The contents of this legacy page are no longer maintained nor supported, and are made available only for historical purposes.

Bibliography Details

A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam, "l-Diversity: Privacy Beyond k-Anonymity.", in IEEE International Conference on Data Engineering (ICDE), 2006.

l-Diversity: Privacy Beyond k-Anonymity.
Authors: A. Machanavajjhala
J. Gehrke
D. Kifer
M. Venkitasubramaniam
Published: IEEE International Conference on Data Engineering (ICDE), 2006
ENTRY DATE: 2008-06-16
ABSTRACT: Publishing data about individuals without revealing sensitive information about them is an important problem. In recent years, a new definition of privacy called k-anonymity has gained popularity. In a k-anonymized dataset, each record is indistinguishable from at least k-1 other records with respect to certain identifying attributes. In this paper we show with two simple attacks that a k-anonymized dataset has some subtle, but severe privacy problems. First, we show that an attacker can discover the values of sensitive attributes when there is little diversity in those sensitive attributes. Second, attackers often have background knowledge, and we show that k-anonymity does not guarantee privacy against attackers using background knowledge. We give a detailed analysis of these two attacks and we propose a novel and powerful privacy definition called l-diversity. In addition to building a formal foundation for l-diversity, we show in an experimental evaluation that l-diversity is practical and can be implemented efficiently.