System and method for database privacy protection

摘要

The invention relates to a system and a method for privacy preservation of sensitive attributes stored in a database. The invention reduces the complexity and enhances privacy preservation of the database by determining the distribution of sensitive data based on Kurtosis measurement. The invention further determines and compares the optimal value of k-sensitive attributes in k-anonymity data sanitization model with the optimal value of l sensitive attributes in l diversity data sanitization model using adversary information gain. The invention reduces the complexity of the method for preserving privacy by applying k anonymity only, when the distribution of the sensitive data is leptokurtic and optimal value of k is greater than the optimal value of l.

主权项

1. A database privacy protection method comprising:
determining, via one or more processors, a distribution pattern of one or more database attributes by applying Kurtosis measurement of data corresponding to the attributes to ascertain whether the distribution pattern is leptokurtic; determining, via the one or more processors, an adversary information gain for a k-anonymity data sanitization model and adversary information gain for a k-anonymity l-diversity data sanitization model, wherein the adversary information gain is the difference between entropy of S and a conditional entropy H(S|Q), and wherein S corresponds to a set of the attributes; comparing, via the one or more processors, the adversary information gain of the k-anonymity data sanitization model with the adversary information gain of the k-anonymity l-diversity data sanitization model repeatedly until the adversary information gain of the k-anonymity data sanitization model equals the adversary information gain of the k-anonymity l-diversity data sanitization model; determining, via the one or more processors, an optimal value of l for performing l-diversity based data sanitization on database records related to the attributes and an optimal value of k for performing k-anonymity based data sanitization on the attributes; and performing, via the one or more processors, privacy preservation of the attributes by only k-anonymity data sanitization model when k is greater than l and the distribution pattern is leptokurtic.