Anonymity Assessment

The anonymity assessment node considers two types of risks, quasi-identifiable re-identification and attacker risks. The output is an analysis of these two risks. To get additional insight if two tables are provided an additional columns with the same risks assessment results are provided in the output tables. This is helpful for comparing non-anonymized and anonymized data.

  1. Quasi-identifiable re-identification risks
    Combinations of quasi-identifiers that can be analyzed regarding associated risks of re-identification. The output table provides information about the degree to which combinations of variables separate the records from each other and to which degree the variables make records distinct. Risk Analysis
  2. Attacker risks
    There are different types of attackers that are assessed. The output table is an estimation of three different attacker models:

    a) [prosecutor scenario] The risk that a specific person in the dataset can be re-identified when the attacker knows this person is in the dataset.

    b) [journalist scenario] The risk that there exists at least one person in the dataset who can be re-identified. The point is to prove that someone can be re-identified. In this case, the goal of the re-identification is frequently to embarrass or discredit the organization that performed the de-identification.

    c) [marketer scenario] The percentage of identities in the dataset that can be correctly re-identified.

    Mode Details
If two tables are provided then, additional columns are shown in the output tables.

Input Ports

Non-anonymized table
Anonymized table

Output Ports

Quasi-identifiers re-identification risks
Attacker models re-identification risks


This node has no views




You want to see the source code for this node? Click the following button and we’ll use our super-powers to find it for you.