Combining and analyzing data collected at multiple administrative locations is critical for a wide variety of applications, such as detecting malicious attacks or computing an accurate estimate of the popularity of Web sites. However, legitimate concerns about privacy often inhibit participation in collaborative data analysis. In this paper, we design, implement, and evaluate a practical solution for privacy-preserving data analysis and data publishing among a large number of participants. There is an increasing need for sharing data that contain personal information from distributed databases. For example, in the healthcare domain, a national agenda is to develop the Nationwide Health Information Network (NHIN) to share information among hospitals and other providers, and support appropriate use of health information beyond direct patient care with privacy protection. Privacy preserving data analysis and data publishing has received considerable attention in recent years as promising approaches for sharing data while preserving individual privacy. When the data are distributed among multiple data providers or data owners, two main settings are used for anonymization. One approach is for each provider to anonymize the data independently (anonymize-and-aggregate), which results in potential loss of integrated data utility.

m-Privacy, k-anonymity, l-diversity, Database Management, Heuristic algorithms, Distributed Data Publising, Pruning Strategies

[1]. C. Dwork, �Differential privacy: a survey of results,� in Proc. of the 5th Intl. Conf. on Theory and Applications of Models of Computation, 2008.
[2]. B. C. M. Fung, K. Wang, R. Chen, and P. S. Yu, �Privacy-preserving data publishing: A survey of recent developments,� ACM Comput. Surv., vol. 42, June 2010.
[3]. C. Dwork, �A firm foundation for private data analysis,� Commun. ACM,vol. 54, January 2011.
[4]. N. Mohammed, B. C. M. Fung, P. C. K. Hung, and C. Lee, �Centralized and distributed anonymization for high-dimensional healthcare data,� ACM Transactions on Knowledge Discovery from Data (TKDD), vol. 4,October 2010.
[5]. W. Jiang and C. Clifton, �Privacy-preserving distributed k-anonymity,� in Data and Applications Security XIX, ser. Lecture Notes in Computer Science, 2005.
[6]. W. Jiang and C. Clifton, �A secure distributed framework for achieving k-anonymity,� VLDB J., vol. 15, 2006.
[7]. O. Goldreich, Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press, 2004.
[8]. Y. Lindell and B. Pinkas, �Secure multiparty computation for privacypreserving data mining,� The Journal of Privacy and Confidentiality,vol. 1, 2009.
[9]. A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam, �l-diversity: Privacy beyond k-anonymity,� in ICDE, 2006.
[10]. P. Samarati, �Protecting respondents� identities in microdata release,� IEEE T. Knowl. Data En., vol. 13, 2001.
[11]. L. Sweeney, �k-anonymity: a model for protecting privacy,� Int. J.Uncertain. Fuzz., vol. 10, 2002.
[12]. N. Li and T. Li, �t-closeness: Privacy beyond k-anonymity and ldiversity,� in In Proc. of IEEE 23rd Intl. Conf. on Data Engineering (ICDE), 2007.
[13]. R. Burke, B. Mobasher, R. Zabicki, and R. Bhaumik, �Identifying attack models for secure recommendation,� in In Beyond Personalization: A Workshop on the Next Generation of Recommender Systems, 2005.
[14]. D. Kifer, �Attacks on privacy and definetti�s theorem,� in Proc. of the 35th SIGMOD Intl. Conf. on Management of Data, 2009.
[15]. D. Kifer and A. Machanavajjhala, �No free lunch in data privacy,� in Proc. of the 2011 Intl. Conf. on Management of Data.
[16]. K. Lefevre, D. J. Dewitt, and R. Ramakrishnan, �Mondrian multidimensional k-anonymity,� in ICDE, 2006.
[17]. G. Cormode, D. Srivastava, N. Li, and T. Li, �Minimizing minimality and maximizing utility: analyzing method-based attacks on anonymized data,� Proc. VLDB Endow., vol. 3, Sept. 2010.
[18]. Y. Tao, X. Xiao, J. Li, and D. Zhang, �On anti-corruption privacy preserving publication,� in Proc. of the 2008 IEEE 24th Intl. Conf. on Data Engineering, 2008.
[19]. L. Sweeney, �Datafly: A system for providing anonymity in medical data,� in Proc. of the IFIP TC11 WG11.3 Eleventh Intl. Conf. on Database Security XI: Status and Prospects, 1998.