Privacy and confidentiality in an e-commerce world: Data mining, data warehousing, matching and disclosure limitation

Statistical Science

Volumn 21, Issue 2, 2006, Pages 143-154

  Fienberg, Stephen E ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

Encryption; Multiparty computation; Privacy preserving data mining; R U confidentiality map; Record linkage; Selective revelation

Indexed keywords

EID: 33748542906     PISSN: 08834237     EISSN: None     Source Type: Journal    
DOI: 10.1214/088342306000000240     Document Type: Conference Paper

References (40)

1. AGRAWAL, R., EVFIMIEVSKI, A. and SRIKANT, R. (2003). Information sharing across private databases. In Proc. 2003 ACM SIGMOD International Conference on Management of Data 86-97. ACM Press, New York.
2. BILENKO, M., MOONEY, R., COHEN, W. W., RAVIKUMAR, P. and FIENBERG, S. E. (2003). Adaptive name matching in information integration. IEEE Intelligent Systems 18(5) 16-23.
3. BISHOP, Y. M. M., FIENBERG, S. E. and HOLLAND, P. W. (1975). Discrete Multivariate Analysis: Theory and Practice. MIT Press, Cambridge, MA. MR0381130
4. CLARKE, R. (1988). Information technology and dataveillance. Comm. ACM 31 498-512.
5. DOBRA, A. and FIENBERG, S. E. (2001). Bounds for cell entries in contingency tables induced by fixed marginal totals. Statist. J. United Nations ECE 18 363-371.
6. DOBRA, A. and FIENBERG, S. E. (2003). Bounding entries in multi-way contingency tables given a set of marginal totals. In Foundations of Statistical Inference (Y. Haitovsky, H. R. Lerche and Y. Ritov, eds.) 3-16. Physica, Heidelberg. MR2017809
7. DOMINGO-FERRER, J., MATEO-SANZ, J. M. and SÁNCHEZ DEL CASTILLO, R. X. (2000). Cryptographic techniques in statistical data protection. In Proc. Joint UN/ECE-Eurostat Work Session on Statistical Data Confidentiality 159-166. Office for Official Publications of the European Communities, Luxembourg.
8. DOMINGO-FERRER, J. and TORRA, V. (2003). Disclosure risk assessment in statistical microdata protection via advanced record linkage. Stat. Comput. 13 343-354. MR2005437
9. DUNCAN, G. T. (2001). Confidentiality and statistical disclosure limitation. International Encyclopedia of the Social and Behavioral Sciences 2521-2525. North-Holland, Amsterdam.
10. DUNCAN, G. T., FIENBERG, S. E., KRISHNAN, R., PADMAN, R. and ROEHRIG, S. F. (2001). Disclosure limitation methods and information loss for tabular data. In Confidentiality, Disclosure and Data Access: Theory and Practical Applications for Statistical Agencies (P. Doyle, J. Lane, J. Theeuwes and L. Zayatz, eds.) 135-166. North-Holland, Amsterdam.
11. DUNCAN, G. T., KELLER-MCNULTY, S. A. and STOKES, S. L. (2004). Database security and confidentiality: Examining disclosure risk vs. data utility through the R-U confidentiality map. Technical Report 142, National Institute of Statistical Sciences.
12. DUNCAN, G. T. and STOKES, S. L. (2004). Disclosure risk vs. data utility: The R-U confidentiality map as applied to topcoding. Chance 17(3) 16-20. MR2061932
13. DWORK, C. and NISSIM, K. (2004). Privacy-preserving data mining on vertically partitioned databases. In Proc. CRYPTO 2004, 24th International Conference on Cryptology 528-544. Univ. California, Santa Barbara.
14. FELLEGI, I. P. and SUNTER, A. B. (1969). A theory for record linkage. J. Amer. Statist. Assoc. 64 1183-1210.
15. FIENBERG, S. E. (2005). Confidentiality and disclosure limitation. Encyclopedia of Social Measurement 463-469. North-Holland, Amsterdam.
16. FIENBERG, S. E. (2005). Homeland insecurity: Datamining, terrorism detection, and confidentiality. Bull. Internat. Stat. Inst., 55th Session. Sydney.
17. FIENBERG, S. E. and SHMUELI, G. (2005). Statistical issues and challenges associated with rapid detection of bio-terrorist attacks. Stat. Med. 24 513-529. MR2134521
18. FIENBERG, S. E. and SLAVKOVIC, A. B. (2004). Making the release of confidential data from multi-way tables count. Chance 17(3) 5-10. MR2061930
