Help
Cart
Skip main navigation

Available Issues

April 10, 2013 - April 2, 2026

Available Issues

April 10, 2013 - April 2, 2026

Protecting Privacy Against Record Linkage Disclosure: A Bounded Swapping Approach for Numeric Data

Published Online:14 Jun 2010https://doi.org/10.1287/isre.1100.0289

References

  • Adam N. R., Wortmann J. C. Security-control methods for statistical databases: A comparative study. ACM Comput. Surveys (1989) 21(4):515–556CrossrefGoogle Scholar
  • Al-Lawati A., Lee D., McDaniel P. Blocking-aware private record linkage. Proc. 2nd Internat. Workshop on Information Quality in Information Systems (IQIS) (2005) ACM PressNew York:59–68CrossrefGoogle Scholar
  • Boruch R. F., Victor T., Cecil J. S. Resolving ethical and legal problems in randomized experiments. Crime Delinquency (2000) 46(3):330–353CrossrefGoogle Scholar
  • Bradley P. S., Fayyad U. M., Mangasarian O. L. Mathematical programming for data mining: Formulations and challenges. INFORMS J. Comput. (1999) 11(3):217–238LinkGoogle Scholar
  • Brand R., Domingo-Ferrer J., Mateo-Sanz J. M. Reference data sets to test and compare SDC methods for protection of numerical microdata. (2002) . Retrieved July 1, 2006, http://neon.vb.cbs.nl/casc/Google Scholar
  • Churches T., Christen P. Some methods for blindfolded record linkage. BMC Medical Informatics Decision Making (2004) 4(9):17Google Scholar
  • Cox L. H. Network models for complementary cell suppression. J. Amer. Statist. Assoc. (1995) 90(432):1453–1462CrossrefGoogle Scholar
  • Cox L. H., Boruch R. F. Record linkage, privacy and statistical policy. J. Official Statist. (1988) 4(1):3–16Google Scholar
  • Defays D., Nanopoulos P. Panels of enterprises and confidentiality: The small aggregates method. Proc. Statist. Canada Sympos. 1992 Design Anal. (1993) Longitudinal SurveysOttawa, ON, Canada:195–204Google Scholar
  • Domingo-Ferrer J., Mateo-Sanz J. M. Practical data-oriented microaggregation for statistical disclosure control. IEEE Trans. Knowledge Data Engrg. (2002) 14(1):189–201CrossrefGoogle Scholar
  • Domingo-Ferrer J., Torra V., Doyle P., Lane J., Theeuwes J., Zayatz L. A quantitative comparison of disclosure control methods for microdata. Confidentiality, Disclosure and Data Access: Theory and Practical Applications for Statistical Agencies (2001) (North-Holland, Amsterdam) 111–134Google Scholar
  • Duncan G. T., Mukherjee S. Optimal disclosure limitation strategy in statistical databases: Deterring tracker attacks through additive noise. J. Amer. Statist. Assoc. (2000) 95(451):720–729CrossrefGoogle Scholar
  • Fellegi I. P., Alvey W., Jamerson B. Record linkage and public policy—A dynamic evolution. Record Linkage Techniques—1997. Proc. Internat. Workshop Exposition (1997) Federal CommitteeWashington, DC:3–12Google Scholar
  • Fellegi I. P., Sunter A. B. A theory for record linkage. J. Amer. Statist. Assoc. (1969) 64(328):1183–1210CrossrefGoogle Scholar
  • Friedman J. H., Bentley J. L. An algorithm for finding best matches in logarithmic expected time. ACM Trans. Math. Software (1977) 3(3):209–226CrossrefGoogle Scholar
  • Galletta D. MIS faculty salary survey results. (2004) . Retrieved March 1, http://www.pitt.edu/~galletta/salsurv.htmlGoogle Scholar
  • Garfinkel R., Gopal R., Thompson S. Releasing individually identifiable microdata with privacy protection against stochastic threat: An application to health information. Inform. Systems Res. (2007) 18(1):23–41LinkGoogle Scholar
  • Graybill F. A.Theory and Application of the Linear Model (1976) (Wadsworth, Pacific Grove, CA) Google Scholar
  • Greene W. H.Econometric Analysis (1993) (Macmillan, New York) Google Scholar
  • Hansen S. L., Mukherjee S. A polynomial algorithm for optimal univariate microaggregation. IEEE Trans. Knowledge Data Engrg. (2003) 15(4):1043–1044CrossrefGoogle Scholar
  • Hundepool A., Willenborg L. μ- and τ-ARGUS: Software for statistical disclosure control. Proc. 3rd Internat. Seminar Statist. Confidentiality (1996) Bled, SloveniaGoogle Scholar
  • Johnson R. A., Wichern D. W.Applied Multivariate Statistical Analysis (2002) (Prentice Hall, Upper Saddle River, NJ) Google Scholar
  • KDnuggets Google subpoena: Child protection vs. privacy. (2006) . Retrieved July 1, http://www.kdnuggets.com/polls/2006/google_subpoena.htmGoogle Scholar
