Contribution to collective works (Parts of books)
Methods to Mitigate Risk of Composition Attack in Independent Data Publications
Li, Jiuyong; Sattar, Sarowar A.; Baig, Muzammil M. et al.
2015In Medical Data Privacy Handbook 2015
Peer reviewed


Full Text
Methods to Mitigate Risk of Composition Attack in Independent Data Publications.pdf
Publisher postprint (888.15 kB)
Request a copy

All documents in ORBilu are protected by a user license.

Send to


Abstract :
[en] Data publication is a simple and cost-effective approach for data sharing across organizations. Data anonymization is a central technique in privacy preserving data publications. Many methods have been proposed to anonymize individual datasets and multiple datasets of the same data publisher. In real life, a dataset is rarely isolated and two datasets published by two organizations may contain the records of the same individuals. For example, patients might have visited two hospitals for follow-up or specialized treatment regarding a disease, and their records are independently anonymized and published. Although each published dataset poses a small privacy risk, the intersection of two datasets may severely compromise the privacy of the individuals. The attack using the intersection of datasets published by different organizations is called a composition attack. Some research work has been done to study methods for anonymizing data to prevent a composition attack for independent data releases where one data publisher has no knowledge of records of another data publisher. In this chapter, we discuss two exemplar methods, a randomization based and a generalization based approaches, to mitigate risks of composition attacks. In the randomization method, noise is added to the original values to make it difficult for an adversary to pinpoint an individual’s record in a published dataset. In the generalization method, a group of records according to potentially identifiable attributes are generalized to the same so that individuals are indistinguishable. We discuss and experimentally demonstrate the strengths and weaknesses of both types of methods. We also present a mixed data publication framework where a small proportion of the records are managed and published centrally and other records are managed and published locally in different organizations to reduce the risk of the composition attack and improve the overall utility of the data.
Research center :
Disciplines :
Computer science
Author, co-author :
Li, Jiuyong
Sattar, Sarowar A.
Baig, Muzammil M.
Liu, Jixue
Tang, Qiang ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Malin, Bradley
External co-authors :
Language :
Title :
Methods to Mitigate Risk of Composition Attack in Independent Data Publications
Publication date :
Main work title :
Medical Data Privacy Handbook 2015
Publisher :
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR5856658 - Boosting Security And Efficiency In Recommender Systems, 2013 (15/04/2014-14/04/2017) - Qiang Tang
Name of the research project :
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 05 April 2016


Number of views
74 (1 by Unilu)
Number of downloads
0 (0 by Unilu)

Scopus citations®
Scopus citations®
without self-citations


Similar publications

Contact ORBilu