40 results about "Quasi identifier" patented technology

Computer program products are provided for anonymizing a database that includes tuples. A respective tuple includes at least one quasi-identifier and sensitive attributes associated with the quasi-identifier. These computer program products include computer readable program code that is configured to (k,e)-anonymize the tuples over a number k of different values in a range e of values, while preserving coupling at least two of the sensitive attributes to one another in the sets of attributes that are anonymized to provide a (k,e)-anonymized database. Related computer systems and methods are also provided.

The invention discloses a privacy protection method in multi-sensitive-attribute data release, and solves the problem of poor quality of quasi-identifier data in multi-sensitive-attribute data release. The basic thinking of the invention is as follows that: firstly, clustering is executed on data sets, the data sets of which quasi-identifiers are similar are aggregated into one aggregate, and a plurality of data aggregates are generated; secondly, a multi-dimension bucket structure is constructed on the basis of sensitive attributes, and data records are mapped into the multi-dimension bucket structure according to values of the sensitive attributes; and then on the basis of multi-dimension buckets, grouping is carried out, i.e., main sensitive attributes are selected, dimension capacity of the main sensitive attributes is calculated, L (L is greater than or equal to 2) main sensitive attributes with the maximum dimension capacity are selected, one data record is respectively selected from the L main sensitive attributes, whether the data records meet the multi-sensitive-attribute L-diversity is judged, and if not, each bucket is sequentially traversed according to the capacity from big to small until the data records meet the multi-sensitive-attribute L-diversity. The process is repeated until the data in the buckets do not meet the multi-sensitive-attribute L-diversity. Finally, all groups are subjected to anonymization processing.

A method and system for automatically identifying and protecting privacy vulnerabilities in data streams includes indexing data values for each attribute of the data stream received by local virtual machines based on a schema of each data stream, classifying the data attributes of the plurality of data streams into known data types, integrating the local virtual machine indexes into a global index data structure for the data streams including single attribute data values, identifying privacy vulnerabilities in the data as attributes that are direct identifiers based on the attribute data values stored in the global index and combinations of attributes that are quasi-identifiers based on the low frequency of certain combinations of attribute data value pairs by computing the frequency based on the single attribute data values stored in the global index and providing privacy protection to the data streams by applying data transformations on the discovered direct identifiers and the quasi-identifiers.

Provided is an information processing device that can decrease ambiguity of relationship among attributes of linked data, to which relational diversification is performed, and can assess a common characteristic of a linked data group belonging to a cohort. The information processing device includes: relational diversification means that diversifies a relationship to make it difficult to identify a sensitive attribute value of the linked data from another sensitive attribute value; and anonymous cohort generating means which generates cohort information by extracting an attribute value or a characteristic and a property being common in a linked data group belonging to a cohort as a set of linked data assigned with a combination of same quasi-identifiers or a same group identifier and having similarity to one another, wherein the relational diversification means outputs the linked data group, of which a relationship is diversified, by adding the cohort information to the linked data group.

Provided is a method for anonymising data stocks, including the steps of determining a combination of generalization stages for quasi-identifiers pf of a data stock at a central node; transmitting the combination of generalization stages to a plurality of sub-nodes; and a parallel performing of an anonymisation of the data stock on the basis of the combination of generalization stages by the sub-nodes.

The invention provides a key information protection method and system based on an OpenID., relating to identity authentication technology, Password technology, DATA DESENSITIZATION TECHNIQUES, the user key information is vertically segmented into identifiers; Quasi-identifier, According to the method, the real-name identity information and the sensitive information are classified into four types,the function key is adopted for protection and decentralized storage, the track information is encrypted, anti-association cutting, encryption, noise adding and other desensitization processing can becarried out on different types of key data, the privacy of a user can be effectively protected, and the risk of leakage of a user information base is greatly reduced.

