Protecting Statistical Databases Against Snoopers. Comparison of two methods. Disclosure vs. Anonymity. Information disclosure necessary for planning and numerical measurements Anonymity necessary for protection of the individual and the public’s trust in systems. Medical Data.
Comparison of two methods
Complete Identification Without Uniquely Identifying Information
The sensitivity of a series of queries is the sum of the sensitivities of the queriesSensitivity
If an individual’s answer to the query is the ith answer, the profile would be a string of k bits where the ith is a one and the others are zero
To sanitize, each bit is flipped with probability ½ + ε/2
All sanitized profiles resemble a random string of ones and zerosImplementing the Coin-flip Algorithm
Professor Alf Weaver, PhD spot” occurs at 189 queries.
Professor Nina Mishra, PhD