Federated Clouds: A New Metric for Measuring the Quality of Data Anonymization

Federated cloud has emerged as solution for cloud service providers to get scalability in serving the growing demand for cloud resources. In a federated cloud, a cloud member can provide service or request it from other cloud provider members in the federation. The federation enables its cloud provider members to be able to satisfy a service beyond the resources they owned by using the resources market in the federation. Data privacy is a major concern in federated clouds. As the privacy regulations and laws of the countries in the federation may vary, it is difficult to assess and confirm that they are in compliance. This makes protecting privacy even more challenging. Privacy management strategies primarily involve anonymization, cryptography, and data splitting. Anonymization is the traditional approach to preserving privacy, which aims at masking the link between the quasi-identifier and sensitive data. The most widely used anonymization techniques are k-anonymity, l-diversity and t-closeness. However, there is a lack of a formal metric to measure the quality of the anonymization process in terms of its ability to prevent re-identification. This paper examines the issue of assessing anonymization quality and introduces a new metric, Mmaq, for this purpose. It can be used to evaluate the anonymization of one or multiple attributes. The metric is a combination of the Shannon index, which measures diversity, and a stabilizer factor, which corrects the Shannon index for pathological cases. The initial results suggest that Mmaq can be used to classify attributes as identifier, quasi-identifier, and anonymous. Furthermore, it can be employed as a Cloud Privacy Policy anonymization compliance checker.