The invention provides a sensitive attribute data processing method and system. The method comprises the steps of obtaining a user data set; obtaining a plurality of sensitive attribute sub-data setsbased on the quasi-identifier attributes and the sensitive attributes; dividing the plurality of sensitive attribute sub-data sets into a plurality of sensitive attribute data record groups; determining a first sensitive attribute data record group conforming to the composite multi-sensitive attribute L-diversity, and determining a second sensitive attribute data record group not conforming to thecomposite multi-sensitive attribute L-diversity; adding the data in the second sensitive attribute data record group to the first sensitive attribute data record group under the condition of not destroying the L-diversity of the composite multi-sensitive attribute; and anonymizing all the first sensitive attribute data record groups to obtain multiple groups of anonymous groups, performing randomsorting, and publishing a random sorting result. The corresponding relations between the quasi-identifier attribute and the sensitive attribute are disorganized, so that the private information of the user is prevented from being speculated according to the user data, and the usability and the security of the personal information are ensured.

The present invention allows suitable generalization even in a case in which there is a possibility that a dataset may be repeatedly provided, wherein attribute information of a data entry added afterward may deviate significantly from a range of values taken by a known data entry. For each data entry of a dataset having a plurality of data entries including at least one attribute datum constituting a quasi-identifier which is information which can identify a person and at least one attribute datum other than the quasi-identifier, at least one attribute data value constituting the quasi-identifier is generalized on the basis of a predetermined generalization rule, whereupon among a plurality of data entries included in the dataset, a data entry which upon being generalized on the basis of the generalization rule causes the dataset to not satisfy a predetermined standard of anonymity, and at least one data entry which as a result of attribute data values being shared between the data entry and the object of generalization causes the dataset to satisfy the predetermined standard of anonymity, are selected, whereupon for the selected data entries, the attribute data value of the object of generalization is modified to a predetermined shared value regardless of the predetermined generalization rule.

The invention provides a micro-aggregation anonymization method based on sorting. The method comprises the following steps that: (1) a sorting operation: on the basis of a Q1 quasi-identifier, dividing a dataset into a plurality of categories to enable k-division to be based on the Q1 quasi-identifier by the dataset; (2) a division operation based on sorting: independently systemically forming equivalence classes from the first extreme record and the last extreme record of the dataset initialization of the sorting operation, and keeping the record number of the equivalence classes in k; and (3) an aggregate operation: taking the center points of two extreme records as the centroid point of each equivalence class, and replacing all sensitive attribute values with the mean value of the equivalence classes to form an anonymous equivalence class. By use of the method, firstly, according to a mean valve sorting technology, a k-division process is effectively improved to guarantee the information loss ratio of the k-division process to be minimum, the execution efficiency of an algorithm is improved, in addition, a multidimensional dataset can be processed after a sorting concept is introduced, and then, privacy protection can be improved.

The invention discloses a Skyline-based data generalization method. The method comprises the steps of processing a data table according to a data release privacy protection standard 10-anonymity to obtain a re-identified risk quantity R of a policy, recording the risk quantity R as a threshold T, and determining a policy space {S,(R,U)} according to a value domain of a quasi-identifier attribute and the threshold T, wherein an R value of the policy comprised in the policy space {S,(R,U)} is not greater than the threshold T; filtering the policy space {S,(R,U)} by adopting epsilon-approximate Skyline to obtain candidate policy spaces {G,(R,U)}; and performing Skyline calculation on the candidate policy space {G,(R,U)} to obtain a recommended policy space {F,(R,U)}, wherein the recommended policy space {F,(R,U)} is a private policy space recommended for the data table. According to the method, the accuracy of privacy protection policy recommendation is improved through an enumeration full policy space; the coverage range of an RU space is wide; multilevel demands of a user are met; the threshold T is set and the privacy protection policies not meeting the requirements are filtered, so that the policy space generation time is shortened; and the filtering is performed by adopting the epsilon-approximate Skyline, so that the scale of the candidate policy spaces is further reduced.

The invention provides a data processing method and device, electronic equipment and a readable storage medium, and relates to the technical field of data security. The method comprises the steps of obtaining a user data set corresponding to each user in a plurality of users; determining target data corresponding to each quasi-identifier attribute and sensitive data corresponding to the sensitiveattribute in a user data set corresponding to each user; based on the target data and the sensitive data, determining an association degree between each quasi-identifier attribute and the sensitive attribute; determining a generalization sequence for performing K-anonymity processing on the plurality of quasi-identifier attributes according to the association degree; if the quasi-identifier attribute with the large association degree can be generalized firstly, the quasi-identifier attribute related to the sensitive attribute can be generalized, an attacker cannot easily locate a user, and theproblem that privacy information of the user is easily leaked is avoided.