonymity of timed pool mixes. In: Proceedings of the Workshop on Privacy and Anonymity Issues in Networked and Distributed Systems, pp. 427–434. Kluwer (2003)

    Google Scholar 

  22. Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster protocol—version 2. Internet draft, Internet Eng. Task Force (2003) Accessed 18 Feb 2014.

    Google Scholar 

  23. Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-go mixes: providing probabilistic anonymity in an open system. In: Proceedings of Information Hiding Workshop (IH), pp. 83–98. Springer-Verlag (1998)

    Google Scholar 

  24. Rennhard, M., Plattner, B.: Practical anonymity for the masses with mix-networks. In: Proceedings of International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), pp. 255–260. IEEE Computer Society (2003)

    Google Scholar 

  25. Danezis, G.: Mix-networks with restricted routes. In: Proceedings of International Symposium on Privacy Enhancing Technologies Symposium (PETS). Lecture Notes in Computer Science (LNCS), pp. 1–17 (2003)

    Google Scholar 

  26. Reiter, M.K., Rubin, A.D.: Crowds: anonymity for Web transactions. ACM Trans. Inform. Syst. Secur. 1(1), 66–92 (1998)

    Article  Google Scholar 

  27. Tripp-Barba, C., Urquiza, L., Aguilar, M., Parra-Arnau, J., Rebollo-Monedero, D., J. Forné, E.P.: A collaborative protocol for anonymous reporting in vehicular adhoc networks. Comput. Stand. Interf. 36:1, 188–197 (2013) (To appear)

    Google Scholar 

  28. Rebollo-Monedero, D., Forné, J., Pallarès, E., Parra-Arnau, J., Tripp, C., Urquiza, L., Aguilar, M.: On collaborative anonymous communications in lossy networks. Secur Commun. Netw (2013). doi:10.1002/sec.793

  29. Rebollo-Monedero, D., Forné, J., Solanas, A., Martnez-Ballesté, T.: Private location-based information retrieval through user collaboration. Comput. Commun. 33(6), 762–774 (2010)

    Article  Google Scholar 

  30. Erola, A., Castellà-Roca, J., Viejo, A., Mateo-Sanz, J.M.: Exploiting social networks to provide privacy in personalized Web search. J. Syst. Softw. 84(10), 1734–745 (2011)

    Google Scholar 

  31. Rebollo-Monedero, D., Forné, J., Domingo-Ferrer, J.: Coprivate query profile obfuscation by means of optimal query exchange between users. IEEE Trans. Depend. Secure Comput. 9(5), 641–654 (2012)

    Google Scholar 

  32. Domingo-Ferrer, J., González-Nicolás, Ú.: Rational behavior in peer-to-peer profile obfuscation for anonymous keyword search. Inform. Sci. 185(1), 191–204 (2012)

    Article  Google Scholar 

  33. Rebollo-Monedero, D., Forné, J.: Optimal query forgery for private information retrieval. IEEE Trans. Inform. Theory 56(9), 4631–4642 (2010)

    Article  MathSciNet  Google Scholar 

  34. Elovici, Y., Shapira, B., Maschiach, A.: A new privacy model for hiding group interests while accessing the Web. In: Proceedings of Workshops on Privacy in the Electronic Society, pp. 63–70. ACM, Washington, DC (2002)

    Google Scholar 

  35. Elovici, Y., Shapira, B., Maschiach, A.: A new privacy model for Web surfing. In: Proceedings of International Workshop on Next Generation Information Technologies and System (NGITS), pp. 45–57.Springer-Verlag (2002)

    Google Scholar 

  36. Elovici, Y., Glezer, C., Shapira, B.: Enhancing customer privacy while searching for products and services on the World Wide Web. Internet Res. 15(4), 378–399 (2005)

    Article  Google Scholar 

  37. Elovici, Y., Shapira, B., Meshiach, A.: Cluster-analysis attack against a private Web solution (PRAW). Online Inform. Rev. 30, 624–643 (2006)

    Article  Google Scholar 

  38. Ye, S., Wu, F., Pandey, R., Chen, H.: Noise injection for search privacy protection. In: Proceedings of IEEE International Conference on Computational Science and Engineering, pp. 1–8. IEEE Computer Society (2009)