  • Laszlo M., Mukherjee S. Minimum spanning tree partitioning algorithm for microaggregation. IEEE Trans. Knowledge Data Engrg. (2005) 17(7):902–911CrossrefGoogle Scholar
  • Li X.-B., Sarkar S. A tree-based data perturbation approach for privacy-preserving data mining. IEEE Trans. Knowledge Data Engrg. (2006a) 18(9):1278–1283CrossrefGoogle Scholar
  • Li X.-B., Sarkar S. Privacy protection in data mining: A perturbation approach for categorical data. Inform. Systems Res. (2006b) 17(3):254–270LinkGoogle Scholar
  • Liew C. K., Choi U. J., Liew C. J. A data distortion by probability distribution. ACM Trans. Database Systems (1985) 10(3):395–411CrossrefGoogle Scholar
  • Lindell Y., Pinkas B. Privacy preserving data mining. J. Cryptology (2002) 15(3):177–206CrossrefGoogle Scholar
  • Machanavajjhala A., Gehrke J., Kifer D., Venkitasubramaniam M. l-diversity: Privacy beyond k-anonymity. Proc. 22nd IEEE Internat. Conf. Data Engrg. (ICDE 2006) (2006) IEEE Computer Science SocietyWashington, DC:24–35CrossrefGoogle Scholar
  • MacQueen J. B. Some methods for classification and analysis of multivariate observations. Proc. 5th Berkeley Sympos. Math. Statist. Probab. (1967) Berkeley, CA:281–297Google Scholar
  • Mitchell T. M.Machine Learning (1997) (McGraw-Hill, New York) Google Scholar
  • Moore R. A. Controlled data swapping for masking public use microdata sets. (1996) . Statistical Research Division Report, Series RR96/04, U.S. Census Bureau, Washington, DCGoogle Scholar
  • Newcombe H. B., Kennedy J. M. Record linkage: Making maximum use of the discriminating power of identifying information. Comm. ACM (1962) 5(13):563–566CrossrefGoogle Scholar
  • Newcombe H. B., Kennedy J. M., Axford S. J., James A. P. Automatic linkage of vital records. Science (1959) 130(3389):954–959CrossrefGoogle Scholar
  • O'Keefe C. M., Yung M., Gu L., Baxter R. Privacy-preserving data linkage protocols. Proc. 2004 ACM Workshop Privacy Electronic Soc. (2004) ACM PressNew York:94–102CrossrefGoogle Scholar
  • Pagliuca D., Seri G. Some results of individual ranking method on the system of enterprise accounts annual survey, Esprit SDC Project, Deliverable MI-3/D2. (1999) Google Scholar
  • Samarati P. Protecting respondents' identities in microdata release. IEEE Trans. Knowledge Data Engrg. (2001) 13(6):1010–1027CrossrefGoogle Scholar
  • Seifert J. W. Data mining and homeland security: An overview. (2006) . CRS Report for Congress, January 27. Retrieved July 1, http://www.fas.org/sgp/crs/intel/RL31798.pdfGoogle Scholar
  • Sharma A., Paliwal K. K. Fast principal component analysis using fixed-point algorithm. Pattern Recognition Lett. (2007) 28(10):1151–1155CrossrefGoogle Scholar
  • Sweeney L. k-Anonymity: A model for protecting privacy. Internat. J. Uncertainty Fuzziness Knowledge-Based Systems (2002) 10(5):557–570CrossrefGoogle Scholar
  • Sweeney L. Privacy-enhanced linking. SIGKDD Explorations (2005) 7(2):72–75CrossrefGoogle Scholar
  • Teltzrow M., Kobsa A. Impacts of user privacy preferences on personalized systems: A comparative study. Designing Personalized User Experiences in eCommerce (2004) (Kluwer Academic Publishers, Dordrecht, The Netherlands) 315–332CrossrefGoogle Scholar
  • Torgo L. Housing data. Retrieved. (1996) . January 1, http://www.cs.waikato.ac.nz/ml/weka/Google Scholar
  • Traub J. F., Yemini Y., Wozniakowski H. The statistical security of a statistical database. ACM Trans. Database Systems (1984) 9(4):672–679CrossrefGoogle Scholar
  • U.S. General Accounting Office Record linkage and privacy: Issues in creating new federal research and statistical information. (2001) . Report GAO-01-126SP, GAO, Washington, DC. Retrieved July 1, http://www.gao.gov/new.items/d01126sp.pdfGoogle Scholar
  • Winkler W. E. Examples of easy-to-implement, widely used methods of masking for which analytic properties are not justified. (2007) . Census Bureau Research Report Series (Statistics #2007-21). Retrieved March 1, http://www.census.gov/srd/papers/pdf/rrs2007-21.pdfGoogle Scholar
  • Witten I. H., Frank E.Data Mining: Practical Machine Learning Tools and Techniques (2005) (Morgan Kaufmann, San Francisco) Google Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree