k-anonymous Microdata Release via Post Randomisation Method

The problem of the release of anonymized microdata is an important topic in the fields of statistical disclosure control (SDC) and privacy preserving data publishing (PPDP), and yet it remains sufficiently unsolved. In these research fields, k-anonymity has been widely studied as an anonymity notion for mainly deterministic anonymization algorithms, and some probabilistic relaxations have been developed. However, they are not sufficient due to their limitations, i.e., being weaker than the original k-anonymity or requiring strong parametric assumptions. First we propose Pk-anonymity, a new probabilistic k-anonymity, and prove that Pk-anonymity is a mathematical extension of k-anonymity rather than a relaxation. Furthermore, Pk-anonymity requires no parametric assumptions. This property has a significant meaning in the viewpoint that it enables us to compare privacy levels of probabilistic microdata release algorithms with deterministic ones. Second, we apply Pk-anonymity to the post randomization method (PRAM), which is an SDC algorithm based on randomization. PRAM is proven to satisfy Pk-anonymity in a controlled way, i.e, one can control PRAM's parameter so that Pk-anonymity is satisfied. On the other hand, PRAM is also known to satisfy ${\varepsilon}$-differential privacy, a recent popular and strong privacy notion. This fact means that our results significantly enhance PRAM since it implies the satisfaction of both important notions: k-anonymity and ${\varepsilon}$-differential privacy.Comment: 22 pages, 4 figure

Group Anonymity

In recent years the amount of digital data in the world has risen immensely. But, the more information exists, the greater is the possibility of its unwanted disclosure. Thus, the data privacy protection has become a pressing problem of the present time. The task of individual privacy-preserving is being thoroughly studied nowadays. At the same time, the problem of statistical disclosure control for collective (or group) data is still open. In this paper we propose an effective and relatively simple (wavelet-based) way to provide group anonymity in collective data. We also provide a real-life example to illustrate the method.Comment: 10 pages, 2 tables. Published by Springer in "Information Processing and Management of Uncertainty in Knowledge-Based Systems. Applications". The final publication is available at http://www.springerlink.com/content/u701148783683775

Anonymity and Information Hiding in Multiagent Systems

We provide a framework for reasoning about information-hiding requirements in multiagent systems and for reasoning about anonymity in particular. Our framework employs the modal logic of knowledge within the context of the runs and systems framework, much in the spirit of our earlier work on secrecy [Halpern and O'Neill 2002]. We give several definitions of anonymity with respect to agents, actions, and observers in multiagent systems, and we relate our definitions of anonymity to other definitions of information hiding, such as secrecy. We also give probabilistic definitions of anonymity that are able to quantify an observer s uncertainty about the state of the system. Finally, we relate our definitions of anonymity to other formalizations of anonymity and information hiding, including definitions of anonymity in the process algebra CSP and definitions of information hiding using function views.Comment: Replacement. 36 pages. Full version of CSFW '03 paper, submitted to JCS. Made substantial changes to Section 6; added references throughou

Seeking Anonymity in an Internet Panopticon

Obtaining and maintaining anonymity on the Internet is challenging. The state of the art in deployed tools, such as Tor, uses onion routing (OR) to relay encrypted connections on a detour passing through randomly chosen relays scattered around the Internet. Unfortunately, OR is known to be vulnerable at least in principle to several classes of attacks for which no solution is known or believed to be forthcoming soon. Current approaches to anonymity also appear unable to offer accurate, principled measurement of the level or quality of anonymity a user might obtain. Toward this end, we offer a high-level view of the Dissent project, the first systematic effort to build a practical anonymity system based purely on foundations that offer measurable and formally provable anonymity properties. Dissent builds on two key pre-existing primitives - verifiable shuffles and dining cryptographers - but for the first time shows how to scale such techniques to offer measurable anonymity guarantees to thousands of participants. Further, Dissent represents the first anonymity system designed from the ground up to incorporate some systematic countermeasure for each of the major classes of known vulnerabilities in existing approaches, including global traffic analysis, active attacks, and intersection attacks. Finally, because no anonymity protocol alone can address risks such as software exploits or accidental self-identification, we introduce WiNon, an experimental operating system architecture to harden the uses of anonymity tools such as Tor and Dissent against such attacks.Comment: 8 pages, 10 figure

On the Anonymization of Differentially Private Location Obfuscation

Obfuscation techniques in location-based services (LBSs) have been shown useful to hide the concrete locations of service users, whereas they do not necessarily provide the anonymity. We quantify the anonymity of the location data obfuscated by the planar Laplacian mechanism and that by the optimal geo-indistinguishable mechanism of Bordenabe et al. We empirically show that the latter provides stronger anonymity than the former in the sense that more users in the database satisfy k-anonymity. To formalize and analyze such approximate anonymity we introduce the notion of asymptotic anonymity. Then we show that the location data obfuscated by the optimal geo-indistinguishable mechanism can be anonymized by removing a smaller number of users from the database. Furthermore, we demonstrate that the optimal geo-indistinguishable mechanism has better utility both for users and for data analysts.Comment: ISITA'18 conference pape

HUBUNGAN ANTARA ANONIMITAS DENGAN CYBERBULLYING PADA REMAJA PENGGUNA MEDIA SOSIAL

Technological developments, including in this digital world, provide positive opportunities for humans to interact through social media. Teenagers are a community group that actively interacts through social media. In addition to positive opportunities, social media also leads to negative consequences, such as cyberbullying that occurs on social media, likely related to anonymous behaviour that refers to an individual's attempt to hide their real identity when interacting on social media. This study aimed to determine the relationship between anonymity and cyberbullying. Three hundred eighty-five active social media users aged 18 – 21 participated in this quantitative study. Active social media users were recruited based on accidental sampling. Participants filled out an anonymity scale and a cyberbullying scale. The results showed a significantly positive relationship between anonymity and cyberbullying, where the higher the level of anonymity, the higher the level of cyberbullying. Teenage boys and girls tend to use Instagram social media. In addition, most male and female participants fall into the moderate category on three aspects of anonymity (unlikability, unobservability, pseudonymity). In cyberbullying, most male participants fall into the low category in the aspect of intention. In contrast, most female participants belong to the low category regarding power imbalance and intention. The implications of different research findings based on gender can be a reference to the interaction of positive associations between anonymity and cyberbullying in adolescent social media users