Cooperative privacy game: a novel strategy for preserving privacy in data publishing
 Valli Kumari^{1}View ORCID ID profile and
 Srinivasa Chakravarthy^{2}Email author
DOI: 10.1186/s136730160069y
© The Author(s) 2016
Received: 22 May 2015
Accepted: 16 June 2016
Published: 14 July 2016
Abstract
Achieving data privacy before publishing has been becoming an extreme concern of researchers, individuals and service providers. A novel methodology, Cooperative Privacy Game (CoPG), has been proposed to achieve data privacy in which Cooperative Game Theory is used to achieve the privacy and is named as Cooperative Privacy (CoP). The core idea of CoP is to play the best strategy for a player to preserve his privacy by himself which in turn contributes to preserving other players privacy. CoP considers each tuple as a player and tuples form coalitions as described in the procedure. The main objective of the CoP is to obtain individuals (player) privacy as a goal that is rationally interested in other individuals’ (players) privacy. CoP is formally defined in terms of Nash equilibria, i.e., all the players are in their best coalition, to achieve kanonymity. The cooperative values of the each tuple are measured using the characteristic function of the CoPG to identify the coalitions. As the underlying game is convex; the algorithm is efficient and yields high quality coalition formation with respect to intensity and disperse. The efficiency of anonymization process is calculated using information loss metric. The variations of the information loss with the parameters \(\alpha\) (weight factor of nearness) and \(\beta\) (multiplicity) are analyzed and the obtained results are discussed.
Keywords
Privacy preserving data publishing k  anonymity Cooperative game theory Shapley valueBackground
Privacy concerns are rapidly increasing and there is a growing need for better privacy mechanisms to protect the privacy of individuals for different domains like social networks, Microdata releases etc. There are different types of anonymization criterion like kanonymity [1], łdiversity [2] etc., (see [3] for some more mechanisms) proposed for temporally data base releases, however, still there are some issues in these methodologies to achieve privacy [3].
Motivation towards cooperative privacy
In the social network scenarios, the acceptance of an unknown friend request causes providing his personal information as well as his existing friend’s information. In other words, the friend who doesn’t aware about privacy and if he accepts the friend request, then it may paves a way towards privacy theft of his private information as well as his friend’s information. It is not just enough to preserve our personal privacy, the people circled around us should also take an action. Though many social network sites provide different levels of privacy control, in addition rational cooperation of the people is also necessary.

To keep the information society growing on over a period of time, preservation of privacy is necessary It is just like trying to solve the global issues (e.g. international terrorism, global warming etc.) to sustain the physical world. Now, information society gives importance to preservation of privacy as they understand its significance but are scared of using these services. The people are forced towards privacy preservation in information society, just like the importance given to GoGreen and No Plastic by the environmentalists in society.

