Database Reference
In-Depth Information
safeguards, so that the protection with respect to the linkage attack can be
measured. The implication of this finding is far reaching; once an analytical
process has been found and specified, it can be deployed and replicated with
the mentioned privacy-preserving safeguards in order to perform mobility data
analyses in different periods of time, in different cities, in different contexts:
once deployed, it is a safe service that generates knowledge of the expected
quality starting from truly anonymous data.
9.6 Bibliographic Notes
The literature on privacy inmobility data is becoming extensive. In the following,
we will provide an essential list of bibliographic references for the reader,
including those describing the problems and the solutions discussed in the
chapter.
Privacy issues in mobility data mining were deeply discussed by
Giannotti
and Pedreschi
(
2008
).
Monreale et al.
(
2010
) present an overview on the main
privacy-preserving data publishing and mining techniques proposed by the data
mining community and by the statistical disclosure control community. This
contribution also discusses the privacy issues in complex domains, focusing the
attention on the context of spatio-temporal data and describing some approaches
proposed for anonymity of this type of data.
The
k
-anonymity model was introduced by
Samarati and Sweeney
(
1998
),
and then
Machanavajjhala et al.
(
2007
)and
Li et al.
(
2007
) proposed
l
-diversity
and
t
-closeness to overcome the weaknesses of
k
-anonymity. This privacy model
and its variants have been widely adopted to achieve privacy in movement data,
especially in privacy-preserving publishing of trajectories. A recent survey on
this topic is presented by
Bonchi et al.
(
2011
).
The problem of hiding sensitive spatio-temporal patterns in trajectory data
was studied in
Abul et al.
(
2010
), while a privacy-preserving clusteringmethod in
horizontally partitioned spatio-temporal data was described by
Inan and Saygin
(
2006
).
The
privacy by design
paradigm in data mining was introduced by
Monreale
(
2011
). This PhD thesis proposed this novel methodology to address the privacy
issues in complex data with a particular focus on data with a sequential nature
such as trajectory data.
Lastly, techniques for trajectory anonymity based on microaggregation
and perturbation were introduced in a recent work by
Domingo-Ferrer and
Trujillo-Rasua
(
2012
).