A robust privacy preserving approach for electronic health records using multiple dataset with multiple sensitive attributes

Tehsin Kanwal, Adeel Anjum, Saif U.R. Malik, Haider Sajjad, Abid Khan, Umar Manzoor, Alia Asheralieva*

*Corresponding author for this work

    Research output: Contribution to journalArticlepeer-review


    Privacy preserving data publishing of electronic health record (EHRs) for 1 to M datasets with multiple sensitive attributes (MSAs) is an interesting and challenging issue. There is always a trade-off between privacy and utility in data publishing. Most of the privacy-preserving models shows critical privacy disclosure issues and, hence, they are not robust in practical datasets. The k-anonymity model is a broadly used privacy model to analyze privacy disclosures, however, this model is only useful against identity disclosure. To address the limitations of k-anonymity, a group of privacy model extensions have been proposed in past years. It includes a p-sensitive k-anonymity model, a p+-sensitive k-anonymity model, and a balanced p+-sensitive k-anonymity model. However these privacy-preserving models are not sufficient to preserve the privacy of end-users in practical datasets. In this paper we have formalize the behavior of an adversary which perform identity and attribute disclosures on balanced p+-sensitive k-anonymity model with the help of adversarial scenarios. Since balanced p+-sensitive k-anonymity model is not sufficient for 1 to M with MSAs datasets privacy preservation. We propose an extended privacy model called “1: M MSA-(p, l)-diversity” for 1: M dataset with MSAs. We then perform formal modeling and verification of the proposed model using High-Level Petri Nets (HLPN) to confirm privacy attacks invalidation. Experimental results show that our proposed “1: M MSA-(p, l)-diversity model” is efficient and provide enhanced data utility of published data.

    Original languageEnglish
    Article number102224
    Number of pages21
    JournalComputers and Security
    Early online date18 Feb 2021
    Publication statusPublished - Jun 2021

    Bibliographical note

    Funding Information:
    This work was supported in part by the National Natural Science Foundation of China (NSFC) Project No. 61950410603 and in part by the Incheon National University Research Grant in 2018.

    Publisher Copyright:
    © 2021


    • Balanced p sensitive k anonymity model
    • Electronic Health Record
    • Formal Verification
    • Identity Disclosure
    • Multiple Sensitive Attributes (MSAs)
    • Privacy-Preserving
    • Sensitive Attribute Disclosure


    Dive into the research topics of 'A robust privacy preserving approach for electronic health records using multiple dataset with multiple sensitive attributes'. Together they form a unique fingerprint.

    Cite this