US2008005778A1PendingUtilityA1
System and method for privacy protection using identifiability risk assessment
Est. expiryJul 3, 2026(expired)· nominal 20-yr term from priority
G06Q 10/10
58
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A risk assessment system and method includes an information system configured to disclose information to a third party. A risk determination model is configured to compute identifiability risk for on one or more records in storage. The identifiability risk is compared to a threshold prior to being disclosed wherein the information system is informed of the identifiability risk exceeding the threshold prior to disclosure to the third party.
Claims
exact text as granted — not AI-modified1 . A risk assessment system, comprising:
an information system configured to disclose information to a third party; and a risk determination model configured to compute identifiability risk for one or more records in storage, the identifiability risk being compared to a threshold prior to being disclosed wherein the information system is informed of the identifiability risk exceeding the threshold prior to disclosure to the third party.
2 . The system as recited in claim 1 , wherein the information system builds the risk determination model based on the one or more records of input data.
3 . The system as recited in claim 1 , wherein the information system builds the risk determination model using records having a highest identifiability for a combination attributes.
4 . The system as recited in claim 1 , wherein the risk determination model computes identifiability risk for a given record based on a reciprocal of a subset of records or cell size from a population table that includes only the records that have values of all attributes in a set of key attributes included in the given record.
5 . The system as recited in claim 4 , wherein the cell size is approximated.
6 . The system as recited in claim 1 , wherein the risk determination model computes identifiability risk for multiple records by subtracting from 1: a sum of 1 minus the identifiably risk for all records in a sample table.
7 . The system as recited in claim 1 , wherein the risk determination model predicts identifiability risk for records input to the information system.
8 . The system as recited in claim 1 , wherein the risk determination model predicts a single record identifiability risk for a given record, knowing a set of key attributes, by summing over a population: a probability that an individual is the one appearing in a sample table divided by a cell size for each record corresponding to the individual.
9 . The system as recited in claim 8 , wherein the cell size is approximated.
10 . The system as recited in claim 8 , wherein the risk determination model predicts identifiability risk for each of multiple records by subtracting from 1:1 minus the single record identifiably risk to exponent m, where m is the number of records.
11 . The system as recited in claim 1 , wherein the risk determination model includes a combined privacy risk model configured to combine risk assessment for a plurality of risk factors.
12 . A risk monitoring system, comprising:
an information system configured to disclose information to an entity; a risk determination model configured to compute identifiability risk for on one or more records in storage; a privacy monitor configured to receive the one or more records being released, and prior to disclosing the one or more records to the entity, the privacy monitor being configured to detect whether the identifiability risk exceeds a threshold and perform a function to mitigate unauthorized disclosure of the records to the entity.
13 . The system as recited in claim 12 , wherein the information system builds the risk determination model based on the one or more records of input data.
14 . The system as recited in claim 12 , wherein the information system builds the risk determination model using records having a highest identifiability for a combination attributes.
15 . The system as recited in claim 12 , wherein the risk determination model computes identifiability risk for a given record based on a reciprocal of a subset of records or cell size from a population table that includes only the records that have values of all attributes in a set of key attributes included in the given record.
16 . The system as recited in claim 15 , wherein the cell size is approximated.
17 . The system as recited in claim 12 , wherein the risk determination model computes identifiability risk for multiple records by subtracting from 1:1 a sum of 1 minus the identifiably risk for all records in a sample table.
18 . The system as recited in claim 12 , wherein the risk determination model predicts identifiability risk for records input to the information system.
19 . The system as recited in claim 12 , wherein the risk determination model predicts a single record identifiability risk for a given record, knowing a set of key attributes, by summing over a population: a probability that an individual is the one appearing in a sample table divided by a cell size for each record corresponding to the individual.
20 . The system as recited in claim 19 , wherein the cell size is approximated.
21 . The system as recited in claim 19 , wherein the risk determination model predicts identifiability risk for each of multiple records by subtracting from 1: 1 minus the single record identifiably risk to exponent m, where m is the number of records.
22 . The system as recited in claim 12 , wherein the risk determination model includes a combined privacy risk model configured to combine risk assessment for a plurality of risk factors.
23 . A method for privacy protection, comprising:
evaluating identifiability risk for one or more records in storage using a risk assessment model; comparing the identifiability risk with a threshold to determine whether the one or more records can be disclosed to a third party without violation of privacy criteria; and disclosing the one or more records if disclosure is acceptable based on the comparing step.
24 . The method as recited in claim 23 , further comprising, prior to disclosing the one or more records to the third party, detecting whether the identifiability risk exceeds a threshold and performing a function to mitigate unauthorized disclosure of the records to the third party.
25 . The method as recited in claim 23 , further comprising building the risk determination model using records having a highest identifiability for a combination attributes.
26 . The method as recited in claim 23 , wherein evaluating includes computing identifiability risk for a given record based on a reciprocal of a subset of records or cell size from a population table that includes only the records that have values of all attributes in a set of key attributes included in the given record.
27 . The method as recited in claim 26 , further comprising approximating the cell size.
28 . The method as recited in claim 23 , wherein evaluating includes computing identifiability risk for multiple records by subtracting from 1:1 a sum of 1 minus the identifiably risk for all records in a sample table.
29 . The method as recited in claim 23 , wherein evaluating includes predicting identifiability risk for records input to an information system.
30 . The method as recited in claim 23 , wherein evaluating includes predicting a single record identifiability risk for a given record, knowing a set of key attributes, by summing over a population: a probability that an individual is the one appearing in a sample table divided by a cell size for each record corresponding to the individual.
31 . The method as recited in claim 30 , further comprising approximating the cell size.
32 . The method as recited in claim 30 , wherein evaluating includes predicting identifiability risk for each of multiple records by subtracting from 1:1 minus the single record identifiably risk to exponent m, where m is the number of records.
33 . The method as recited in claim 23 , further comprising combining risks using a combined privacy risk model configured to combine risk assessment for a plurality of risk factors.
34 . A computer program product of privacy protection comprising a computer useable medium including a computer readable program, wherein the computer readable program when executed on a computer causes the computer to:
evaluating identifiability risk for one or more records in storage using a risk assessment model; comparing the identifiability risk with a threshold to determine whether the one or more records can be disclosed to a third party without violation of privacy criteria; and disclosing the one or more records if disclosure is acceptable based on the comparing step.
35 . The computer program product as recited in claim 34 , further comprising wherein evaluating includes predicting identifiability risk for records input to an information system.Join the waitlist — get patent alerts
Track US2008005778A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.