As far as possible, privacy should be maintained by the rational cooperation of others, in absence of which the entire information system may be inconsistent It is similar to the traffic rules. If a person doesn’t follow the traffic rules, it causes a trouble to others and some times it may lead to deadlock. Even though the government has scaffold privacy of users as human rights, they still remain quite unrealistic. Just the setting of rules by the government is not enough to achieve privacy preservation, effort should be put by the technology people to enforce the users to maintain privacy world. At the same time there should be a rational cooperation among the users for societal usefulness.
Since the underlying game CoPG is convex [8], the algorithm which is used in formation of coalitions, is efficient and yields high quality with respect to intensity and disperse. Here, intensity is the average distance between the point to the center and disperse is the average distance between point to point. The Shapley value of the characteristic function of the coalitional game is considered in this paper coincides with other solution concepts named Nucleolus, Gately point, \(\tau\)value. This was proved by Swapnil et al. [9]. It supports the adoption of the characteristic function, defined in the later section, for this game. Anonymization efficiency is calculated by using information loss metric and the advantages of proposed algorithms are discussed.
Related work
The notion of kanonymity principle to protect privacy before publishing the data has been proposed by [1] Aggarwal [10], Bayardo et al. [11], LeFever et al. [12], Samarati et al. [13] employed and discussed suppression/generalization frameworks to achieve kanonymity. To support the kanonymity, new notions like ldiversity [2], tcloseness [14], (\(\alpha\), k)anonymity [15] were proposed which improve the privacy protection mechanism. Giving these protected data sets to other parties for data mining does not raise the privacy issues but none of the existing methods are able to completely exhaust the risk of privacy protection.
Garg et al. [8] attained pattern clustering, an important methodology in data mining, by using game theory and proposed the use of Shapley value to give a good start to Kmeans. For clustering, Gupta and Ranganathan [16, 17] used a microeconomic game theoretic approach, which simultaneously optimizes two objectives, viz. compaction and equipartitioning. Bulo and Pelillo [18] describes hypergraph clustering using evolutionary games. Chun and Hokari [19] proved the coincidence of Nucleolus and Shapley value for queueing problems.
Wang et al. [20] proposed efficient privacy preserving twofactor authentication schemes related to wireless sensor networks [21] presented a methodology using twofactor authentication to overcome the threat of desynchronization attack of preserving anonymity [22, 23] initiated evaluation metric for anonymous—two factor authentication in distribution systems. Recent study in crime data publishing [24] achieved kanonymity with constrained resources.
Generally, to estimate the tradeoff, Game theory is one of the good methodologies. In Privacy Preserving Data Mining (PPDM) game theory is used to estimate the tradeoff between utility measure and privacy level. Anderson [25] explains how the Game theory is applied and analyzed the privacy in legal issues. In Economical perspective, Bhome et al. [26], Kleinberg [27], Calzolari et al. [28], Preibusch [29] present many privacy issues. Calzolari [28] uses game theory techniques to explore the flow of customer’s private information between two interested firms. Dwork [30] proposed differential privacy using mechanism design methodology of game theory. In the context of recommender systems Machanavajjhala [31] defines an accuracy metric for differential privacy which analyzes the tradeoff between privacy and accuracy.
Kleinberg et al. [27] described three scenarios modelled as Coalitional Games (introduced in Osborne [32]) and the reward allocation exchange of private information is done according to the core and Shapley values. Chakravarthy et al. [33–35] described coalitional game theory mechanism to achieve kanonymization for a data set.
Preliminaries
This section outlines the information available in literature for kanonymity and concise information about coalitional game theory concepts viz. Convex game, Shapley value, Core [32] and the related are given.
kanonymity
Burnett et al. [36], presented the classification of attributes of a data table \(\mathcal {D}\). Explicit Identifiers (EID), Quasi Identifiers (QID), Sensitive Attributes (SA) and NonSensitive Attributes (NSA) are different classifiers of the attributes. EID is set of attributes which explicitly identify a person and his possible sensitive information, whereas the set of attributes which can potentially identify the sensitive information of a person by associating other external sources is QID. The set containing attributes like Disease, Salary etc., which holds sensitive information of a person is given by SA and remaining that do not fall into the above three are categorized as NSA.
Data records after anonymization and it is 3anonymized data table
Job  Sex  Age  Disease 

Professional  Person  [25–30]  Cancer 
Professional  Person  [25–30]  HIV 
Professional  Person  [25–30]  Asthma 
Artist  Female  [30–35]  HIV 
Artist  Female  [30–35]  Hepatitis 
Artist  Female  [30–35]  Flu 
Sample data records before anonymization
Job  Sex  Age  Disease 

Lawyer  Male  28  Cancer 
Engineer  Male  25  HIV 
Doctor  Female  30  Asthma 
Writer  Female  34  HIV 
Singer  Female  32  Hepatitis 
Dancer  Female  35  Flu 
Cooperative game
A Cooperative game \(\mathcal {G}\) with transferable utility (TU) [37] consists of two parameters N and \(\nu\). N is a set of n players i.e., N= {1,2,..., n} and \(\nu\) is a real valued function defined over power set of N, \(\mathcal {P}\)(N) i.e., \(\nu :\mathcal {P}(\mathbf N ) \rightarrow \mathbb {R}\), \(\nu (\phi )=0\) is called characteristic function or value function. For any subset S of N, \(\nu (S)\) is called as value or worth of the coalition S and this is explained with a simple example [38].
Example There are there players i.e. N = {1,2,3}. Player 1 is a seller, players 2 and 3 are buyers. Player 1 has a single unit to sell and its cost is $4. Each buyer is interested to buy the unit. Players 2 and 3 ’willingnesstopay’ are $9 and $11 respectively. Now the game is characterized as follows.
Convex cooperative game
The core

Individual rationality: \(\forall i \in \mathbf N , \,x_{i}\ge \nu (\{i\})\)

Collective rationality: \(\sum\limits_{i\in \mathbf N }{x_{i}}=\nu (\mathbf N )\)

