中文摘要：

为了防止个人隐私的泄漏，在数据共享前需要对其在准标识符上的属性值作数据概化处理，以消除链接攻击，实现在共享中对敏感属性的匿名保护．概化处理增加了属性值的不确定性，不可避免地会造成一定的信息损失．传统的数据概化处理大都建立在预先定义的概念层次结构的基础上，会造成过度概化，带来许多不必要的信息损失．将准标识符中的属性分为有序属性和无序属性两种类型，分别给出了更为灵活的相应数据概化策略．同时，通过考察数据概化前后属性值不确定性程度的变化，量化地定义了数据概化带来的信息损失．在此基础上，将数据匿名问题转化为带特定约束的聚类问题．针对厶多样模型，提出了一种基于聚类的数据匿名方法L-clustering．该方法能够满足在数据共享中对敏感属性的匿名保护需求，同时能够很好地降低实现匿名保护时概化处理所带来的信息损失．

英文摘要：

To prevent the disclosure of privacy, it requires preserving the anonymity of sensitive attributes in data sharing. The attribute values on quasi-identifiers often have to be generalized before data sharing to avoid linking attack, and thus to achieve the anonymity in data sharing. Data generalization increases the uncertainty of attribute values, and results in the loss of information to some extent. Traditional data generalization is often based on the predefined hierarchy, which causes over-generalization and too much unnecessary information loss. In this paper, the attributes in a quasi-identifier are classified into two categories, ordered attributes and unordered attributes. More flexible strategies for data generalization are proposed for them, respectively. At the same time, the loss of information is defined quantitatively based on the change of uncertainty of attribute values during data generalization. Furthermore, data anonymization is modeled by a clustering problem with special constraints. A clustering-based approach, called L-clustering, is presented for the l-diversity model. L-clustering can meet the requirement of preserving anonymity of sensitive attributes in data sharing, and reduce greatly the amount of information loss resulting from data generalization for implementing data anonymization.