π€ AI Summary
Existing approaches struggle to effectively formalize and verify microdata privacy models such as k-anonymity and l-diversity. This work proposes A-COMPASS, a novel language that extends the COMPASS framework for the first time to standard βone-record-per-individualβ microdata tables, enabling formal specification of both anonymity conditions and executable anonymization operations. We develop a formal syntax and a deterministic, composable semantic framework, rigorously prove key theoretical properties, and implement an automated verification mechanism capable of checking mainstream anonymity properties. This provides a reliable formal foundation for privacy-preserving data publishing.
π Abstract
In the information age, one of the leading problems is how to ensure individual's privacy. Depending on the context in which privacy is considered, various data privacy models have emerged. However, the domain of formal verification of these models is still not sufficiently explored even when it comes to the most basic models. An attempt to verify privacy requirements is the Compliance Assertion Language (COMPASS). In COMPASS, one can specify an anonymity condition that a table needs to satisfy, and an action that will modify the table if the condition is not satisfied. It is designed to operate on preprocessed tables in a form one record - one group of people. In this paper, we modify the COMPASS language in order to operate on microdata tables in their usual form of one record - one person. The modified language is called A-COMPASS. Along with checking of previously applied anonymity conditions, A-COMPASS enables the execution of anonymization actions as a new feature. We further provide the syntax and the semantics for the A-COMPASS language. We also prove the most important properties of the introduced semantics like determinism and compositionality. Finally, we provide a mechanism to verify anonymity properties, such as k-anonymity and l-diversity.