Risk-Based Privacy-Aware Information Disclosure

Armando, Alessandro; Bezzi, Michele; Metoui, Nadia; Sabetta, Antonino

doi:10.4018/ijsse.2015040104

Cited by 13 publications

(6 citation statements)

References 22 publications

(43 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We performed a simulation of the attacks computing the privacy risk values for all individuals in the dataset and for all B k . 3 We then show the distribution of the mobility features presented in Sect. 2 at varying levels of risk: we compare the distribution of the features computed on the original dataset, i.e., the dataset with the complete set of trajectories, with the distributions obtained using only trajectories belonging to individuals below certain thresholds of privacy risk.…”

Section: Methodsmentioning

confidence: 99%

“…The unicity measure proposed in [20] evaluates the privacy risk as the number of records which are uniquely identified. [3] proposes a risk-aware framework for information disclosure in tabular data supporting runtime risk assessment, using adaptive anonymization as risk-mitigation method. Lastly, in [15] authors introduced a privacy risk assessment framework specific for mobility data.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Analyzing Privacy Risk in Human Mobility Data

Pellungrini

Pappalardo

Pratesi

et al. 2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Mobility data are of fundamental importance for understanding the patterns of human movements, developing analytical services and modeling human dynamics. Unfortunately, mobility data also contain individual sensitive information, making it necessary an accurate privacy risk assessment for the individuals involved. In this paper, we propose a methodology for assessing privacy risk in human mobility data. Given a set of individual and collective mobility features, we define the minimum data format necessary for the computation of each feature and we define a set of possible attacks on these data formats. We perform experiments computing the empirical risk in a real-world mobility dataset, and show how the distributions of the considered mobility features are affected by the removal of individuals with different levels of privacy risk.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Analyzing Privacy Risk in Human Mobility Data

Pellungrini

Pappalardo

Pratesi

et al. 2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…An interesting example is the article by Armando et al, which describes a risk‐aware access control framework for information disclosure. The presented prototype includes a risk mitigation module which uses adaptive anonymization operations implemented on top of ARX . Another example is the work by Jiang et al, in which game‐theoretic methods have been used to develop a credibility model in cooperative networks and ARX has been included in the evaluation .…”

Section: Summary and Practical Experiencesmentioning

confidence: 99%

Flexible data anonymization using ARX—Current status and challenges ahead

et al. 2020

View full text Add to dashboard Cite

The race for innovation has turned into a race for data. Rapid developments of new technologies, especially in the field of artificial intelligence, are accompanied by new ways of accessing, integrating, and analyzing sensitive personal data. Examples include financial transactions, social network activities, location traces, and medical records. As a consequence, adequate and careful privacy management has become a significant challenge. New data protection regulations, for example in the EU and China, are direct responses to these developments. Data anonymization is an important building block of data protection concepts, as it allows to reduce privacy risks by altering data. The development of anonymization tools involves significant challenges, however. For instance, the effectiveness of different anonymization techniques depends on context, and thus tools need to support a large set of methods to ensure that the usefulness of data is not overly affected by risk-reducing transformations. In spite of these requirements, existing solutions typically only support a small set of methods. In this work, we describe how we have extended an open source data anonymization tool to support almost arbitrary combinations of a wide range of techniques in a scalable manner. We then review the spectrum of methods supported and discuss their compatibility within the novel framework. The results of an extensive experimental comparison show that our approach outperforms related solutions in terms of scalability and output data quality-while supporting a much broader range of techniques. Finally, we discuss practical experiences with ARX and present remaining issues and challenges ahead.

show abstract

“…Risk aware information disclosure in [9] can be used for Hadoop Data lake. Secure information access model via data services [11] can be applied for Hadoop data services.…”

Section: Related Workmentioning

confidence: 99%

Object-Tagged RBAC Model for the Hadoop Ecosystem

Gupta

Patwa

Sandhu

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Hadoop ecosystem provides a highly scalable, fault-tolerant and cost-effective platform for storing and analyzing variety of data formats. Apache Ranger and Apache Sentry are two predominant frameworks used to provide authorization capabilities in Hadoop ecosystem. In this paper we present a formal multi-layer access control model (called HeAC) for Hadoop ecosystem, as an academic-style abstraction of Ranger, Sentry and native Apache Hadoop access-control capabilities. We further extend HeAC base model to provide a cohesive object-tagged role-based access control (OT-RBAC) model, consistent with generally accepted academic concepts of RBAC. Besides inheriting advantages of RBAC, OT-RBAC offers a novel method for combining RBAC with attributes (beyond NIST proposed strategies). Additionally, a proposed implementation approach for OT-RBAC in Apache Ranger, is presented. We further outline attribute-based extensions to OT-RBAC.

show abstract

Risk-Based Privacy-Aware Information Disclosure

Cited by 13 publications

References 22 publications

Analyzing Privacy Risk in Human Mobility Data

Analyzing Privacy Risk in Human Mobility Data

Flexible data anonymization using ARX—Current status and challenges ahead

Object-Tagged RBAC Model for the Hadoop Ecosystem

Contact Info

Product

Resources

About