transparency and disclosure risk in data privacy
play

Transparency and disclosure risk in data privacy c Torra 1 Vicen - PowerPoint PPT Presentation

Sep 20, 2023 •425 likes •1.35k views

PAIS 2015 Transparency and disclosure risk in data privacy c Torra 1 Vicen March, 2015 1 School of Informatics, University of Sk ovde, Sweden Outline Outline Outline Quantitative measures of risk: record linkage Transparency principle:

  1. PAIS 2015 Transparency and disclosure risk in data privacy c Torra 1 Vicen¸ March, 2015 1 School of Informatics, University of Sk¨ ovde, Sweden

  2. Outline Outline Outline Quantitative measures of risk: record linkage Transparency principle: publication of data processing methods a good practice on data privacy similar to the one in cryptography Risk needs to consider the transparency principle Vicen¸ c Torra; Transparency data privacy PAIS 2015 1 / 61

  3. Outline Outline 1. Introduction • Masking methods • Disclosure risk assessment 2. Transparency • Definition • Attacking Rank Swapping • Attacking Microaggregation 3. Worst-case scenario when measuring disclosure risk 4. Summary PAIS 2015 2 / 61

  4. Introduction > Masking methods Outline Introduction Masking methods PAIS 2015 3 / 61

  5. Introduction > Masking methods Outline Masking methods Masking methods. • Perturbative • Non-perturbative • Synthetic data generators Review • Microaggregation • Rank swapping Vicen¸ c Torra; Transparency data privacy PAIS 2015 4 / 61

  6. Introduction > Masking methods Outline Rank Swapping Rank swapping • For ordinal/numerical attributes • Applied attribute-wise Data : ( a 1 , . . . , a n ) : original data; p : percentage of records Order ( a 1 , . . . , a n ) in increasing order (i.e., a i ≤ a i +1 ) ; Mark a i as unswapped for all i ; for i = 1 to n do if a i is unswapped then Select ℓ randomly and uniformly chosen from the limited range [ i + 1 , min( n, i + p ∗ | X | / 100)] ; Swap a i with a ℓ ; Undo the sorting step ; Vicen¸ c Torra; Transparency data privacy PAIS 2015 5 / 61

  7. Introduction > Masking methods Outline Rank Swapping Rank swapping. • Marginal distributions not modified. • Correlations between the attributes are modified • Good trade-off between information loss and disclosure risk Vicen¸ c Torra; Transparency data privacy PAIS 2015 6 / 61

  8. Introduction > Microaggregation Outline Microaggregation Microaggregation. • Case of two attributes microaggregated together Vicen¸ c Torra; Transparency data privacy PAIS 2015 7 / 61

  9. Introduction > Microaggregation Outline Microaggregation Microaggregation. Application. • k : number of records in the cluster • Partition of the attributes v ′ v ′ v ′ v ′ v 1 v 2 v 3 v 4 1 2 3 4 1 1 1 1 1.66667 2 1.33333 1.66667 2 2 1 2 1.66667 2 1.33333 1.66667 2 3 1 6 1.66667 2 2.33333 5.66667 2 9 1 10 3 7.33333 1.66667 9.66667 3 6 2 2 3 7.33333 1.33333 1.66667 4 1 2 9 4.33333 5 1.66667 9.66667 4 6 2 10 4.33333 5 1.66667 9.66667 4 7 3 2 3 7.33333 2.33333 5.66667 5 8 3 9 4.33333 5 2.33333 5.66667 6 8 4 7 7.66667 8.66667 6 5 8 1 7 2 8.66667 2.66667 6 5 8 9 7 6 7.66667 8.66667 6 5 9 3 8 1 8.66667 2.66667 8.66667 1.33333 9 4 8 2 8.66667 2.66667 8.66667 1.33333 9 9 10 1 7.66667 8.66667 8.66667 1.33333 Vicen¸ c Torra; Transparency data privacy PAIS 2015 8 / 61

  10. Introduction > Disclosure risk Outline Introduction Disclosure risk assesment Vicen¸ c Torra; Transparency data privacy PAIS 2015 9 / 61

  11. Introduction > Disclosure risk Outline Disclosure risk assesment Disclosure risk. • Identity disclosure vs. Attribute disclosure ◦ Attribute disclosure: ⋆ Increase knowledge about an attribute of an individual ◦ Identity disclosure: ⋆ Find/identify an individual in a masked file Vicen¸ c Torra; Transparency data privacy PAIS 2015 10 / 61

  12. Introduction > Disclosure risk Outline Disclosure risk assesment Disclosure risk. • Identity disclosure vs. Attribute disclosure • Boolean vs. quantitative measures Vicen¸ c Torra; Transparency data privacy PAIS 2015 11 / 61

