Balancing the value release of data assets with privacy and security poses significant challenges in the era of data elementization. This paper constructs a privacy risk assessment model integrating Differential Privacy (DP) and Statistical Disclosure Control (SDC), aiming to provide a quantitative basis for setting privacy protection intensity and selecting strategies for data assets. The study first elucidates the core principles of DP and SDC and their risk quantification foundations, then proposes a privacy risk calculation framework. Using hospital electronic medical record data assets as an empirical subject, six core attributes and health risk scores are selected as variables. Four access control models simulate physician access behaviors, and their privacy protection efficacy is evaluated under DP and SDC frameworks. Results show that under the DP framework, Attribute-Based Access Control (ABAC) best satisfies differential privacy conditions. Under the SDC framework, Mandatory Access Control (MAC) exhibits the lowest privacy leakage risk, while Role-Based Access Control (RBAC) shows the highest. Furthermore, the contribution of key variables to risk depends on their characteristics and mechanisms. This study provides actionable references for data asset management institutions in designing privacy protection schemes.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Measuring Privacy Risks for Data Asset Management

  • Yi Li,
  • Tongxin Wang,
  • Ruilin Zhang

摘要

Balancing the value release of data assets with privacy and security poses significant challenges in the era of data elementization. This paper constructs a privacy risk assessment model integrating Differential Privacy (DP) and Statistical Disclosure Control (SDC), aiming to provide a quantitative basis for setting privacy protection intensity and selecting strategies for data assets. The study first elucidates the core principles of DP and SDC and their risk quantification foundations, then proposes a privacy risk calculation framework. Using hospital electronic medical record data assets as an empirical subject, six core attributes and health risk scores are selected as variables. Four access control models simulate physician access behaviors, and their privacy protection efficacy is evaluated under DP and SDC frameworks. Results show that under the DP framework, Attribute-Based Access Control (ABAC) best satisfies differential privacy conditions. Under the SDC framework, Mandatory Access Control (MAC) exhibits the lowest privacy leakage risk, while Role-Based Access Control (RBAC) shows the highest. Furthermore, the contribution of key variables to risk depends on their characteristics and mechanisms. This study provides actionable references for data asset management institutions in designing privacy protection schemes.