<  Back to the Polytechnique Montréal portal

Information theoretic-based privacy risk evaluation for data anonymization

Anis Bkakria, Frédéric Cuppens, Nora Boulahia Cuppens and Aimilia Tasidou

Article (2021)

Open Acess document in PolyPublie and at official publisher
Open Access to the full text of this document
Published Version
Terms of Use: Creative Commons Attribution
Download (1MB)
Show abstract
Hide abstract


Aim: Data anonymization aims to enable data publishing without compromising the individuals’ privacy. The re- identification and sensitive information inference risks of a dataset are important factors in the decision-making pro- cess for the techniques and the parameters of the anonymization process. If correctly assessed, measuring the re- identification and inference risks can help optimize the balance between protection and utility of the dataset, as too aggressive anonymization can render the data useless, while publishing data with a high risk of de-anonymization is troublesome. Methods: In this paper, a new information theoretic-based privacy metric (ITPR) for assessing both the re-identification risk and sensitive information inference risk of datasets is proposed. We compare the proposed metric with existing information theoretic metrics and their ability to assess risk for various cases of dataset characteristics. Results: We show that ITPR is the only metric that can effectively quantify both re-identification and sensitive infor- mation inference risks. We provide several experiments to illustrate the effectiveness of ITPR. Conclusion: Unlike existing information theoretic-based privacy metrics, the ITPR metric we propose in this paper is, to the best of our knowledge, the first information theoretic-based privacy metric that allows correctly assessing both re-identification and sensitive information inference risks.

Uncontrolled Keywords

Data anonymization, identification risk, disclosure risk, information theoretic-based privacy metrics

Subjects: 2700 Information technology > 2700 Information technology
Department: Department of Computer Engineering and Software Engineering
PolyPublie URL: https://publications.polymtl.ca/9466/
Journal Title: Journal of Surveillance, Security and Safety (vol. 2)
Publisher: OAE Publishing Inc
DOI: 10.20517/jsss.2020.20
Official URL: https://doi.org/10.20517/jsss.2020.20
Date Deposited: 07 Sep 2023 12:01
Last Modified: 04 Nov 2023 12:50
Cite in APA 7: Bkakria, A., Cuppens, F., Boulahia Cuppens, N., & Tasidou, A. (2021). Information theoretic-based privacy risk evaluation for data anonymization. Journal of Surveillance, Security and Safety, 2, 83-102. https://doi.org/10.20517/jsss.2020.20


Total downloads

Downloads per month in the last year

Origin of downloads


Repository Staff Only

View Item View Item