Anonymizing bipartite graph data using safe groupings

Graham Cormode, Divesh Srivastava, Ting Yu, Qing Zhang

Research output: Contribution to journalArticle

45 Citations (Scopus)


Private data often come in the form of associations between entities, such as customers and products bought from a pharmacy, which are naturally represented in the form of a large, sparse bipartite graph. As with tabular data, it is desirable to be able to publish anonymized versions of such data, to allow others to perform ad hoc analysis of aggregate graph properties. However, existing tabular anonymization techniques do not give useful or meaningful results when applied to graphs: small changes or masking of the edge structure can radically change aggregate graph properties. We introduce a new family of anonymizations for bipartite graph data, called (k, ℓ)-groupings. These groupings preserve the underlying graph structure perfectly, and instead anonymize the mapping from entities to nodes of the graph. We identify a class of "safe" (k, ℓ)-groupings that have provable guarantees to resist a variety of attacks, and show how to find such safe groupings. We perform experiments on real bipartite graph data to study the utility of the anonymized version, and the impact of publishing alternate groupings of the same graph data. Our experiments demonstrate that (k, ℓ)-groupings offer strong tradeoffs between privacy and utility.

Original languageEnglish
Pages (from-to)115-139
Number of pages25
JournalVLDB Journal
Issue number1
Publication statusPublished - 1 Feb 2010



  • Graph
  • Microdata
  • Privacy
  • Query answering

ASJC Scopus subject areas

  • Information Systems
  • Hardware and Architecture

Cite this