  13. Introduction > Disclosure risk Outline Disclosure risk assesment Disclosure risk. • Identity disclosure vs. Attribute disclosure • Boolean vs. quantitative measures (minimize information loss vs. multiobjetive optimization) Vicen¸ c Torra; Transparency data privacy PAIS 2015 11 / 61

  14. Introduction > Disclosure risk Outline Disclosure risk assesment Disclosure risk. • Identity disclosure vs. Attribute disclosure • Boolean vs. quantitative measures (minimize information loss vs. multiobjetive optimization) Examples. • Boolean definitions of risk ◦ k-Anonymity (Boolean definition / identity disclosure) ◦ differential privacy (Boolean definition / attribute disclosure) • Quantitative measures of risk ◦ Re-identification / Record linkage (for identity disclosure) ◦ Uniqueness (for identity disclosure) ◦ Interval disclosure (for attribute disclosure) Vicen¸ c Torra; Transparency data privacy PAIS 2015 11 / 61

  15. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • An scenario for identity disclosure: X = id || X nc || X c ◦ Protection of the attributes ⋆ Identifiers. Usually removed or encrypted. ⋆ Confidential. X c are usually not modified. X ′ c = X c . ⋆ Quasi-identifiers. Apply masking method ρ to these attributes. X ′ nc = ρ ( X nc ) . Vicen¸ c Torra; Transparency data privacy PAIS 2015 12 / 61

  16. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • An scenario for identity disclosure: X = id || X nc || X c ◦ A : File with the protected data set ◦ B : File with the data from the intruder (subset of original X ) (protected / public) B (intruder) A r 1 s 1 Re-identification a Record linkage r a b a 1 a n s b quasi- a 1 a n i 1 , i 2 , ... confidential identifiers quasi- identifiers identifiers Vicen¸ c Torra; Transparency data privacy PAIS 2015 13 / 61

  17. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • An scenario for identity disclosure ◦ Reidentification using the common attributes (quasi-identifiers): Vicen¸ c Torra; Transparency data privacy PAIS 2015 14 / 61

  18. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • An scenario for identity disclosure ◦ Reidentification using the common attributes (quasi-identifiers): identity disclosure Vicen¸ c Torra; Transparency data privacy PAIS 2015 14 / 61

  19. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • An scenario for identity disclosure ◦ Reidentification using the common attributes (quasi-identifiers): identity disclosure ◦ Attribute disclosure may be possible Vicen¸ c Torra; Transparency data privacy PAIS 2015 14 / 61

  20. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • An scenario for identity disclosure ◦ Reidentification using the common attributes (quasi-identifiers): identity disclosure ◦ Attribute disclosure may be possible when reidentification permits to link confidential values to identifiers (in this case: identity disclosure implies attribute disclosure) Vicen¸ c Torra; Transparency data privacy PAIS 2015 14 / 61

  21. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • Flexible scenario for identity disclosure ◦ A protected file using a masking method ◦ B (intruder’s) is a subset of the original file. Vicen¸ c Torra; Transparency data privacy PAIS 2015 15 / 61

  22. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • Flexible scenario for identity disclosure ◦ A protected file using a masking method ◦ B (intruder’s) is a subset of the original file. → intruder with information on only some individuals Vicen¸ c Torra; Transparency data privacy PAIS 2015 15 / 61

  23. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • Flexible scenario for identity disclosure ◦ A protected file using a masking method ◦ B (intruder’s) is a subset of the original file. → intruder with information on only some individuals → intruder with information on only some characteristics Vicen¸ c Torra; Transparency data privacy PAIS 2015 15 / 61

  24. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • Flexible scenario for identity disclosure ◦ A protected file using a masking method ◦ B (intruder’s) is a subset of the original file. → intruder with information on only some individuals → intruder with information on only some characteristics ◦ But also, ⋆ B with a schema different to the one of A (different attributes) Vicen¸ c Torra; Transparency data privacy PAIS 2015 15 / 61

  25. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • Re-identification. Risk as number of re-identifications that might be obtained by an intruder (estimation). Vicen¸ c Torra; Transparency data privacy PAIS 2015 16 / 61

  26. Introduction > Disclosure risk Outline Disclosure risk assesment Quantitative measures for identity disclosure • Re-identification. Risk as number of re-identifications that might be obtained by an intruder (estimation). ◦ When both files have the same schema: record linkage algorithms. Vicen¸ c Torra; Transparency data privacy PAIS 2015 16 / 61

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Data privacy: Introduction Vicen c Torra March, 2019 Hamilton Institute, Maynooth University,

Data privacy: Introduction Vicen c Torra March, 2019 Hamilton Institute, Maynooth University,

