%0 Journal Article %1 paper:sweeney:2002 %A Sweeney, Lantanya %D 2002 %J International Journal on Uncertainty Fuzziness and Knowledge-based Systems %K 2002 anonymity privacy to-read %N 10 %P 557--570 %T k-anonymity: a model for protecting privacy %U http://portal.acm.org/citation.cfm?id=774552# %V 5 %X Consider a data holder, such as a hospital or a bank, that has a privately held collection of person-specific, field structured data. Suppose the data holder wants to share a version of the data with researchers. How can a data holder release a version of its private data with scientific guarantees that the individuals who are the subjects of the data cannot be re-identified while the data remain practically useful? The solution provided in this paper includes a formal protection model named k-anonymity and a set of accompanying policies for deployment. A release provides k-anonymity protection if the information for each person contained in the release cannot be distinguished from at least k-1 individuals whose information also appears in the release. This paper also examines re-identification attacks that can be realized on releases that adhere to k- anonymity unless accompanying policies are respected. The k-anonymity protection model is important because it forms the basis on which the real-world systems known as Datafly, µ-Argus and k-Similar provide guarantees of privacy protection.

@article{paper:sweeney:2002, abstract = {Consider a data holder, such as a hospital or a bank, that has a privately held collection of person-specific, field structured data. Suppose the data holder wants to share a version of the data with researchers. How can a data holder release a version of its private data with scientific guarantees that the individuals who are the subjects of the data cannot be re-identified while the data remain practically useful? The solution provided in this paper includes a formal protection model named k-anonymity and a set of accompanying policies for deployment. A release provides k-anonymity protection if the information for each person contained in the release cannot be distinguished from at least k-1 individuals whose information also appears in the release. This paper also examines re-identification attacks that can be realized on releases that adhere to k- anonymity unless accompanying policies are respected. The k-anonymity protection model is important because it forms the basis on which the real-world systems known as Datafly, µ-Argus and k-Similar provide guarantees of privacy protection. }, added-at = {2008-11-17T12:40:32.000+0100}, author = {Sweeney, Lantanya}, biburl = {https://www.bibsonomy.org/bibtex/2873ad7ef58cc028e8b8b02e4589d4b4c/mschuber}, interhash = {710b9ae24ee9fdee57033bd50346dbe6}, intrahash = {873ad7ef58cc028e8b8b02e4589d4b4c}, journal = {International Journal on Uncertainty Fuzziness and Knowledge-based Systems}, keywords = {2002 anonymity privacy to-read}, note = { issn = {0218-4885}, publisher = {World Scientific Publishing Co., Inc.}, address = {River Edge, NJ, USA}, }, number = 10, pages = {557--570}, timestamp = {2008-11-17T12:40:32.000+0100}, title = {k-anonymity: a model for protecting privacy}, url = {http://portal.acm.org/citation.cfm?id=774552#}, volume = 5, year = 2002 }