在不同再識別風險下基於資訊遺失的去識別化策略探索

Ming-Hwa Tsai; 蔡明驊

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/57220

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	雷欽隆
dc.contributor.author	Ming-Hwa Tsai	en
dc.contributor.author	蔡明驊	zh_TW
dc.date.accessioned	2021-06-16T06:38:18Z	-
dc.date.available	2014-08-08
dc.date.copyright	2014-08-08
dc.date.issued	2014
dc.date.submitted	2014-07-30
dc.identifier.citation	[1] Health Insurance Portability and Accountability Act (HIPAA). http:// en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act [2] K. Benitez and B Malin. Evaluating re-identification risks with respect to the HIPAA privacy rule. Journal of the American Medical Informatics Association, 17(2): 169!V177, 2010. [3] L. Sweeney. k-annoymity: a model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10(5):557-570, 2002 [4] K. LeFevre, David J. DeWitt, and R. Ramakrishnan. Incognito: efficient full-domain K-anonymity. In Proceedings of the 2005 ACM SIGMOD international conference on Management of data (SIGMOD ’05). ACM, New York, NY, USA, 49-60. [5] K. El Emam and F. Dankar Protecting privacy using k-anonymity. Journal of the American Medical Informatics Association, 15(5):627!V637, 2008. [6] K. El Eman. A globally optimal k-anonymity method for the de-identification of health data. J Am Med Inform Assoc 2009 16:670-682 doi: 10.1197/jamia. M3133 26 [7] L. Sweeney. Achieving k-annoymity privacy protection using generalization and suppression International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10(5):571-588, 2002. [8] Aggarwal, Gagan and Feder, Tomas and Kenthapadi, Krishnaram and Motwani, Rajeev and Panigrahy, Rina and Thomas, Dilys and Zhu, An. Approximation Algorithms for k-Annoymity. Proceedings of the International Conference on Database Theory (ICDT 2005), January 5-7, 2005, Edinburgh, UK. [9] H. Park, K. Shim. Approximate algorithm for K-annoymity. Proceedings of the 2007 ACM SIGMOD international conference on Management of data, Pages 67-78, ACM New York, NY, USA 2007. [10] A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. L-diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data 1, 1, Article 3 (March 2007). [11] T. Truta, F. Fotouhi, and D. Barth-Jones. Disclosure risk measures for microdata. International Conference on Scientific and Statistical Databases Management, pages 15!V22, 2003. [12] K. Benitez, G. Loukides, and B. Malin. Beyond safe harbor: automatic discovery of health information de-identification policy alternatives. Proceedings of the 1st ACM International Health Informatics Symposium, pages 163 - 172, 2010. [13] W. Xia, R. Heatherly, X. Ding, J. Li, B. Malin. Efficient discovery of de-identification policy options through a risk-utility frontier. Proceedings of the third ACM conference on Data and application security and privacy, pages 59-70, 2013. 27
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/57220	-
dc.description.abstract	對於資料分析的研究來說，尤其是醫療資訊方面，資料個體本身的隱私性以及資料可應用程度是一個難解的取捨。基於對於個人隱私的需求，在我們發布資料前會以盡量保持資料的完整性為前提將其進行某種程度的模糊化，讓惡意使用者無法分辨其真實的個體。此稱為去識別化技術。此篇論文提出了在不同的去識別化風險下快速有效率地找到資料完整性較佳的去識別化方式，藉由將問題本身映射到一個晶格模型(lattice model) 的探索問題上，並且使用了子晶格(sublattice) 的概念加速我們的搜尋。實驗結果顯示此種方法在同樣的搜索數目下，可以找到資訊遺失量較低的去識別化方式。	zh_TW
dc.description.abstract	In the study of data analysis, especially in the field of medical information, there is a complex tradeoff between the privacy of the data and the applicability of the data. Due to the demand for individual privacy on maintaining the integrity of the original data, the data are being more or less obscured before the release to avoid the malicious users from identifying the true owners. This technique is called de-identification. This dissertation introduces a novel technique that is able to efficiently and quickly find a de-identification policy with satisfactory data integrity under variant re-identification risks. We probe into the problem by applying it onto the lattice model [12] and use the concept of sublattice [13] to accelerate the process. The results appear to be promising as in comparison to other techniques [12], we can find de-identification policies with less informationloss under the same search times.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T06:38:18Z (GMT). No. of bitstreams: 1 ntu-103-R01921048-1.pdf: 2397566 bytes, checksum: ca9d74b89fd2a874fd00756dc374c38b (MD5) Previous issue date: 2014	en
dc.description.tableofcontents	口試委員審定書 i 致謝 ii 摘要iii Abstract iv Contents v List of Figures vii List of Tables viii 1 Introduction 1 1.1 Information Loss-based De-identification . . . . . . . . . . . . . . . . . 1 1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2 Related Work 3 3 Methods 5 3.1 De-identification Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1.1 Generalization . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1.2 Policy Representation . . . . . . . . . . . . . . . . . . . . . . . 6 3.2 Risk Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.3 Information Loss Evaluation . . . . . . . . . . . . . . . . . . . . . . . . 8 v 3.4 Lattice Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.5 Search Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.5.1 Problem Definition . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.5.2 Sublattice Approaching Search . . . . . . . . . . . . . . . . . . . 12 3.5.3 Slice Sublattice Contains Risk Upper Bound . . . . . . . . . . . 13 4 Experiments 16 4.1 Materials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.2 Experiments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.2.1 Experiment I . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.2.2 Experiment II . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.3 Comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 4.4 Future work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 5 Conclusion 25 Bibliography 26
dc.language.iso	en
dc.subject	策略探索	zh_TW
dc.subject	資訊遺失	zh_TW
dc.subject	去識別化	zh_TW
dc.subject	再識別風險	zh_TW
dc.subject	re-identification risk	en
dc.subject	information loss	en
dc.subject	de-identification	en
dc.subject	policies discovery	en
dc.title	在不同再識別風險下基於資訊遺失的去識別化策略探索	zh_TW
dc.title	Information Loss Based Discovery of De-identification Policies Under Variant Re-identification Risks	en
dc.type	Thesis
dc.date.schoolyear	102-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	郭斯彥,顏嗣鈞,黃秋煌,莊仁輝
dc.subject.keyword	資訊遺失,去識別化,再識別風險,策略探索,	zh_TW
dc.subject.keyword	information loss,de-identification,re-identification risk,policies discovery,	en
dc.relation.page	31
dc.rights.note	有償授權
dc.date.accepted	2014-07-31
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	電機工程學研究所	zh_TW
顯示於系所單位：	電機工程學系

文件中的檔案：

檔案	大小	格式
ntu-103-1.pdf 未授權公開取用	2.34 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。