    Google Scholar 

  39. Howe, D.C., Nissenbaum, H.: TrackMeNot: Resisting surveillance in Web search. In: Lessons from the Identity Trail: Privacy, Anonymity and Identity in a Networked Society, pp. 417–436. Oxford University Press, NY (2009)

    Google Scholar 

  40. Chow, R., Golle, P.: Faking contextual data for fun, profit, and privacy. In: Proceedings of ACM workshop on Privacy in the Electronic Society, pp. 105–108. ACM (2009)

    Google Scholar 

  41. Domingo-Ferrer, J., Solanas, A., Castellà-Roca, J.: \(h(k)\)-private information retrieval from privacy-uncooperative queryable databases. Online Inform. Rev. 33(4), 720–744 (2009)

    Article  Google Scholar 

  42. Balsa, E., Troncoso, C., Daz, C.: OB-PWS: Obfuscation-based private Web search. In: Proceedings of IEEE Symposium on Security and Privacy (SP), pp. 491–505. IEEE Computer Society (2012)

    Google Scholar 

  43. Parra-Arnau, J., Rebollo-Monedero, D., Forné, J.: A privacy-preserving architecture for the semantic Web based on tag suppression. In: Proceedings of International Conference on Trust, Privacy and Security in Digital Business (TrustBus). Lecture Notes in Computer Science (LNCS), vol. 6264, pp. 58–68. Bilbao, Spain (2010)

    Google Scholar 

  44. Parra-Arnau, J., Rebollo-Monedero, D., Forné, J., Muñoz, J.L., Esparza, O.: Optimal tag suppression for privacy protection in the semantic Web. Data Knowl. Eng. 8182, 46–66 (2012)

    Google Scholar 

  45. Parra-Arnau, J., Perego, A., Ferrari, E., Forné, J., Rebollo-Monedero, D.: Privacy-preserving enhanced collaborative tagging. IEEE Trans. Knowl. Data Eng. 26(1), 180–193 (2014)

    Google Scholar 

  46. Parra-Arnau, J., Rebollo-Monedero, D., Forné, J.: A privacy-protecting architecture for collaborative filtering via forgery and suppression of ratings. In: Proceedings of the International Workshop on Data Privacy Management (DPM). Lecture Notes in Computer Science (LNCS), vol. 7122, pp. 42–57. Leuven, Belgium (2011)

    Google Scholar 

  47. Parra-Arnau, J., Rebollo-Monedero, D., Forné, J.: Optimal forgery and suppression of ratings for privacy enhancement in recommendation systems. Entropy 16(3), 1586–1631 (2014)

    Google Scholar 

  48. Xu, Y., Wang, K., Zhang, B., Chen, Z.: Privacy-enhancing personalized web search. In: Proceedings of the International WWW Conference, pp. 591–600. ACM (2007)

    Google Scholar 

  49. Goldschlag, D., Reed, M., Syverson, P.: Hiding routing information. In: Proceedings of International Workshop on Information Hiding (IH), pp. 137–150 (1996)

    Google Scholar 

  50. Kuflik, T., Shapira, B., Elovici, Y., Maschiach, A.: Privacy preservation improvement by learning optimal profile generation rate. In: User Modeling. Lecture Notes in Computer Science (LNCS), vol. 2702, pp. 168–177. Springer-Verlag (2003)

    Google Scholar 

  51. Shapira, B., Elovici, Y., Meshiach, A., Kuflik, T.: PRAW—The model for PRivAte Web. J. Am. Soc. Inform. Sci. Technol. 56(2), 159–172 (2005)

    Google Scholar 

  52. Markines, B., Cattuto, C., Menczer, F., Benz, D., Hotho, A., Stum, G.: Evaluating similarity measures for emergent semantics of social tagging. In: Proceedings of the International WWW Conference, pp. 641–650. ACM (2009)

    Google Scholar 

  53. Halkidi, M., Koutsopoulos, I.: A game theoretic framework for data privacy preservation in recommender systems. In: Proceedings of European Machine Learning Principles and Practice of Knowledge Discovery in Databases (ECML PKDD), pp. 629–644. Springer-Verlag (2011)

    Google Scholar 

  54. Cover, T.M., Thomas, J.A.: Elements of Information Theory, 2nd edn. Wiley, New York (2006)

    MATH  Google Scholar 

  55. Rebollo-Monedero, D., Parra-Arnau, J., Diaz, C., Forné, J.: On the measurement of privacy as an attacker’s estimation error. Int. J. Inform. Secur. 12(2), 129–149 (2012)

