Identity providers are becoming popular for distributed authentication and distributed identity management. Users' privacy attributes are stored at an identity provider and they are released to a service provider upon user's consent. Since a broad range of privacy information of different sensitiveness can be exchanged in advanced web services, it is necessary to assist users by presenting potential risk on financial and personality damage, before releasing privacy attributes. In this paper, we present a model of privacy attribute ontology and risk evaluation method on this ontology. Then we formalize several matching problems which optimize similarity scores of matching solutions under several different types of risk constraints. We show sophisticated polynomial-time algorithms for solving these optimization problems.