Protecting Statistical Databases Against Snoopers. Comparison of two methods. Disclosure vs. Anonymity. Information disclosure necessary for planning and numerical measurements Anonymity necessary for protection of the individual and the public’s trust in systems. Medical Data.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Protecting Statistical Databases Against Snoopers
Comparison of two methods
Complete Identification Without Uniquely Identifying Information
How much could changing one row change an answer?
The sensitivity of a series of queries is the sum of the sensitivities of the queries
Each of the k possible answers to a query are ordered and numbered
If an individual’s answer to the query is the ith answer, the profile would be a string of k bits where the ith is a one and the others are zero
To sanitize, each bit is flipped with probability ½ + ε/2
All sanitized profiles resemble a random string of ones and zeros
Professor Alf Weaver, PhD
Professor Nina Mishra, PhD