ANONYMIZATION TECHNIQUES TO PROTECT DATA

US 20180004978A1
Filed: 06/27/2017
Published: 01/04/2018
Est. Priority Date: 06/29/2016
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method to anonymize data, the method comprising:

receiving a set of data for a data analysis, wherein the set of data includes personal identifiable information;

correspondingly determining one or more risk rates and one or more utility rates for one or more combinations of anonymization techniques defined for data fields from the set of data;

based on an evaluation of the one or more risk rates and the one or more utility rates, determining a combination of anonymization techniques from the one or more anonymization techniques to be applied over the set of data; and

anonymizing the set of data according to the determined combination of anonymization techniques.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A set of data is received for a data analysis. The set of data includes personal identifiable information. The set of data is anonymized to protect the privacy information. Risk rates and utility rates are determined for a number of combinations of anonymization techniques defined correspondingly for data fields from the set of data. A risk rate is related to a privacy protection failure when defining first anonymized data through applying a combination of anonymization techniques for the data fields. A utility rate is related to accuracy of the data analysis when applied over the anonymized data. Based on evaluation of the risk rates and the utility rates, one or more anonymization techniques from the number of anonymization techniques are determined. The set of data is anonymized according to a determined anonymization techniques and/or a combination thereof.

Citations

20 Claims

1. A computer implemented method to anonymize data, the method comprising:
- receiving a set of data for a data analysis, wherein the set of data includes personal identifiable information;
  
  correspondingly determining one or more risk rates and one or more utility rates for one or more combinations of anonymization techniques defined for data fields from the set of data;
  
  based on an evaluation of the one or more risk rates and the one or more utility rates, determining a combination of anonymization techniques from the one or more anonymization techniques to be applied over the set of data; and
  
  anonymizing the set of data according to the determined combination of anonymization techniques.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein a first risk rate is related to a privacy protection failure when defining first anonymized data through applying a first combination of anonymization techniques for the data fields, and a first utility rate is related to accuracy of the data analysis when applied over the first anonymized data.
  - 3. The method of claim 2, further comprising:
    - defining a risk rate threshold value and an utility rate threshold value to determine the combination of anonymization techniques from the one or more combinations of anonymization techniques.
  - 4. The method of claim 3, wherein the determined combination of anonymization techniques is associated with a risk rate and an utility rate that are acceptable for the determined risk rate threshold value and the utility rate threshold value.

5. A computer system to provide remote rendering of electronic documents comprising:
- a processor;
  
  a memory in association with the processor storing instructions related to;
  
  receiving a data set for a data analysis, wherein the data set includes personal identifiable information;
  
  correspondingly determining risk rate values and utility rate values for anonymization techniques defined for data fields from the data set;
  
  based on an evaluation of the risk rate values and the utility rate values, determining at least one anonymization technique from the anonymization techniques to be applied over the set of data; and
  
  anonymizing the data set according to the determined at least one anonymization technique.
- View Dependent Claims (6, 7, 8, 9, 10, 11)
- - 6. The system of claim 5, wherein a first risk rate is related to a privacy protection failure when defining first anonymized data through applying a first combination of anonymization techniques for the data fields, and a first utility rate is related to accuracy of the data analysis when applied over the first anonymized data.
  - 7. The system of claim 5, wherein the memory further includes instructions related to:
    - defining a risk rate threshold value and an utility rate threshold value to determine the at least one anonymization technique from the anonymization techniques.
  - 8. The system of claim 5, wherein the memory further includes instructions related to:
    - determining a combination of anonymization techniques from combinations defined for the anonymization techniques.
  - 9. The system of claim 8, wherein the determined combination of anonymization techniques is associated with a risk rate and an utility rate that are acceptable for a determined risk rate threshold value and a utility rate threshold value.
  - 10. The system of claim 5, wherein the memory further stores instructions to:
    - define an analysis query related to the data analysis defined associated with the data set; and
      
      wherein a utility rate value from the determined utility rate values is associated with accuracy of query results generated based on execution of the analysis query over generated anonymized data according to an associated anonymization technique and query results received from executing the analysis query over the received data set.
  - 11. The system of claim 10, wherein the memory further stores instructions to:
    - based on determined risk rates and utility rates, generate utility quantifiers for the anonymization techniques as interpretations of determined risk rates for the anonymization techniques.

12. A non-transitory computer-readable medium storing instructions, which when executed cause a computer system to:
- determine one or more analysis queries related to a data analysis definition associated with a data set;
  
  determine privacy parameter threshold values for anonymization techniques based on evaluation of a plurality of attributes and pre-defined anonymization determination rules;
  
  determine a set of risk rates associated with levels of privacy presentation of anonymized data versions for a set of anonymization techniques from the anonymization techniques, wherein generated anonymized data is corresponding to an anonymization technique being applied the received set of data;
  
  determine a set of utility rates for the set of anonymization techniques, wherein a utility rate is associated with accuracy of query results generated based on execution of a query from the one or more analysis queries over generated anonymized data according to an associated anonymization technique and query results received from executing the query over the data set;
  
  based on determined risk rates and utility rates, generate utility quantifiers for the anonymization techniques as interpretation of determined risk rates for the corresponding anonymization techniques; and
  
  based on the generated utility quantifiers, determine at least one of the anonymization techniques to be applied over the set of data.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The computer-readable medium of claim 12, further comprising instructions to:
    - receive the data set, wherein at least one of the plurality of attributes of the data set is associated with personal identifiable information.
  - 14. The computer-readable medium of claim 12, wherein the instructions to evaluate the plurality of attributes includes determining of a rate of ability to identify a person associated with a data record from the data set and computing a total risk weight for the data set.
  - 15. The computer-readable medium of claim 12, further comprising instructions to:
    - provide a utility quantifier from the utility quantifiers for display to a display screen of a device.
  - 16. The computer-readable medium of claim 12, further comprising instructions to:
    - anonymize the data set according to the determined at least one anonymization techniques.
  - 17. The computer-readable medium of claim 12, wherein a first risk rate is related to a privacy protection failure when defining first anonymized data through applying a first anonymization technique over the data set.
  - 18. The computer-readable medium of claim 12, and a first utility rate from the set of utility rates is related to accuracy of the data analysis when applied over first anonymized data based on applying a first anonymization technique over the data set.
  - 19. The computer-readable medium of claim 12, wherein a utility quantifier from the utility quantifier is defined as a relation between observed results from executing the one or more analysis queries over the data set and observed results from executing the one or more analysis queries over an anonymized data set, wherein the anonymized data set is generated based on an applied anonymization technique for with the utility quantifier is determined.
  - 20. The computer-readable medium of claim 12, wherein the pre-defined anonymization determination rules include mappings defined for associations between a tuple of privacy parameter threshold values for anonymization techniques and a corresponding total risk weight for personal identification computed for the plurality of attributed of the data set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Hebert, Cedric, Bernau, Daniel, Lahouel, Amine

Granted Patent

US 10,628,608 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/2457 with adaptation to user needs

G06F 21/6254 by anonymising data, e.g. d...

ANONYMIZATION TECHNIQUES TO PROTECT DATA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ANONYMIZATION TECHNIQUES TO PROTECT DATA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links