Coalitional rationality: \(\forall S \subseteq \mathbf N , \,\sum\limits_{i\in \mathbf N }{x_{i}}\ge \nu (S)\)
Shapley value
The Shapley value of coalitional game is a solution concept. It explains the expected payoff allocation for the Cooperative Privacy Game \(\mathcal {G}\). It formalizes a fair distribution of the total payoff among the players of the coalition formation. The payoff allocation, based on this solution concept, is fair as it is including the information of each player’s contribution to the total value i.e., it assumes the relative importance of the each player in coalition formation [39].
Cooperative Privacy Game Model
This Game Model provides a mechanism to find out the privacy level, kanonymity [1], of the given data set by using the cooperation between the tuples. The underlying cooperation between every pair of tuples is estimated and termed as CoV. CoV takes advantage of Shapley value of each tuple. The data is segregated into groups based on the CoV.
Assume a data set \(\mathcal {D}\) having an attribute set \(\mathcal {A}\), and among them \(\mathcal {A}_{QID}\) is collection of QID’s of \(\mathcal {D}\), i.e. \(\mathcal {A}_{QID} = \{A_{QID_{1}}, A_{QID_{2}},\ldots A_{QID_{q}}\}\). Let \(\mathcal {D}_{QID} \subseteq \mathcal {D}\) be the set of possible tuples of \(\mathcal {D}\) under \(\mathcal {A}_{QID}\). Consider \(\mathcal {D}_{QID} = \{t_{1}, t_{2},...t_{n}\}\) is the projection of \(\mathcal {D}\) under \(\mathcal {A}_{QID}\) of n input instances. A real valued function d, called distance function (for instance Euclidean Distance), defined as \(d:\mathcal {D}_{QID} X \mathcal {D}_{QID}\rightarrow \{0\}\cup \mathfrak {R}^{+}\), where \(d(t_{i},t_{j}) \forall t_{i},t_{j} \in \mathcal {D}_{QID}\) gives the distance between \(t_{i}\) and \(t_{j}\), and also it is clear that \(d(t_{i},t_{i})=0\).

Each tuple is a player and \(\mathbf N =\mathcal {D}_{QID}\), so \(\mathbf N = n\).

Every player interacts with other players and tries to maximize their CoV as it depends on the ‘average increase in their worth’ across all valid subsets.

