From: De-identifying a public use microdata file from the Canadian national discharge abstract database
Relationship between maximum acceptable generalization (M) and adversary's background knowledge (Q) | Generalization level to use for suppression (S) | Generalization level to release data at |
---|---|---|
M ≥ Q(analysts could accept a generalization equal to or less detailed than the adversary's knowledge) | S = M (suppress at level M) | Only include data generalized to level S = M |
M <Q (analysts need a version that is more detailed than the adversary's knowledge) | S = Q | The PUMF can have data at level M in the generalization hierarchy, except when it generalizes to a suppressed value at level S = Q. |