News Column

Patent Application Titled "Information Processing Technique for Data Hiding" Published Online

July 15, 2014



By a News Reporter-Staff News Editor at Information Technology Newsweekly -- According to news reporting originating from Washington, D.C., by VerticalNews journalists, a patent application by the inventors Umeda, Naoki (Akashi, JP); Tomiyama, Yoshihide (Kobe, JP); Kanasako, Naoya (Kobe, JP); Okada, Hayato (Ikeda, JP), filed on October 29, 2013, was made available online on July 3, 2014.

The assignee for this patent application is Fujitsu Limited.

Reporters obtained the following quote from the background information supplied by the inventors: "For example, a technique exists in which collected personal information is processed to anonymous information in order not to identify individuals.

"Typically, even if the personal information is processed to the anonymous information, the anonymous information is pertinent to personal information when it is possible to identify individuals by collating with other information (this property is called 'easy collation' property). However, there is no objective reference concerning whether or not the 'easy collation' property exists, and it is difficult to determine whether or not the anonymous information is safely utilized. This 'easy collation' property has following viewpoints.

"(1) Whether or not an environment is provided where collation with other information is easily possible. (2) Whether or not a person can be identified as a result of collating with other information.

"It is not possible to determine (1) by using only software, because the easy collation property is denied by taking into consideration countermeasures including data management (reference authority, reference range and countermeasure against the leak of information). On the other hand, (2) is also called 'individual-identification possibility (i.e. the possibility that individuals are identified)', and it is possible to generate such safer anonymous information by deleting records having a risk against the identification. Accordingly, even when easily collating with other information and even when information to identify individuals is leaked from other sources, it is impossible to identify the individuals and it is possible to use the anonymous information safely.

"For example, a technique exists in which the personal information is processed to the anonymous information by identifying and excluding information linked with identification of the individual by collating with the personal information.

"Moreover, a technique exists in which data is processed after verifying the possibility that individuals are identified from duplication of records in the anonymous information itself. This uses a theorem that it is impossible to identify the individual from the anonymous information, because N or more results of collation with the personal information are obtained, when N or more duplicate records exist in the anonymous information.

"Specifically, a processing as illustrated in FIG. 1 is performed. The anonymous information as illustrated in the left of FIG. 1 includes 3 records, and when there are two same records or more, the same records can be added to the verified anonymous information as records of 'verification OK', because it is confirmed that there is no possibility that individuals are identified in this case. Therefore, because top two records are the same, the top two records are added to the verified anonymous information. On the other hand, because there is only one record for ABCD, 'verification NG' is determined, because there is the possibility that individuals are identified. Then, for example, attribute values B and C included in ABCD are converted to X, and a record for AXXD is added to the verified anonymous information. On the other hand, a record itself for ABCD is discarded. This processing method is effective, when records that have already been stored in one database are processed.

"However, there is a problem when making data appropriately collected from various transaction systems anonymous and outputting the anonymous data to another system that uses the anonymous data. Specifically, as illustrated in the left side of FIG. 1, 3 records are firstly collected, and when the aforementioned processing is performed for the 3 records, data as illustrated in the right side of FIG. 1 is outputted to another system. After that, when 3 records as illustrated in the left side of FIG. 2 are newly collected and the aforementioned processing is performed for the 3 new records, the top 2 records are the same and it is confirmed that there is no possibility that individuals are identified, the top 2 records are added to the verified anonymous information as records of the 'verification OK'. However, because there is one record for ABCD, there is possibility that individuals are identified, and 'verification NG' is determined. Then, attribute values B and C are converted to X, and a record for AXXD are added to the verified anonymous information. Then, a record itself for ABCD is discarded. Thus, the record for ABCD appears twice, however, the record for AXXD is registered twice in the verified anonymous information, because the collection timing is different. Accordingly, information for ABCD is lost, and such loss causes any trouble for the statistical processing in other systems.

"In addition, there is a technique that identifies individuals from temporal difference of the anonymous information by using portion of the anonymous information, for which the individuals are identified, when such portion is leaked, and a problem may occur when the verified anonymous information is outputted as it is.

"Therefore, a technique for making data anonymous while suppressing the possibility that individuals are identified is desired."

