Προσωποποιημένη ανωνυμοποίηση βάσεων δεδομένων κινούμενων αντικειμένων μέσω συσταδοποίησης και σύγχυσης
Personalized anonymization of moving objects databases by clustering and perturbation
Θεοδοσόπουλος, Βασίλειος Ε.
SubjectΒάσεις δεδομένων -- Διαχείριση
The preservation of privacy when publishing spatiotemporal data is a field that is receiving growing attention. However, while more and more services offer personalized privacy options to their users, few algorithms are able to handle such a high degree of personalization effectively, without incurring unnecessary information distortion. In this paper we study the problem of Personalized (k,δ)-Anonymity, which builds upon the model of (k,δ)-Anonymity, while allowing for the fact that each user in the system has his own individual privacy and service quality requirements. We examine how well the Wait For Me algorithm handles the problem and propose our own algorithm, built specifically to take advantage of users’ personalized privacy settings in order to avoid over-anonymization and decrease information distortion. In addition to taking into account personalized (k,δ) requirements, our approach utilizes dataset-aware trajectory segmentation, in order to examine the results of anonymizing a dataset the trajectories of which have been partitioned into sub-trajectories using privacy-aware criteria. Furthermore, we study the problem of Bounded Personalized (k,δ)-Anonymity, where there is a limit to the acceptable information distortion caused by the anonymization. A novel system is introduced whereby trajectories are assessed and the most demanding ones are edited in terms of their (k,δ) requirements, in order to decrease overall information distortion. Experimental results show the degree to which personalized anonymization achieves lower information loss than non-personalized algorithms, as well as the degree to which trajectory segmentation affects the process. Further results also demonstrate the effects of demandingness-based trajectory editing on satisfying the criteria for bounded anonymity.