A Game Theoretic Framework for Analyzing Re-Identification Risk
dc.contributor.ISNI | 0000 0001 2710 6938 (Kantarcioglu, M) | en_US |
dc.contributor.LCNA | nb201302379 (Kantarcioglu, M) | en_US |
dc.contributor.ORCID | 0000-0001-6423-4533 (Kantarcioglu, M) | en_US |
dc.contributor.VIAF | 305367293 (Kantarcioglu, M) | en_US |
dc.contributor.author | Wan, Zhiyu | en_US |
dc.contributor.author | Vorobeychik, Yevgeniy | en_US |
dc.contributor.author | Xia, Weiyi | en_US |
dc.contributor.author | Clayton, Ellen Wright | en_US |
dc.contributor.author | Kantarcioglu, Murat | en_US |
dc.contributor.author | Ganta, Ranjit | en_US |
dc.contributor.author | Heatherly, Raymond | en_US |
dc.contributor.author | Malin, Bradley A. | en_US |
dc.date.accessioned | 2015-09-29T18:58:18Z | |
dc.date.available | 2015-09-29T18:58:18Z | |
dc.date.created | 2015-03-25 | en_US |
dc.description.abstract | Given the potential wealth of insights in personal data the big databases can provide, many organizations aim to share data while protecting privacy by sharing de-identified data, but are concerned because various demonstrations show such data can be re-identified. Yet these investigations focus on how attacks can be perpetrated, not the likelihood they will be realized. This paper introduces a game theoretic framework that enables a publisher to balance re-identification risk with the value of sharing data, leveraging a natural assumption that a recipient only attempts re-identification if its potential gains outweigh the costs. We apply the framework to a real case study, where the value of the data to the publisher is the actual grant funding dollar amounts from a national sponsor and the re-identification gain of the recipient is the fine paid to a regulator for violation of federal privacy rules. There are three notable findings: 1) it is possible to achieve zero risk, in that the recipient never gains from re-identification, while sharing almost as much data as the optimal solution that allows for a small amount of risk; 2) the zero-risk solution enables sharing much more data than a commonly invoked de-identification policy of the U.S. Health Insurance Portability and Accountability Act (HIPAA); and 3) a sensitivity analysis demonstrates these findings are robust to order-of-magnitude changes in player losses and gains. In combination, these findings provide support that such a framework can enable pragmatic policy decisions about de-identified data sharing. | en_US |
dc.description.sponsorship | "This research was funded by grants R01HG006844 and U01HG006385 from the National Human Genome Research Institute (http://www.genome.gov), grant R01LM009989 from National Library of Medicine (http://www.nlm.nih.gov), and grant CCF-0424422 from National Science Foundation (http://www.nsf.gov). " | en_US |
dc.identifier.bibliographicCitation | Wan, Zhiyu, Yevgeniy Vorobeychik, Weiyi Xia, Ellen Wright Clayton, et al. 2015. "A game theoretic framework for analyzing re-identification risk." PLOS One 10(3): doi:10.1371/journal.pone.0120592. | en_US |
dc.identifier.issn | 1932-6203 | en_US |
dc.identifier.issue | 3 | en_US |
dc.identifier.uri | http://hdl.handle.net/10735.1/4649 | |
dc.identifier.volume | 10 | en_US |
dc.language.iso | en | en_US |
dc.publisher | Public Library of Science | en_US |
dc.relation.uri | http://dx.doi.org/10.1371/journal.pone.0120592 | en_US |
dc.rights | CC-BY 4.0 (Attribution) | en_US |
dc.rights | ©2015 The Authors | en_US |
dc.rights.uri | http://creativecommons.org/licenses/by/4.0/ | en_US |
dc.source.journal | PLOS One | en_US |
dc.subject | Computer security | en_US |
dc.subject | Game theory | en_US |
dc.subject | Online identities | en_US |
dc.subject | Database security | en_US |
dc.subject | Risk assessment | en_US |
dc.title | A Game Theoretic Framework for Analyzing Re-Identification Risk | en_US |
dc.type.genre | article | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- JECS-2796-272713.42.pdf
- Size:
- 1.31 MB
- Format:
- Adobe Portable Document Format
- Description:
- Article