Secure k-Anonymization over Encrypted Databases

TL;DR

This paper presents a novel approach for achieving k-anonymity and other privacy-preserving data publishing techniques directly over encrypted datasets using homomorphic encryption, ensuring data security and privacy.

Contribution

It introduces a new workflow that enables privacy-preserving data anonymization over encrypted data without revealing original values, supported by security proofs and experimental evaluation.

Findings

Achieves data masking and k-anonymity over encrypted datasets.

Provides strong security guarantees against inference attacks.

Demonstrates practical performance of the proposed workflow.

Abstract

Data protection algorithms are becoming increasingly important to support modern business needs for facilitating data sharing and data monetization. Anonymization is an important step before data sharing. Several organizations leverage on third parties for storing and managing data. However, third parties are often not trusted to store plaintext personal and sensitive data; data encryption is widely adopted to protect against intentional and unintentional attempts to read personal/sensitive data. Traditional encryption schemes do not support operations over the ciphertexts and thus anonymizing encrypted datasets is not feasible with current approaches. This paper explores the feasibility and depth of implementing a privacy-preserving data publishing workflow over encrypted datasets leveraging on homomorphic encryption. We demonstrate how we can achieve uniqueness discovery, data masking, differential privacy and k-anonymity over encrypted data requiring zero knowledge about the original values. We prove that the security protocols followed by our approach provide strong guarantees against inference attacks. Finally, we experimentally demonstrate the performance of our data publishing workflow components.