Browse Definitions :
Definition

de-anonymization (deanonymization)

De-anonymization is a data mining strategy in which anonymous data is cross-referenced with other data sources to re-identify the anonymous data source. 

Any information that distinguishes one data source from another can be used for de-anonymization. Although the concept of de-anonymization goes back several decades, the term made headlines in 2006 when Arvind Narayanan and Vitaly Shmatikov entered a contest hosted by Netflix, a popular movie-rental service. Narayanan and Shmatikov applied their de-anonymization methodology to a data set that contained the anonymous movie ratings of 500,000 members and were able to successfully identify Netflix data for a number of specific members. According to Narayanan and Shmatik, de-anonymization requires data that is abundant, granular and fairly stable across time and context.

As the United States government and other nations move forward with open government initiatives, more data is becoming publicly available over the Internet. Much of this data has been scrubbed to create what the government calls “limited data sets.”  Personally identifiable information (PII) such as names, addresses and social security numbers are removed from limited data sets or obfuscated through a data anonymization process so that the specific source of the data remains anonymous. This assurance of anonymity protects the source's privacy and allows the government to legally share limited data sets with third parties without requiring written permission. Such data has proved to be very valuable for researchers, particularly in health care. Privacy advocates, however, are concerned that even though the data has been scrubbed, so much of it is available that a specific individual’s identity could be re-discovered.

See also: association rules, business intelligence, opinion mining, OLAP, fuzzy logic

 

This was last updated in May 2015

Continue Reading About de-anonymization (deanonymization)

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • bare-metal cloud

    Bare-metal cloud is a public cloud service that offers dedicated hardware resources without any installed operating systems or ...

  • race condition

    A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at ...

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

Close