The characteristic function \(\nu\) is defined as follows for all coalitions \(S\subseteq \mathbf N\)
Convexity of CoPG
In the process of proving that CoPG is convex, here are some propositions stated and proved.
Proposition 1
Every convex Cooperative game has nonempty core [6] and also Shapley value belonging to core. From the Proposition 1, our CoPG with characteristic function stated in the Eq. 5 is a convex game and hence it has a solution.
Complexity of calculating cooperative value
This section presents the calculation process of CoV. The CoV for each tuple in the data table is computed using Eq. 3, but the computation is hard because it includes n! as a factor. The following proposition overcomes the computational infeasibility and provides a relation for CoV to compute in polynomial time.
Proposition 2
Computational complexity of cooperative value (CoV), i.e. Eq. 3, is quadratic.
If we adopt the above argument, the CoV of a tuple \(t_{i}\) can be found with O(n) complexity. So, in quadratic time we can estimate the CoV of all tuples of given data table. In experimentations it is observed that evolution of CoVs takes about linear time as the actual participation of \(t_{i}\) is very less than the possible permutations n!.
Proposition 3
In convex CoPG setting for given \(\epsilon > 0\) and \(d(t_{i},t_{j})\le \epsilon \rightarrow 0, \forall t_{i},t_{j} \in \mathbf N\) then Cooperative values of \(t_{i}\) and \(t_{j}\) are almost same.
Insightfully, the above proposition states that the cooperative values of tuples which are more similar i.e., the distance between them is almost zero, are nearly equal. It results that the tuples having almost equal CoV will be in same coalition.
Achieving cooperative privacy
This section describes the mechanism adopted by the data protector who is taking action about privacy of sensitive information in his data releases. Figure 1, shows the possible steps involved in the process of anonymization for a given data set \(\mathcal {D}\) to achieve cooperative privacy.
 1.
Calculate Cooperation value between each pair The similarity between every pair of tuples (players) is estimated as Cooperation value of the pair in the given data set \(\mathcal {D_{QID}}\) using Eq. 4.
 2.
 3.
Process of seclusion The tuples are secluded into groups based on CoV, which undergo anonymization process.
 4.
Anonymization Each secluded group of given data table is anonymized and the kanonymized data along with information loss and k value of the data table \(\mathcal {D}\) is published.
Calculating values of cooperation
Evaluation of CoV
Process of seclusion
This process describes how to seclude the tuples of the data set \(\mathcal {D_{QID}}\) into groups based on their CoVs, the inner sense is that, the density of tuples around a tuple will form a group. The basic idea is to start with a tuple whose CoV is maximum at the initial core point and collect all the tuples having ’very near’ CoVs as core point and put them into one group is named as coalition group. The parameter \(\alpha\) is called cooperative parameter which governs this ’very near’ in the process.
The CoVs of tuples gradually decreases when they are far away from the center of the coalition and hence \(\alpha\) decreases accordingly. So, in order to degrade \(\alpha\) in terms of CoVs, a nonlinear decreasing function has been considered. For this, \(\alpha = \beta *h(l_{max})\) is taken into account where h is defined over the set of all CoVs and \(\beta \in [0,1]\) is a weight factor. In practice, \(\alpha = \beta * \sqrt{\frac{l_{max}}{g_{max}+1}}\) is considered. Here, \(g_{max}\) is global maximum of CoV used for normalization of the CoVs and \(l_{max}\) is local maximum of coalition group. However, any degradation function \(\alpha\) can be chosen over these CoVs based on the domain values of the given data set and by the same token \(\beta\) also.
Anonymization
This phase assumes the set of cooperative groups (CoG) as an input which is obtained from the third phase and it returns the anonymized data for the purpose of publishing by using anonymization algorithms [3]. Hierarchy free generalization of numerical attributes [12] are used to attain kanonymization and information loss of the anonymized data is also measured.
Algorithm, described in the Table 6 explores the process of anonymization of the coordination groups. It also explains the computation of the IL as well as finding k value for kanonymization. It assumes the output of Algorithm 5 as input and returns IL of anonymized data, k value of kanonymization and published data \(\mathcal {D'}\).
Experimentation and empirical analysis
Number of coalitions vs \(\beta\) and \(\gamma\)
The variations of number of coalitions over different \(\gamma\) values are given in Fig. 3. As multiplicity factor (\(\gamma\)) is increased, the number of coalitions increases, because, when multiplicity factor is relaxed then more number of tuples are included in the coalition which leads less number of coalitions i.e., if \(\gamma\) value is increased then there is a possibility for tight segregation which causes more number of coalitions. The number of coalitions is constant until some fixed value \(\gamma\) which relatively depends upon the weight factor \(\beta\). Another observation is that there is a sudden climb after certain value (sum of \(\beta\) and \(\gamma\) is around 1.75 for our sample data set) and the growth rate of number of coalitions decreases according to decrease in the weight factor \(\beta\) (See Fig. 3).
Number of outliers vs \(\beta\) and \(\gamma\)
The coalitions having single record are marked as outliers in Algorithm (see Table 5), and the number of outliers for different values of \(\beta\) and \(\gamma\) are established. Figure 5 depicts the variations of number of outliers with \(\gamma\). It shows that there is no possibility of outliers for lesser values of \(\gamma\). The relaxation of \(\gamma\), includes the tuples which are defined as outliers in the case of more values of \(\gamma\).
Information loss vs \(\beta\) and \(\gamma\)
This section presents how the IL varies over the parameters weight factor \(\beta\) and multiplicity factor \(\gamma\). Figure 7 describes the changes in the IL with different \(\gamma\) values. The IL is calculated using Eq. 7. As \(\gamma\) increases it doesn’t allow to include more number of records into the groups. So, IL calculated by using Eq. 7 implies that the coalitions having more similar data records, have less information loss. Insightfully, when we relax the \(\gamma\) then the far away tuple are also included into the groups.
In the present work for the anonymization process over these groups hierarchy free construction is used. In this methodology the values of an attribute are generalised in a group by min, max. While implementing this process if a far way tuple is included in the group then unnecessarily more generalization is required which in turn increases the IL. This implies that the IL increases with the increase in \(\gamma\).
Information loss vs size of data set
Representation of information loss, \(\beta\) and \(\gamma\)
Figure 11 shows that the change in IL over the variation in \(\beta\) and \(\gamma\). The graph shows that the IL is minimum when \(\beta\) and \(\gamma\) are equal to 1. IL value increases as \(\beta\) or \(\gamma\) increases, but simultaneously the number of outliers decrease as shown in Figs. 5 and 6.
Conclusions and future work
Different mechanisms are required to protect the privacy in information society, where people are forced to give private information. Rational cooperation between the people who are involved in the information society is required inspite of several rules imposed by the governments. This motivation led towards this novel strategy of Cooperative Privacy for Privacy Preserving Data Publishing using Cooperative Game theory.
To achieve privacy in Data releases a Cooperative Privacy Game (CoPG) is set up, in which each tuple in the data table behaves as a player, trying to preserve their privacy and in turn helps in preserving other’s privacy. This is formalized with characteristic function \(\nu\). All the tuples(players) segregate themselves to form groups called coalitions based on Cooperative value (CoV). The CoV of each tuple is calculated based on the solution concept Shapley value. The CoV fairly distributes the worth through out the group of the tuples and the separation is also unbiased. The separation process and hierarchy free anonymization process are described. Algorithms which required for the processes are presented. Experimentation results and insightful observations are reported.

