Advertisement

Defining Privacy Based on Distributions of Privacy Breaches

  • Matthias Huber
  • Jörn Müller-Quade
  • Tobias Nilges
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8260)

Abstract

In contrast to classical cryptography, the challenge of privacy in the context of databases is to find a trade-off between a security guarantee and utility. Individuals in a database have to be protected while preseving the usefullnes of the data. In this paper, we provide an overview over the results in the field of database privacy with focus on privacy notions. On the basis of these notions, we provide a framework that allows for the definition meaningful guarantees based on the distribution on privacy breaches and sesitive predicates. Interestingly, these notions do not fulfill the privacy axioms defined by Kifer et al. in [1,2].

Keywords

Average Salary Privacy Breach Privacy Guarantee Database Privacy Privacy Mechanism 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kifer, D., Lin, B.R.: An axiomatic view of statistical privacy and utility. Journal of Privacy and Confidentiality 4(1), Article 2Google Scholar
  2. 2.
    Kifer, D., Lin, B.R.: Towards an axiomatization of statistical privacy and utility. In: Proceedings of the Twenty-Ninth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS 2010, pp. 147–158. ACM, New York (2010)CrossRefGoogle Scholar
  3. 3.
    Demirel, D., Henning, M., van de Graaf, J., Ryan, P.Y.A., Buchmann, J.: Prêt à voter providing everlasting privacy. In: Heather, J., Schneider, S., Teague, V. (eds.) Vote-ID 2013. LNCS, vol. 7985, pp. 156–175. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  4. 4.
    Langer, L., Schmidt, A., Volkamer, M., Buchmann, J.: Classifying privacy and verifiability requirements for electronic voting. In: Fischer, S., Maehle, E., Reischuk, R. (eds.) GI Jahrestagung. LNI, vol. 154, pp. 1837–1846. GI (2009)Google Scholar
  5. 5.
    Buchmann, J., Demirel, D., van de Graaf, J.: Towards a publicly-verifiable mix-net providing everlasting privacy. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 197–204. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  6. 6.
    Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl. -Based Syst. 10, 557–570 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing sql over encrypted data in the database-service-provider model. In: SIGMOD 2002: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp. 216–227. ACM, New York (2002)CrossRefGoogle Scholar
  9. 9.
    Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: CryptDB: Protecting Confidentiality with Encrypted Query Processing. In: Symposium on Operating Systems Principles (SOSP), Cascais, Portugal (October 2011)Google Scholar
  10. 10.
    Lin, B.R., Kifer, D.: A framework for extracting semantic guarantees from privacy. CoRR abs/1208.5443 (2012)Google Scholar
  11. 11.
    Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: privacy via distributed noise generation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 486–503. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Samarati, P., Sweeney, L.: Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical report, CMU SRI (1998)Google Scholar
  13. 13.
    Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: ICDE, vol. 24 (2006)Google Scholar
  14. 14.
    Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: ICDE, pp. 106–115 (2007)Google Scholar
  15. 15.
    LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: SIGMOD Conference, pp. 49–60 (2005)Google Scholar
  16. 16.
    Meyerson, A., Williams, R.: On the complexity of optimal k-anonymity. In: PODS, pp. 223–228 (2004)Google Scholar
  17. 17.
    Bayardo Jr., R.J., Agrawal, R.: Data privacy through optimal k-anonymization. In: ICDE, pp. 217–228 (2005)Google Scholar
  18. 18.
    Tian, H., Zhang, W.: Extending l-diversity to generalize sensitive data. Data Knowl. Eng. 70(1), 101–126 (2011)CrossRefGoogle Scholar
  19. 19.
    Ganta, S.R., Kasiviswanathan, S.P., Smith, A.: Composition attacks and auxiliary information in data privacy. In: KDD, pp. 265–273 (2008)Google Scholar
  20. 20.
    Heidinger, C., Buchmann, E., Huber, M., Böhm, K., Müller-Quade, J.: Privacy-aware folksonomies. In: Lalmas, M., Jose, J., Rauber, A., Sebastiani, F., Frommholz, I. (eds.) ECDL 2010. LNCS, vol. 6273, pp. 156–167. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: Privacy via distributed noise generation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 486–503. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. 22.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  23. 23.
    Gehrke, J., Lui, E., Pass, R.: Towards privacy for social networks: A zero-knowledge based definition of privacy. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 432–449. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  24. 24.
    Gehrke, J., Hay, M., Lui, E., Pass, R.: Crowd-blending privacy. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 479–496. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  25. 25.
    Kifer, D., Machanavajjhala, A.: No free lunch in data privacy. In: Proceedings of the 2011 ACM SIGMOD International Conference on Management of data, SIGMOD 2011, pp. 193–204 (2011)Google Scholar
  26. 26.
    Duan, Y.: Privacy without noise. In: CIKM, pp. 1517–1520 (2009)Google Scholar
  27. 27.
    Bhaskar, R., Bhowmick, A., Goyal, V., Laxman, S., Thakurta, A.: Noiseless database privacy. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 215–232. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  28. 28.
    Blum, A., Dwork, C., McSherry, F., Nissim, K.: Practical privacy: the sulq framework. In: Proceedings of the Twenty-Fourth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS 2005, pp. 128–138 (2005)Google Scholar
  29. 29.
    Chaudhuri, K., Mishra, N.: When random sampling preserves privacy. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 198–213. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  30. 30.
    Evfimievski, A., Fagin, R., Woodruff, D.P.: Epistemic privacy. In: Proceedings of the Twenty-Seventh ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS 2008, pp. 171–180 (2008)Google Scholar
  31. 31.
    Blum, A., Ligett, K., Roth, A.: A learning theory approach to non-interactive database privacy. In: STOC, pp. 609–618 (2008)Google Scholar
  32. 32.
    Blum, A., Ligett, K., Roth, A.: A learning theory approach to noninteractive database privacy. J. ACM 60(2), 12 (2013)MathSciNetCrossRefGoogle Scholar
  33. 33.
    Kifer, D., Machanavajjhala, A.: A rigorous and customizable framework for privacy. In: Proceedings of the 31st Symposium on Principles of Database Systems, PODS 2012, pp. 77–88 (2012)Google Scholar
  34. 34.
    Warner, S.L.: Randomized response: A survey technique for eliminating evasive answer bias. Journal of the American Statistical Association 60(309), 63–69 (1965)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Matthias Huber
    • 1
  • Jörn Müller-Quade
    • 2
  • Tobias Nilges
    • 2
  1. 1.FZI Forschungszentrum InformatikGermany
  2. 2.Institut für Kryptographie und Sicherheit, Fakultät für InformatikKarlsruher Institut für Technologie (KIT)Germany

Personalised recommendations