Data privacy: Introduction Vicen c Torra March, 2019 Hamilton Institute, Maynooth University, Ireland Outline Outline 1. Motivation 2. Difficulties 3. Terminology 4. Disclosure 5. Transparency 6. Privacy by design 7. Summary 1 / 37

510 views • 38 slides
Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Beneficial ownership transparency, Title Page privacy and data protection 23 October Presented by Tom Walker tom@theengineroom.org @thomwithoutanh Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

702 views • 13 slides
Data Transparency: Managing the legislative risk 7th International Digital Curation Conference

Data Transparency: Managing the legislative risk 7th International Digital Curation Conference

Andrew Charlesworth Director, Centre for IT & Law Data Transparency: Managing the legislative risk 7th International Digital Curation Conference Bristol, 5-7 December 2011. The Broadening Spectrum of Risk 2 Increasing public access

342 views • 6 slides
Will You Have to Will You Have to Rat Yourself Rat Yourself Out? Out? New Self-Disclosure

Will You Have to Will You Have to Rat Yourself Rat Yourself Out? Out? New Self-Disclosure

Will You Have to Will You Have to Rat Yourself Rat Yourself Out? Out? New Self-Disclosure 60-day overpayment refund Risks for the Unwary Stark Self-Disclosure Protocol Transparency reports Due diligence Dan Mulholland

54 views • 4 slides
Addressing Your Number 1 Security Risk: Data Privacy, Data Encryption A Complimentary

Addressing Your Number 1 Security Risk: Data Privacy, Data Encryption A Complimentary

Addressing Your Number 1 Security Risk: Data Privacy, Data Encryption A Complimentary Webinar From healthsystemCIO.com Sponsored by Proofpoint Your Line Will Be Silent Until Our Event Begins at 12:00 ET Thank You! Slide Deck:

468 views • 22 slides
On Privacy Risk of Releasing Data and Models Ashish Dandekar Supervised by: A/P St ephane

On Privacy Risk of Releasing Data and Models Ashish Dandekar Supervised by: A/P St ephane

Introduction Publication of data Publication of models Privacy at risk Conclusion References On Privacy Risk of Releasing Data and Models Ashish Dandekar Supervised by: A/P St ephane Bressan July 18, 2019 1 / 36 Introduction

912 views • 70 slides
On machine learning for data privacy Vicen c Torra Dec. 7, 2016 School of Informatics,

On machine learning for data privacy Vicen c Torra Dec. 7, 2016 School of Informatics,

Link oping 2016 On machine learning for data privacy Vicen c Torra Dec. 7, 2016 School of Informatics, University of Sk ovde, Sweden Outline Outline Outline Disclosure risk. A quantitative measures: record linkage The worst-case

1.29k views • 101 slides
Breaking down data silos for improved insight a data transparency perspective Transparency

Breaking down data silos for improved insight a data transparency perspective Transparency

Breaking down data silos for improved insight a data transparency perspective Transparency an organisational view Transparency is all about the release of information by institutions or companies that is relevant for the evaluation of

883 views • 32 slides
Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg, August 2nd, 2010 Cloud

775 views • 43 slides
Privacy by Deletion: 5 Steps to Reducing Data Risk July 19, 2017 Agenda Introductions The

Privacy by Deletion: 5 Steps to Reducing Data Risk July 19, 2017 Agenda Introductions The

Privacy by Deletion: 5 Steps to Reducing Data Risk July 19, 2017 Agenda Introductions The Risks Involved with Over-Retention 5 Steps to Reduce Data Risk Understanding what exists Focusing on risks Leveraging lower cost storage

664 views • 25 slides
Tips and Tricks to enhancing transparency in personal information management Victorian Privacy

Tips and Tricks to enhancing transparency in personal information management Victorian Privacy

Tips and Tricks to enhancing transparency in personal information management Victorian Privacy Network Meeting 10 April 2019 Presentation by Melanie Casley www.salingerprivacy.com.au The cause of so much confusion Back to Basics Privacy

388 views • 19 slides
Conducting DPIAs to Reduce Business Risk Lecio de Paula Director of Data Privacy, FIP,

Conducting DPIAs to Reduce Business Risk Lecio de Paula Director of Data Privacy, FIP,

Conducting DPIAs to Reduce Business Risk Lecio de Paula Director of Data Privacy, FIP, CIPP/E, CIPP/US, CIPP/C, CIPM, AWS Certified Todays Presentation Discuss benefits of conducting data privacy impact assessments Why

497 views • 26 slides
Differen'al Privacy and Risk Ra'os: The seman'cs of privacy

Differen'al Privacy and Risk Ra'os: The seman'cs of privacy

Differen'al Privacy and Risk Ra'os: The seman'cs of privacy CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 5 : 590.03 Fall 16 1

