DPP Topic 2 - Attack Models

Question 1

Record Linkage Model

Answer 1

Group similar Quasi Identifier (QID) values into a small number of records, allowing an adversary to link a victim’s QID and identify their record

Question 2

Attribute Linkage Model

Answer 2

Inferring a victim’s sensitive values from published data based on their belonging to a group with a set of Sensitive Attributes

Question 3

Table Linkage Model

Answer 3

Inferring the presence or absence of a victim’s record in published data, which can be damaging even without identifying the record

Question 4

Probabilistic Model

Answer 4

Comparing the probability of identifying a target victim’s sensitive information before and after accessing published data

Question 5

Background Knowledge

Answer 5

Adversary’s knowledge beyond published Quasi Identifiers, such as public statistical data, social networks, and common sense

Question 6

Data Recipient

Answer 6

The role that receives the published data for analysis or other purposes (E.g., Pharmaceutical Company)

Question 7

Data Publisher

Answer 7

The role that publishes the data after applying privacy-preserving techniques (E.g., Hospital)

Question 8

Record Owners

Answer 8

The individuals whose personal data is being published (E.g., Patients)

Question 9

Explicit Identifiers

Answer 9

Data attributes that directly identify record owners, such as names or ID numbers (E.g., Name, IC, Phone No.)

Question 10

Quasi Identifiers (QID)

Answer 10

Data attributes that could potentially identify record owners (E.g., Postal Code, Age, Gender)

Question 11

Sensitive Attributes

Answer 11

Sensitive person-specific information, (E.g., Salary, Disease, Disability status)

Question 12

Non-sensitive attributes

Answer 12

Data attributes that do not fall into the other categories

Question 13

Re-identification

Answer 13

The process of using Quasi Identifiers to identify individuals, even when Explicit Identifiers are removed