| CPC G06F 16/2282 (2019.01) [A61K 31/519 (2013.01); G06F 16/243 (2019.01); G06F 16/248 (2019.01); G06F 21/6227 (2013.01); G06F 21/6254 (2013.01)] | 19 Claims |
|
1. A computer-implemented method for reducing privacy risk in a disclosure of data, the method comprising:
accessing, by a computing device, the data, the data including a plurality of attributes;
classifying, by the computing device, each attribute among the plurality of attributes into one of a plurality of classifications;
presenting a plurality of privacy objectives to a user;
receiving, by the computing device, a selection of one of the privacy objectives from the user;
receiving a selection of a utility objective;
determining, by the computing device, a data transformation to achieve the selected privacy objective and the selected utility objective, wherein the data transformation comprises at least one of: k-anonymization, randomized response, I-diversity, t-closeness or other instance-specific data transformations arising as solver output from a constrained optimization problem involving the privacy objective and the utility objective;
applying, by the computing device, the determined data transformation to the data, wherein the determined data transformation is applied to at least one of the attributes of the data based on the classifications to produce selectively modified data;
determining, by the computing device, whether the selected privacy objective and the selected utility objective have been met after application of the determined data transformation to the data;
iteratively adjusting and re-applying the data transformation to the data, by the computing device, if the selected utility objective is determined to not have been met; and
presenting, by the computing device, the selectively modified data for disclosure.
|