Relationships and data sanitization: A study in scarlet

Matt Bishop, Justin Cummins, Sean Peisert, Anhad Singh, Bhume Bhumiratana, Deborah Agarwal, Deborah Frincke, Michael Hogarth

Research output: Chapter in Book/Report/Conference proceedingConference contribution

22 Scopus citations


Research in data sanitization (including anonymization) emphasizes ways to prevent an adversary from desanitizing data. Most work focuses on using mathematical mappings to sanitize data. A few papers examine incorporation of privacy requirements, either in the guise of templates or prioritization. Essentially these approaches reduce the information that can be gleaned from a data set. In contrast, this paper considers both the need to ''desanitize'' and the need to support privacy. We consider conflicts between privacy requirements and the needs of analysts examining the redacted data. Our goal is to enable an informed decision about the effects of redacting, and failing to redact data. We begin with relationships among the data being examined, including relationships with a known data set and other, additional, external data. By capturing these relationships, desanitization techniques that exploit them can be identified, and the information that must be concealed in order to thwart them can be determined. Knowing that, a realistic assessment of whether the information and relationships are already widely known or available will enable the sanitizers to assess whether irreversible sanitization is possible, and if so, what to conceal to prevent desanitization.

Original languageEnglish (US)
Title of host publicationProceedings New Security Paradigms Workshop
Number of pages13
StatePublished - 2010
EventNew Security Paradigms Workshop, NSPW 2010 - Concord, MA, United States
Duration: Sep 21 2010Sep 23 2010


OtherNew Security Paradigms Workshop, NSPW 2010
Country/TerritoryUnited States
CityConcord, MA


  • data anonymization
  • ontology
  • privacy
  • sanitization

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Software
  • Information Systems

Cite this