Expanding this approach to incorporate the security functionalities which are obtained from the players involved in the game.

Expanding the theory to design a game model with mixed strategies rather than pure strategies for Cooperative privacy because the user in the game may act differently with other players.

In experimentation process outliers were obtained. To decrease the possible outliers appropriate mechanisms are to be incorporated to the model.

Extensive study of theory is necessary for the choice of \(\beta\) and \(\gamma\).
Declarations
Authors' contributions
SC investigated the stateofart, designed and developed the model and took suggestions as and when necessary from VK. Both authors read and approved the final manuscript.
Acknowledgements
Authors would like to acknowledge Future Technology Research Association International (FTRA) who sponsored this article for publication.
Competing interests
The authors declare that they have no competing interests.
Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.
Authors’ Affiliations
References
 Sweeney J (2002) kanonymity: a model for protecting privacy. Int J Uncertain Fuzz Knowl Syst 10(5):571–588MathSciNetView ArticleMATHGoogle Scholar
 Gehrke AM, Kifer D, Venkatasubramaniam, M (2006) ldiversity: privacy beyond kanonymity. In: Proceedings of the 22nd IEEE International Conference on Data Engineering: 38 April 2006, IEEE, Atlanta, p 24Google Scholar
 Wang BF, Chen K, Philip R (2010) Privacypreserving data publishing: a survey on recent developments. ACM Computing Surveys, New YorkGoogle Scholar
 DomingoFerrer J (2010) Coprivacy: towards a theory of sustainable privacy. In: Proceedings in International Conference PSD: 2224 Spetember 2010, Corfu, pp 258–268Google Scholar
 DomingoFerrer, J (2011) Coprivacy: an introduction to the theory and applications of cooperative privacy. SORT. 2011, Special issue: Privacy in statistical databasesGoogle Scholar
 Roughgarden NN, Tardos T, Vazirani E (2007) Algorithmic game theory. Cambridge University Press, CambridgeMATHGoogle Scholar
 Shapley LS (1971) Cores of convex games. Int J Game Theory 1(1):11–26MathSciNetView ArticleMATHGoogle Scholar
 Garg VK, Narahari Y, Murty MN (2013) Novel biobjective clustering (bigc) based on cooperative game theory. IEEE Trans Knowl Data Eng 25(5):1070–1082View ArticleGoogle Scholar
 Swapnil D, Satyanath B, Anoop KR, Varun R (2011) Pattern custering cooperative game theroy. In: Proceedings in Centenary Conference, Indian Institute of Science, Bangalore, pp 1–6Google Scholar
 Aggarwal CC (2005) On kanonymity and the curse of dimensionality. In: Proceedings of the 31st International Conference on Very Large Data Bases: 30th Aug to 2nd Sept’ 2005, VLDB Endowment, Norway, pp 901–909Google Scholar
 Bayardo RJ, Agrawal R (2005) Data privacy through optimal kanonymization. In: Proceedings of the 21st International Conference on Data Engineering: 58 April 2005, IEEE, California, pp 217–228Google Scholar
 Lefevre K, Dewitt DJ, Ramakrishnan R (2006) Mondrian multidimensional kanonymity. In: In 22nd International Conference on Data Engineering, ICDE, p 25Google Scholar
 Samarati P, Sweeney L (1998) Generalizing data to provide anonymity when disclosing information (abstract). ACM PODS 98: 188Google Scholar
 Li N, Li T (2007) tcloseness: privacy beyond kanonymity and ldiversity. In: In Proceeding of IEEE 23rd Intl Confeference on Data Engineering (ICDE07)Google Scholar
 Wong RCW, Li J, Fu AWC, Wang K (2006) ( $$\alpha$$ α , k)anonymity: an enhanced kanonymity model for privacy preserving data publishing. In: Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM, pp 754–759Google Scholar
 Ranganathan N (2008) A microeconomic approach to multi obeciective spatial clustering. In: Proceedings of the 19th International Conference on Pattern Recognition: 8–11 Dec’2008, IEEEGoogle Scholar
 Gupta U, Ranganathan N (2010) A game theoretic approach for simultaneous compaction and equipartitioning of spatial data sets. IEEE Trans Knowl Data Eng 22(4):465–478View ArticleGoogle Scholar
 Bulò SR, Pelillo M (2009) A gametheoretic approach to hypergraph clustering. Adv Neural Inform Process Syst 35:1571–1579Google Scholar
 Chun Y, Hokari T (2007) On the coincidence of the shapley value and the nucleolus in queueing problems. Seoul J Econ 20:223–238Google Scholar
 Wang D, Wang P, Wang N, Qing S (2015) Preserving privacy for free: efficient and provably secure twofactor authentication scheme with user anonymity. Inform Sci 321:162–178View ArticleGoogle Scholar
 Wang D, Wang P (2014) On the anonymity of twofactor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput Netw 20:1–15View ArticleGoogle Scholar
 Wang D, Debiao H et al (2014) An enhanced privacy preserving remote user authentication scheme with provable security. IEEE Trans Depend Secur Comput 12(4):428–442View ArticleGoogle Scholar
 Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795View ArticleGoogle Scholar
 Burke MJ, Kayem AVDM (2014) Kanonymity for privacy preserving crime data publishing in resource constrained environments. In: Proceedings of the 2014 28th International Conference on Advanced Information Networking and Applications Workshops, WAINA ’14IEEE Computer Society, Washington, DC, pp 833–840Google Scholar
 Anderson HE (2006) The privacy gambit: towards a game theoretic approach to international data protection. Vanderbilt J Entertain Technol Law 9(1):44Google Scholar
 Böhme R, Koble S (2007) On the viability of privacyenhancing technologies in a selfregulated businesstoconsumer market: will privacy remain a luxury good? In: Workshop on economics of information security, pp 21–27Google Scholar
 Kleinberg J, Papadimitriou CH, Raghavan P (2001) On the value of private information. In: Proceedings of the 8th Conference on Theoretical Aspects of Rationality and Knowledge, TARK ’01Morgan Kaufmann Publishers Inc., San Francisco, pp 249–257Google Scholar
 calzolari G, Pavan A (2001) Optimal design of privacy policies: technical report. Gremaq, University of Toulouse, FranceGoogle Scholar
 Preibusch S (2006) Implementing privacy negotiations in ecommerce. In: Frontiers of WWW Research and Development APWeb. LNCS’06, pp 604–615Google Scholar
 Dwork C (2006) Differential privacy. In: In ICALP, pp 1–12Google Scholar
 Machanavajjhala A, Korolova A, Sarma AD (2011) Personalized social recommendations: accurate or private. Proc VLDB Endow 4(7):440–450View ArticleGoogle Scholar
 Osborne MJ (2003) An introduction to game theory. Oxford University Press, OxfordGoogle Scholar
 Srinivasa L, Chakravarthy V, Kumari V (2011) Preserving data privacy using coalitional game theory. In: ECML PKDD, Workshop on KDHCM, pp 53–65Google Scholar
 Srinivasa L, Chakravarthy V, Kumari V, Sarojini C (2012) A coalitional game theoretic mechanism for privacy preserving publishing based on kanonymity. Procedia Technol 6:889–896View ArticleGoogle Scholar
 Srinivasa L, Chakravarthy V, Kumari V (2014) Privacy preserving data publishing: a coalitional game theory perspective. Int J Comput Intell Stud 3(2):196–220Google Scholar
 Burnett L, BarlowStewart K, Pros A, Aizenberg H (2008) The gene trustee: a universal identification system that ensures privacy and confidentiality for human genetic databases. J Law Med 10:506–513Google Scholar
 Myerson BR (1997) Game theory: analysis of conflict. Harvard University Press, CambridgeMATHGoogle Scholar
 Brandenburger AM, Stuart HW (1996) Valuebased business strategy. J Econ Manag Strategy 5:5–24View ArticleGoogle Scholar
 Straffin PD (1993) Game theory and strategy. The Mathemactical Association of America, USAMATHGoogle Scholar
 UCI Repository of Machine Learning Databases. www.ics.uci.edu/ mlearn/MLRepository.html
 Byun JW, Kamra EB A, Li N (2007) Efficient kanonymization using clustering techniques. In: DASFAA, Springer, Berlin, p 188Google Scholar