Assignment task:
Now that you have seen how an inference attack can compromise data in a single company, we consider how inference attacks can compromise data by combining unrelated data sets. For this attack, four completely unrelated data sources should be considered. All four are internet-facing and, therefore, available to anyone with internet access. The first report is a sample report produced for a local hospital concerning types of procedures done within the last few years. The second report is a voter registration database with certain well-established fields (you could go to your local board of elections and get a report like this on all registered voters in your district, most likely). The third report is a partially de-identified report for an insurance company for a sample data set built by the same developers we have been dealing with for public use. "Partially de-identified" means that though some attempts were made to remove an obvious link to actual patients, there is still some data left on the report that might link back to a real person if looked at carefully. We also have provided a helpful list of medical codes to link to the hospital report. The problem here comes from the incomplete deidentification of the insurance company's claim report data. Because of this, it may be possible to combine these four sources to find a specific person's medical history to know that on a specific date, a specific person had a specific procedure done. Looking for Course Help?