In addition to obtaining background information on this patent application, VerticalNews editors also obtained the inventors' summary information for this patent application: "An information processing method relating to this invention includes: (A) receiving one or plural processing instructions, each of which includes a result of an anonymizing processing, which is performed based on whether or not a plurality of data blocks that have a predetermined relationship exist, and a processing content to cause the result to be reflected, wherein each of the one or plural processing instructions is to be performed for a data block, for which the anonymizing processing has been performed; (B) determining whether or not processing instructions, which include the one or plural received processing instructions, before outputting satisfy a predetermined condition; (C) upon determining that the processing instructions before outputting satisfy the predetermined condition, outputting the processing instructions before outputting; and (D) upon determining that the processing instructions before outputting do not satisfy the predetermined condition, keeping the processing instructions before outputting.

"The object and advantages of the embodiment will be realized and attained by means of the elements and combinations particularly pointed out in the claims.

"It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are not restrictive of the embodiment, as claimed.

BRIEF DESCRIPTION OF DRAWINGS

"FIG. 1 is a diagram to explain a conventional technique;

"FIG. 2 is a diagram to explain the conventional technique;

"FIG. 3 is a diagram to explain a basic anonymizing processing relating to a first embodiment;

"FIG. 4 is a diagram to explain a basic anonymizing processing relating to the first embodiment;

"FIG. 5 is a diagram to explain a basic anonymizing processing relating to the first embodiment;

"FIG. 6 is a diagram to explain a basic anonymizing processing relating to the first embodiment;

"FIG. 7 is a diagram to explain the possibility that the individuals are identified by data updating using temporal difference;

"FIG. 8 is a diagram to explain the possibility that the individuals are identified by the data updating using the temporal difference;

"FIG. 9A is a diagram to explain the possibility that the individuals are identified by the data updating using the temporal difference;

"FIG. 9B is a diagram to explain the possibility that the individuals are identified by the data updating using the temporal difference;

"FIG. 9C is a diagram to explain the possibility that the individuals are identified by the data updating using the temporal difference;

"FIG. 10 is a diagram depicting a system configuration example relating to the embodiments;

"FIG. 11 is a functional block diagram of an information processing apparatus;

"FIG. 12 is a diagram depicting a configuration example of a processing instruction controller and data storage unit, which relate to the first embodiment;

"FIG. 13 is a diagram depicting a main processing flow relating to the embodiments;

"FIG. 14 is a diagram depicting an example of collected data;

"FIG. 15 is a diagram depicting an example of data stored in a definition data storage unit;

"FIG. 16 is a diagram depicting an example of a result of data conversion;

"FIG. 17 is a diagram depicting an example of a processing instruction that is to be outputted to the processing instruction controller;

"FIG. 18 is a diagram depicting an example of a record kept by the anonymizing processing unit;

"FIG. 19 is a diagram to explain a processing of the anonymizing processing unit;

"FIG. 20 is a diagram depicting an example of data that is to be outputted to the processing instruction controller from the anonymizing processing unit;

"FIG. 21 is a diagram depicting a processing flow of an instruction control processing relating to the first embodiment;

"FIG. 22 is a diagram depicting an example of data stored in a record management table;

"FIG. 23 is a diagram depicting an example of data stored in a target system;

"FIG. 24 is a diagram depicting an example of data that is next outputted to the processing instruction controller from the anonymizing processing unit;

"FIG. 25 is a diagram depicting an example of data that is next stored in the record management table;

"FIG. 26 is a diagram depicting an example of data that is further next outputted to the processing instruction controller from the anonymizing processing unit;

"FIG. 27 is a diagram depicting a next state of the data stored in the record management table;

"FIG. 28 is a diagram depicting an example of data kept by the target system;

"FIG. 29 is a diagram depicting a configuration example of the processing instruction controller and data storage unit, which relate to a second embodiment;

"FIG. 30 is a diagram depicting a processing flow of an instruction control processing relating to the second embodiment;

"FIG. 31 is a diagram depicting a configuration example of the processing instruction controller and data storage unit, which relate to a third embodiment;

"FIG. 32 is a diagram depicting a processing flow of the instruction control processing relating to the third embodiment; and

"FIG. 33 is a functional block diagram of a computer."

For more information, see this patent application: Umeda, Naoki; Tomiyama, Yoshihide; Kanasako, Naoya; Okada, Hayato. Information Processing Technique for Data Hiding. Filed October 29, 2013 and posted July 3, 2014. Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.html&r=50&p=1&f=G&l=50&d=PG01&S1=20140626.PD.&OS=PD/20140626&RS=PD/20140626

Keywords for this news article include: Fujitsu Limited, Information Technology, Information and Data Storage.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories covering the world of technology, please see HispanicBusiness' Tech Channel



Source: Information Technology Newsweekly


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters