A New Distributed Anonymization Protocol with Minimal Loss of Information

Introduction

Cloud computing is growing more and more in the current world scenario. Is a model on software and distributed computing which enables Convenient and On-demand network access to a shared pool of configurable computing resources where millions of users share an infrastructure (Sakhar and Ganar, 2013). Recently, several studies have proved that moving thte data to the cloud have been conducted to identify improvements of performance (Chang and Wills, 2016), an high data restoration in the case of emergency and aleatory accidents (Chang, 2015) and produce an accuracy measurement (Chang, 2014), Nowadays many organizations, especially Small and Medium Business (SMB) enterprises outsource their large data to the cloud to save a large amount of money, such as Amazon’s EC2 and Microsoft’s Azure; provide support for computation, data management, and internet services. Examples of success cases on EC2 include Pinterest¹, which manage a high-performance social application that stores more than 8 billion objects and 400 terabytes of data, and SAP², which is a social content-sharing network that has shared more than 430 million items across 30,000 web sites. Unfortunately, such data sharing is subject to constraints imposed by privacy of individuals. An example is GoGrid that has suffered a security breach; its Security Team discovered that an unauthorized third party may have viewed the account information, including payment card data.

The confidentiality of this data must be preserved before outsourcing to the commercial public cloud, i.e. any sensitive information should not be disclosed. Data anonymization is one of the privacy preserving techniques that translate the information, making the original data worthless to anybody except the owners (Sedayao, 2012). It has been widely discussed in the literature such as k-anonymity (Aggarwal et al, 2005; Bayardo and Agrawal, 2005; LeFevre et al, 2005; Meyerson and Williams, 2004; Samarati and Sweeney, 1998; Sweeney, 2002), l-diversity (Machanavajjhala et al, 2006), t-closeness (Li et al, 2007), k-concealment (Tassa et al, 2012).

In this work, we focus on the privacy issue that is the number one factor for security based on 400 IT professionals' opinions with challenges ahead to be resolved (Chang et al, 2016). Some solutions such as (Chang, Kuo and Ramachandran, 2016) presents a framework security suitable for business clouds which based on the development and integration of three major security technologies: firewall, identity management, and encryption. We propose a new distributed anonymization protocol that allows multiple data providers to publish datasets with personalized needs to cloud servers for building a virtual anonymized database based on the integration of all the local generalized data. As the output of the proposed protocol, each private dataset produces a local anonymized dataset that satisfies each data provider’s privacy constraints and their union forms a global virtual database that meets a global anonymization principle. We also introduce a new algorithm that inserts data subjects into an R*-tree strategy for anonymization using a k-concealment, an alternative model of k-anonymity that offers higher utility and has been justified to be useful in many practical applications such as privacy-preserving location services.

The rest of the paper is organized as follows. Section 2, reviews the related work about our research. In Section 3, we formally define the basic and problem definition and discuss the privacy model we are using. Section 4 presents our distributed anonymization protocol, and Section 5 explains an R*-tree generalization principal to achieve the protocol. Section 6 presents an experimental evaluation of our solution and show that offers highly utility. Finally, we conclude our discussion in Section 7.