345 views • 30 slides
Enhancing the disclosure of inside information under REMIT and improving the overall transparency

Enhancing the disclosure of inside information under REMIT and improving the overall transparency

Applying REMIT in an evolving regulatory landscape: Enhancing the disclosure of inside information under REMIT and improving the overall transparency in wholesale energy markets Market Integrity and Transparency Department 3 rd Energy Market

243 views • 5 slides
The privacy economics of voluntary over-disclosure in Web forms Sren Preibusch, Kat Krol,

The privacy economics of voluntary over-disclosure in Web forms Sren Preibusch, Kat Krol,

The privacy economics of voluntary over-disclosure in Web forms Sren Preibusch, Kat Krol, Alastair R. Beresford 11 th WEIS 25 th June 2012 Web forms: ubiquitous, versatile, est. 1995 Primary mechanism for explicit data collection

732 views • 15 slides
Privacy in Business Processes - Identifying Non-Authorized Disclosure of Personal Data to Third

Privacy in Business Processes - Identifying Non-Authorized Disclosure of Personal Data to Third

National Institute of Informatics National Institute of Informatics Privacy in Business Processes - Identifying Non-Authorized Disclosure of Personal Data to Third Parties - Austria-Japan Workshop 2010 October 18, 2010 Dr. Sven Wohlgemuth

324 views • 14 slides
Routing under Constraints Alexander Nadel Intel, Israel FMCAD Mountain View CA, USA October 4,

Routing under Constraints Alexander Nadel Intel, Israel FMCAD Mountain View CA, USA October 4,

Routing under Constraints Alexander Nadel Intel, Israel FMCAD Mountain View CA, USA October 4, 2016 Design and Technology Solutions 1 Design and Technology 2 "PhysicalDesign" by Linear77 - Own work. Licensed under CC BY 3.0

2.02k views • 177 slides
Page Frame Reclaiming Don Porter 1 CSE 506: Opera.ng Systems Logical Diagram Binary Memory

Page Frame Reclaiming Don Porter 1 CSE 506: Opera.ng Systems Logical Diagram Binary Memory

CSE 506: Opera.ng Systems Page Frame Reclaiming Don Porter 1 CSE 506: Opera.ng Systems Logical Diagram Binary Memory Threads Formats Allocators User System Calls Kernel Todays Lecture RCU File System Networking Sync (kernel

720 views • 31 slides
CSC263 Week 2 If you feel rusty with probabilities, please read the Appendix C of the textbook.

CSC263 Week 2 If you feel rusty with probabilities, please read the Appendix C of the textbook.

CSC263 Week 2 If you feel rusty with probabilities, please read the Appendix C of the textbook. It is only about 20 pages, and is highly relevant to what we need for CSC263. Appendix A and B are also worth reading. This week topic ADT:

845 views • 72 slides
CSE 3320 Operating Systems Memory Management Jia Rao Department of Computer Science and

CSE 3320 Operating Systems Memory Management Jia Rao Department of Computer Science and

CSE 3320 Operating Systems Memory Management Jia Rao Department of Computer Science and Engineering http://ranger.uta.edu/~jrao Recap of Previous Classes Multiprogramming o Requires multiple programs to run at the same time o

692 views • 29 slides
Lecture 19: Graph Partitioning David Bindel 3 Nov 2011 Logistics Please finish your project

Lecture 19: Graph Partitioning David Bindel 3 Nov 2011 Logistics Please finish your project

Lecture 19: Graph Partitioning David Bindel 3 Nov 2011 Logistics Please finish your project 2. Please start your project 3. Graph partitioning Given: Graph G = ( V , E ) Possibly weights ( W V , W E ) . Possibly coordinates

2.38k views • 22 slides
IT1100 : Introduction to Operating Systems Chapter 15 What is a partition? A partition is just a

IT1100 : Introduction to Operating Systems Chapter 15 What is a partition? A partition is just a

IT1100 : Introduction to Operating Systems Chapter 15 What is a partition? A partition is just a logical division of your hard drive. This is done to put data in different locations for flexibility, scalability, ease of administration, and a

262 views • 7 slides
tr s r ssrtt

tr s r ssrtt

tr s r ssrtt sssrtt trs rs tr Prrts

566 views • 33 slides
Data access and ATLAS job performance Charles G Waldman University of Chicago OSG Storage

Data access and ATLAS job performance Charles G Waldman University of Chicago OSG Storage

Data access and ATLAS job performance Charles G Waldman University of Chicago OSG Storage Workshop, Sep 21-22 2010 Factors affecting job performance Algorithmic efficiency and code optimization VM footprint (swapping) I/O wait

384 views • 20 slides

More recommend