Database Anonymization

The current social and economic context increasingly demands open data to improve scientific research and decision making. However, when published data refer to individual respondents, disclosure risk limitation techniques must be implemented to anonymize the data and guarantee by design the fundamental right to privacy of the subjects the data refer to. Disclosure risk limitation has a long record in the statistical and computer science research communities, who have developed a variety of privacy-preserving solutions for data releases. This Synthesis Lecture provides a comprehensive overview of the fundamentals of privacy in data releases focusing on the computer science perspective. Specifically, we detail the privacy models, anonymization methods, and utility and risk metrics that have been proposed so far in the literature. Besides, as a more advanced topic, we identify and discuss in detail connections between several privacy models (i.e., how to accumulate the privacy guaranteesthey offer to achieve more robust protection and when such guarantees are equivalent or complementary); we also explore the links between anonymization methods and privacy models (how anonymization methods can be used to enforce privacy models and thereby offer ex ante privacy guarantees). These latter topics are relevant to researchers and advanced practitioners, who will gain a deeper understanding on the available data anonymization solutions and the privacy guarantees they can offer.

Auteur

Josep Domingo-Ferrer received an M.Sc. and a Ph.D. in computer science from the Autonomous University of Barcelona in 1988 and 1991, respectively. He also received an M.Sc. degree in mathematics. He is a Distinguished Professor of Computer Science and an ICREA-Acadèmia researcher at the Universitat Rovira i Virgili, Tarragona, Catalonia, where he holds the UNESCO Chair in Data Privacy. His research interests are in data privacy, data security, and cryptographic protocols. He is a Fellow of IEEE.David Sánchez received a Ph.D. in computer science from the Technical University of Catalonia. He also received an M.Sc. degree in computer science from the Universitat Rovira i Virgili, Tarragona, Catalonia, in 2003, where he is currently an Associate Professor of Computer Science. His research interests are in data semantics and data privacyJordi Soria-Comas received a B.Sc. degree in mathematics from the University of Barcelona in 2003, and an M.Sc. degree in finance from the Autonomous University of Barcelona in 2004. He received an M.Sc. degree in computer security in 2011, and a Ph.D. in computer science in 2013 from the Universitat Rovira i Virgili. He is a Director of Research at Universitat Rovira i Virgili. His research interests are in data privacy and security

Contenu
Preface.- Acknowledgments.- Introduction.- Privacy in Data Releases.- Anonymization Methods for Microdata.- Quantifying Disclosure Risk: Record Linkage.- The k-Anonymity Privacy Model.- Beyond k-Anonymity: l-Diversity and t-Closeness.- t-Closeness Through Microaggregation.- Differential Privacy.- Differential Privacy by Multivariate Microaggregation.- Differential Privacy by Individual Ranking Microaggregation.- Conclusions and Research Directions.- Bibliography.- Authors' Biographies .