    Google Scholar 

  56. Parra-Arnau, J., Rebollo-Monedero, D., Forné, J.: Measuring the privacy of user profiles in personalized information systems. Future Gen. Comput. Syst. (FGCS), Special Issue Data Knowl. Eng. 33, 53–63 (2014)

    Google Scholar 

  57. Rebollo-Monedero, D., Parra-Arnau, J., Forné, J.: An information-theoretic privacy criterion for query forgery in information retrieval. In: Proceedings of International Conference on Security Technology (SecTech). Communications in Computer and Information Science (CCIS), vol. 259, pp. 146–154. Jeju Island, South Korea, Springer-Verlag (2011)

    Google Scholar 

  58. Parra-Arnau, J.: Privacy protection of user profiles in personalized information systems. PhD Thesis, Technical University Catalonia (UPC) (2013)

    Google Scholar 

  59. Jaynes, E.T.: On the rationale of maximum-entropy methods. Proc. IEEE 70(9), 939–952 (1982)

    Google Scholar 

  60. Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free MIX routes and how to overcome them. In: Proceedings of Design. Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity Unobser. Lecture Notes in Computer Science (LNCS), pp. 30–45. Berkeley, CA, Springer-Verlag (July 2000)

    Google Scholar 

  61. Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Proceedings of International Symposium on Privacy Enhancing Technologies (PETS). Lecture Notes in Computer Science (LNCS), vol. 2482, pp. 54–68. Springer-Verlag (2002)

    Google Scholar 

  62. Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Proceedings of International Symposium on Privacy Enhancing Technologies (PETS), vol. 2482, pp. 41–53. Springer-Verlag (2002)

    Google Scholar 

  63. Steinbrecher, S., Kopsell, S.: Modelling unlinkability. IIn: Proceedings of International Symposium on Privacy Enhancing Technologies (PETS), pp. 32–47. Springer-Verlag (2003)

    Google Scholar 

  64. Tóth, G., Hornák, Z., Vajda, F.: Measuring anonymity revisited. In: Proceedings of Nordic Workshop Secure IT Systems, pp. 85–90 (2004)

    Google Scholar 

  65. Tóth, G., Hornák, Z.: Measuring anonymity in a non-adaptive, real-time system. In: Proceedings of International Symposium on Privacy Enhancing Technologies (PETS). Lecture Notes in Computer Science (LNCS), vol. 3424, pp. 226-241. Toronto, Canada, Springer-Verlag (2004)

    Google Scholar 

  66. Shmatikov, V., Wang, M.H.: Measuring relationship anonymity in mix networks. In: Proceedings of Workshops on Privacy in the Electronic Society, pp. 59–62. ACM (2006)

    Google Scholar 

  67. Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. v 0.34 (2010)

    Google Scholar 

  68. Clauß, S., Schiffner, S.: Structuring anonymity metrics. In: Proceedings of ACM Workshop on Digital Identity Management, pp. 55–62. Fairfax, VA, ACM (2006)

    Google Scholar 

  69. Rebollo-Monedero, D., Parra-Arnau, J., Forné, J., Diaz, C.: Optimizing the design parameters of threshold pool mixes for anonymity and delay. Comput. Netw. (2014) (To appear)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), 08034, Barcelona, Spain

    Javier Parra-Arnau, David Rebollo-Monedero & Jordi Forné

Authors
  1. Javier Parra-Arnau
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Rebollo-Monedero
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jordi Forné
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Javier Parra-Arnau .

Editor information

Editors and Affiliations

  1. Department of Information and Communications Engineering, Universitat Autonoma de Barcelona, Catalonia, Spain

    Guillermo Navarro-Arribas

  2. Consejo Superior de Investigaciones Científicas Campus de la UAB, Institut d'Investigació en Intel·ligència Artificial, Catalonia, Spain

    Vicenç Torra

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Parra-Arnau, J., Rebollo-Monedero, D., Forné, J. (2015). Privacy-Enhancing Technologies and Metrics in Personalized Information Systems. In: Navarro-Arribas, G., Torra, V. (eds) Advanced Research in Data Privacy. Studies in Computational Intelligence, vol 567. Springer, Cham. https://doi.org/10.1007/978-3-319-09885-2_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-09885-2_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-09884-5

  • Online ISBN: 978-3-319-09885-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation