ABSTRACT
Anonymous location information may be correlated with restricted spaces such as home and office for subject re-identification. This makes it a great challenge to provide location privacy protection for users of location-based services. Existing work adopts traditional K-anonymity model and ensures that each location disclosed in service requests is a spatial region that has been visited by at least K users. This strategy requires a user to specify an appropriate value of K in order to achieve a desired level of privacy protection. This is problematic because privacy is about feeling, and it is awkward for one to scale her feeling using a number. In this paper, we propose a feeling-based privacy model. The model allows a user to express her privacy requirement by specifying a public region, which the user would feel comfortable if the region is reported as her location. The popularity of the public region, measured using entropy based on its visitors' footprints inside it, is then used as the user's desired level of privacy protection. With this model in place, we present a novel technique that allows a user's location information to be reported as accurate as possible while providing her sufficient location privacy protection. The new technique supports trajectory cloaking and can be used in application scenarios where a user needs to make frequent location updates along a trajectory that cannot be predicted. In addition to evaluating the effectiveness of the proposed technique under various conditions through simulation, we have also implemented an experimental system for location privacy-aware uses of location-based services.
- xda-developers. http://wiki.xda-developers.com.Google Scholar
- TIGER/LINE CENSUS FILES. http://www.land.state.az.us/alris/doc/apendh.txt, 1990.Google Scholar
- A. R. Beresford and F. Stajano. Location Privacy in Pervasive Computing. In IEEE Security and Privacy, volume 2, pages 46--55, 2003. Google ScholarDigital Library
- C. Bettini, X. S. Wang, and S. Jajodia. Protecting Privacy Against Location-Based Personal Indentification. In Proceedings of the 2nd VLDB Workshop on Secure Data Management, 2005. Google ScholarDigital Library
- T. Brinkhoff. A Framework for Generating Network-Based Moving Objects. In GeoInformatica, volume 6(2), 2002. Google ScholarDigital Library
- Y. Cai and T. Xu. Design, Analysis, and Implementation of a Large-scale Real-time Location-based Information Sharing System. In ACM MobiSys'08, pages 106--117, Breckenridge, Colorado, June 2008. Google ScholarDigital Library
- R. Cheng, Y. Zhang, E. Bertino, and S. Prabhakar. Preserving User Location Privacy in Mobile Data Management Infrastructures. In the 6th Workshop on Privacy Enhancing Technologies, pages 393--412, 2006. Google ScholarDigital Library
- C. Chow and M. F. Mokbel. Enabling Private Continuous Queries for Revealed User Locations. In SSTD'07, pages 258--275, 2007. Google ScholarDigital Library
- C. Y. Chow, M. F. Mokbel, and X. Liu. A Peer-to-Peer Spatial Cloaking Algorithm for Anonymous Location-based Services. In ACM GIS'06, pages 171--178, November 2006. Google ScholarDigital Library
- B. Hoh, M. Gruteser, R. Herring, J. Ban, D. Work, J. Herrera, A. Bayen, M. Annavaram, and Q. Jacobson. Virtual Trip Lines for Distributed Privacy-Preserving Traffic Monitoring. In ACM Mobisys'08, pages 15--28, June 2008. Google ScholarDigital Library
- C. Cornelius, A. Kapadia, D. Kotz, D. Peebles, and M. Shin. AnonySense: Privacy-Aware People-Centric Sensing. In ACM Mobisys'08, pages 211--224, June 2008. Google ScholarDigital Library
- P. Samarati. Protecting Respondents' Identities in Microdata Release. In IEEE TKDE, volume 13(6), pages 1010--1027, 2001. Google ScholarDigital Library
- B. Gedik and L. Liu. A Customizable k-Anonymity Model for Protecting Location Privacy. In ICDCS'05, pages 620--629, 2005.Google Scholar
- G. Ghinita, P. Kalnis, and S. Skiadopoulos. PRIVE: Anonymous Location-based Queries in Distributed Mobile Systems. In Proc. of the 16th international conference on World Wide Web, pages 371--380, Alberta, Canada, 2007. Google ScholarDigital Library
- M. Gruteser and D. Grunwald. Anonymous Usage of Location-based Services through Spatial and Temporal Cloaking. In ACM MobiSys', pages 31--42, 2003. Google ScholarDigital Library
- M. Gruteser and B. Hoh. On the Anonymity of Periodic Location Samples. In Security in Pervasive Computing, volume 3450/2005, pages 179--192, 2005. Google ScholarDigital Library
- J. Han, T. Cen, and H. Yu. An improved v-mdav algorithm for l-diversity. International Symposiums on Information Processing, pages 733--739, 2008. Google ScholarDigital Library
- Q. He, D. Wu, and P. Khosla. Personal Control over Mobile Location Privacy. In IEEE Communications Magazine, volume 42(5), 2004. Google ScholarDigital Library
- B. Hoh and M. Gruteser. Protecting Location Privacy Through Path Confusion. In IEEE/CreateNet Intl. Conference on Security and Privacy for Emerging Areas in Communication Networks, pages 194--205, 2005. Google ScholarDigital Library
- B. Hoh, M. Gruteser, H. Xiong, and A. Alrababy. Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking. In ACM CCS'07, pages 161--171, 2007. Google ScholarDigital Library
- K. Ren, W. Lou, K. Kim, and R. Deng. A Novel Privacy Preserving Authentication and Access Control Scheme in Pervasive Computing Environments. In IEEE Transactions on Vehicular Technology, volume 55(4), 2006.Google ScholarCross Ref
- P. Kalnis, G. Ghinita, K. Mouratidis, and D. Papadias. Preserving Anonymity in Location Based Services. In Technical Report TRB6/06, Department of Computer Science, National University of Singapore, 2006.Google Scholar
- A. Kapadia, N. Triandopoulos, C. Cornelius, D. Peebles, and D. Kotz. AnonySense: Opportunistic and Privacy-Preserving Context Collection. In The Sixth International Conference on Pervasive Computing (PERVASIVE'08), pages 280--297, May 2008. Google ScholarDigital Library
- A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. L-diversity: Privacy Beyond K-Anonymity. IEEE Transaction on Knowledge and Data Engineering, 1(1), 2007. Google ScholarDigital Library
- M. F. Mokbel, C.-Y. Chow, and W. G. Aref. The New Casper: Query Processing for Location Services without Compromising Privacy. In Proceedings of the 32nd International Conference on Very Large Data Bases (VLDB'06), pages 763--774, 2006. Google ScholarDigital Library
- A. Inan and Y. Saygin. Location Anonymity in Horizontally Partitioned Spatial-Temporal Data. In Master Thesis, Sabanci University, Turkey, 2006.Google Scholar
- K. Sha, Y. Xi, W. Shi, L. Schwiebert, and T. Zhang. Adaptive Privacy-Preserving Authentication in Vehicular Networks (Invited Paper). In Proceedings of IEEE International Workshop on Vehicle Communication and Applications, 2006.Google Scholar
- C. Shannon. The Mathematical Theory of Communication. In Bell System Technical Journal, volume 30, pages 50--64, 1948.Google Scholar
- T. Xu and Y. Cai. Location Anonymity in Continuous Location-based Services. In ACM GIS'07, pages 300--307, November 2007. Google ScholarDigital Library
- T. Xu and Y. Cai. Exploring Historical Location Data for Anonymity Preservation in Location-based Services. In IEEE Infocom'08, pages 547--555, Phoenix, AZ, 2008.Google ScholarCross Ref
- M. L. Yiu, C. S. Jensen, X. Huang, and H. Lu. SpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Service. In ICDE'08, pages 366--375, 2008. Google ScholarDigital Library
- G. Ghinita, P. Kalnis, A. Khoshgozaran, C. Shahabi, and K.-L. Tan. Private Queries in Location-Based Services: Anonymizers are Not Necessary. In ACM SIGMOD 2008. Google ScholarDigital Library
- A. Gkoulalas-Divanis, V. S. Verykios, and Bozanis P.A Network Aware Privacy Model for Online Requests in Trajectory Data. In Data&Knowledge Engineering, DKE, volume 68(4), page 431--452, April 2009. Google ScholarDigital Library
- B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan.Private information retrieval. In IEEE Symposium on Foundations of Computer Science, pages 41--50, 1995. Google ScholarDigital Library
- L. Sweeney. A Model for Protecting Privacy. In International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, volume 10(5), pages 557--570, 2002. Google ScholarDigital Library
- G. Ghinita, P. Kalnis, and S. Skiadopoulos. MobiHide: A Mobilea Peer-to-Peer System for Anonymous Location-Based Queries. In SSTD'07, pages 221--238, 2007. Google ScholarDigital Library
Index Terms
- Feeling-based location privacy protection for location-based services
Recommendations
From location to location pattern privacy in location-based services
Location privacy is extensively studied in the context of location-based services (LBSs). Typically, users are assigned a location privacy profile and the precise locations are cloaked so that the privacy profile is not compromised. Though being well-...
Preserving location privacy without exact locations in mobile services
Privacy preservation has recently received considerable attention in location-based services (LBSs). A large number of location cloaking algorithms have been proposed for protecting the location privacy of mobile users. However, most existing cloaking ...
A taxonomy of approaches to preserve location privacy in location-based services
The ubiquity of smartphones and other location-aware hand-held devices has resulted in a dramatic increase in popularity of location-based services (LBS) tailored to users' locations. The comfort of LBS comes with a privacy cost. Various distressing ...
Comments