19. FIENBERG, S. E. and SLAVKOVIC, A. B. (2005). Preserving the confidentiality of categorical statistical data bases when releasing information for association rules. Data Mining and Knowledge Discovery 11 155-180.
20. GOPAL, R., GARFINKEL, R. and GOES, P. (2002). Confidentiality via camouflage: The CVC approach to disclosure limitation when answering queries to databases. Oper. Res. 50 501-516. MR1910286
21. INFORMATION SCIENCE AND TECHNOLOGY STUDY GROUP ON SECURITY AND PRIVACY (chair: J. D. Tygar) (2002). Security With Privacy. Briefing.
22. JARO, M. A. (1995). Probabilistic linkage of large public health data files. Stat. Med. 14 491-498.
23. KARR, A. F., LIN, X., SANIL, A. P. and REITER, J. P. (2006). Secure statistical analysis of distributed databases. In Statistical Methods in Counterterrorism (A. Wilson, G. Wilson and D. H. Olwell, eds.). Springer, New York.
24. KREIMER, S. F. (2004). Watching the watchers: Surveillance, transparency, and political freedom in the war on terror. J. Constitutional Law 7 133-181.
25. LARSEN, M. D. and RUBIN, D. B. (2001). Iterative automated record linkage using mixture models. J. Amer. Statist. Assoc. 96 32-41.
26. LI, Y., TYGAR, J. D. and HELLERSTEIN, J. M. (2005). Private matching. In Computer Security in the 21st Century (D. T. Lee, S. P. Shieh and J. D. Tygar, eds.) 25-50. Springer, New York.
27. LUNT, T. (2003). Protecting privacy in terrorist tracking applications. Presentation to the Department of Defense Technology and Privacy Advisory Committee, September 29, 2003.
28. LUNT, T., STADDON, J., BALFANZ, D., DURFEE, G., URIBE, T. et al. (2005). Protecting privacy in terrorist tracking applications. Powerpoint presentation. Available at research.microsoft.com/projects/SWSecInstitute/five-minute/ Balfanz5.ppt.
29. MURALIDHAR, K., SARATHY, R. and PARSA, R. (2001). An improved security requirement for data perturbation with implications for e-commerce. Decision Sci. 32 683-698.
30. RELYEA, H. C. and SEIFERT, J. W. (2005). Information Sharing for Homeland Security: A Brief Overview. Congressional Research Service, The Library of Congress (Updated January 10, 2005). Available at www.fas.org/sgp/crs/RL32597. pdf.
31. SECURE FLIGHT WORKING GROUP (2005). Report of the secure flight working group. Presented to the Transportation Security Administration, September 19, 2005. Available at www.epic.org/privacy/airtravel/sfwg_report_091905.pdf.
32. SWEENEY, L. (2005). Privacy-preserving bio-terrorism surveillance. Presentation at AAAI Spring Symposium, AI Technologies for Homeland Security, Stanford Univ.
33. SWEENEY, L. (2005). Privacy-preserving surveillance using selective revelation. LIDAP Working Paper 15, School Computer Science, Carnegie Mellon Univ.
34. TYGAR, J. D. (2003). Privacy architectures. Presentation at Microsoft Research, June 18, 2003. Available at research.microsoft.com/projects/ SWSecInstitute/slides/Tygar. pdf.
35. TYGAR, J. D. (2003). Privacy in sensor webs and distributed information systems. In Software Security Theories and Systems (M. Okada, B. Pierce, A. Scedrov, H. Tokuda and A. Yonezawa, eds.) 84-95. Springer. New York.
36. U.S. DEPARTMENT OF DEFENSE TECHNOLOGY AND PRIVACY ADVISORY COMMITTEE (TAPAC) (2004). Safeguarding Privacy in the Fight Against Terrorism. Department of Defense, Washington.
37. U.S. GENERAL ACCOUNTING OFFICE (2004). Data Mining: Federal Efforts Cover a Wide Range of Uses. GAO-04-548, Report to the Ranking Minority Member, Subcommittee on Financial Management, the Budget and International Security. Committee on Governmental Affairs, U.S. Senate, Washington.
38. WINKLER, W. E. (2002). Methods for record linkage and Bayesian networks. Proc. Section Survey Research Methods 3743-3748. Amer. Statist. Assoc., Alexandria, VA.
39. WINKLER, W. E. (2005). Data quality in data warehouses. Encyclopedia of Data Warehousing and Data Mining 1. Idea Group, Hershey, PA.
40. ZHONG, S., YANG, Z. and WRIGHT, R. N. (2005). Privacyenhancing k-anonymization of customer data. In Proc. 24th ACM SIGMOD International Conference on Management of Data/Principles of Database Systems (PODS 2005). ACM Press, New York.