User privacy protection for a mobile commerce alliance

https://doi.org/10.1016/j.elerap.2016.03.005Get rights and content

Highlights

  • A privacy-preserving service framework for the mobile commerce alliance providing location-based services.

  • Definitions of personalized privacy profile of the mobile user and the (K, L, P)-anonymity model.

  • A new privacy-preserving algorithm named EMAGAS, which features the construction of minimal initial K-anonymity sets, an exchanging process and a merging process.

  • Experimental validation of the feasibility and the performance advantages of EMAGAS based on a real road network and generated privacy profiles of mobile users.

Abstract

The risk of privacy disclosure in mobile commerce has received increasing attention worldwide. Although many papers related to information privacy and privacy-preserving technologies exist, few are based on a particular mobile commerce model to study the anonymity models and privacy-preserving algorithms. A privacy-preserving service framework for the mobile commerce alliance providing location-based services is established. According to the defined personalized privacy profile of the mobile user, a (K, L, P)-anonymity model is formally described. Based on the model, a new privacy-preserving algorithm for exchanging and merging processes for generating anonymity sets (EMAGAS) is proposed, which features the construction of minimal initial K-anonymity sets, an exchanging process and a merging process. The processes of exchanging and merging are formally described. EMAGAS can be used to protect the location, identifier and other sensitive information of the mobile user on a road network. The availability of EMAGAS is illustrated by an example. Finally, based on a real road network and generated privacy profiles of mobile users, the feasibility and advantages of EMAGAS are experimentally validated.

Introduction

Mobile commerce refers to the e-commerce activities conducted using mobile handheld devices such as cellular telephones and personal digital assistants (PDAs) through mobile Internet. Compared with conventional electronic commerce, m-commerce has some new features including mobility, instantaneity, personalization and convenience. Location-based services (LBS), a general class of information services accessible to mobile users, uses information about the geographical locations of mobile devices based on mobile communication technologies such as global positioning system (GPS), wireless local area networks (WLAN) and cellular networks. In recent years, with the pervasive application of new information and communication technologies, m-commerce has been developing rapidly. One of the most widely used location-based m-commerce applications is mobile advertising (Tähtinen and Salo, 2004). New types of m-commerce applications providing LBS have become popular. Meanwhile, various types of m-commerce alliances beneficial to share resources are emerging.

To use LBS, mobile users usually are required to send their query requests and accurate locations to the service providers. The service providers may collect, process, and store the users’ locations on an unprecedented scale, and location privacy-related issues have naturally attracted increasing attention (Terrovitis, 2011). According to a survey conducted by Microsoft in 2011, the main reason why people were unwilling to adopt LBS was the concern of personal privacy. Many events related to the disclosure of mobile users’ privacy information have been reported by public media. In practice, the untrustworthy service providers may collect mobile users’ privacy information from the service requests, then disclose or misuse the privacy information. In the research on privacy protection related to m-commerce providing LBS, three types of information must be protected: location, identifier and sensitive information (Wu et al., 2014). Location information can reveal sensitive information about the mobile users, such as health problems, commercial practices.

The effective protection of sensitive information should ensure that the adversary has low confidence to link sensitive information with a specific user, such as the user may be ill, some type of sensitive services may be needed by the user. Anonymous communication, data conversion, k-anonymity and cryptography-based techniques are the commonly used privacy preserving technologies in the research on protecting privacy information.

Although many papers related to information privacy and privacy-preserving technologies exist, few are based on a particular m-commerce model to study the anonymity models and privacy-preserving algorithms. This study attempts to answer three research questions: What is the applicable privacy-preserving service framework for a specific m-commerce alliance? How can the personalized privacy requirements of the mobile user in the context of m-commerce be formally defined? Based on the defined anonymity model, can a new privacy-preserving algorithm be established?

In Section 2, after reviewing the concepts and works related to information privacy and privacy concerns in m-commerce, the commonly used privacy preserving technologies in mobile environments are discussed. A privacy-preserving service framework for the m-commerce alliance providing LBS is established in Section 3. According to the defined personalized privacy profile of the mobile user, a (K, L, P)-anonymity model is described in Section 4. Based on the anonymity model, a new privacy-preserving algorithm for exchanging and merging processes for generating anonymity sets (EMAGAS) is proposed. The processes of exchanging users and merging users are discussed in detail and described formally. In Section 5, the availability of EMAGAS is illustrated by an example. In Section 6, based on a real road network and generated privacy profiles of its mobile users, the feasibility and advantages of EMAGAS are experimentally validated. Conclusions are presented last.

Section snippets

Personal information privacy

The concept of privacy is widely relevant in many fields. The word privacy has different meanings in different disciplines such as Psychology, Law, Sociology, Economics, Management and Informatics. Warren and Brandeis (1890) published the article “The Right to Privacy” in the 1890 Harvard Law Review, which defined the privacy of the individual as a right to be let alone. It is widely regarded as the first publication in the United States to advocate aright to privacy. As one of the basic human

The privacy-preserving service framework of MCA

With the rapid development of m-commerce, various types of m-commerce alliances have emerged in recent years. In contrast to the intentionally-developed business network (IDBN) (Salo et al., 2008), which focuses on B2B marketing, the mobile commerce alliance (MCA) that we explore provides B2B2C services. The m-commerce alliance aims to provide trusted, reliable and value-added IT infrastructure services, promote resource sharing, and facilitate win–win relationships among the players involved.

Basic definitions

Information sensitivity refers to the control of access to information that might result in loss of security if disclosed to or shared with others. Different mobile users may assign different levels of sensitivity to the same type of information based on different privacy dispositions. The information privacy requirements of mobile users vary depending on their information sensitivity and personal disposition.

Referring to the work of Pan et al. (2014), all query requests submitted to the

Applying EMAGAS: an illustration

To illustrate the ability of the proposed algorithm, EMAGAS, let us assume that Fig. 6 is a road network example. Using the method that we presented, the initial anonymity sets are generated. The personalized privacy profiles, and the query sensitivities of 18 users on the road network, and the initial anonymity sets generated are shown in Table 2.

According to Definition 3 described, it can be shown that AS1, AS3, AS6 and AS7 do not satisfy the (K, L, P)-anonymity model. So they are put into

Experimental dataset and parameter settings

To validate the effectiveness of the proposed EMAGAS algorithm, we use a real dataset from a California road network with 21,048 intersections and 21,693 road segments (Li et al., 2005). 32,400 simulated users are generated on the network, and their personalized privacy profiles are created also based on the specified rules. The mobile users can dynamically set the parameter values of their personalized privacy profiles. The settings of the query sensitivities and the parameters used to define

Discussion of the results

In this article, a privacy-preserving service framework for an m-commerce alliance (MCA) providing LBS was established, which enables the integration of the service resources of multiple information service providers and contributes to achieving a win–win for all participants in the alliance. The privacy information of the mobile users can be prevented from collection and misuse by the information service providers and vendors, and the users can receive comprehensive information services.

One of

Acknowledgments

This research was funded by the Natural Science Foundation of Hebei Province of China (No. F2015210106), and was partially supported by Grants from the National Natural Science Foundation of China (Nos. 61303017, 61379048).

References (60)

  • C. Bettini et al.

    Protecting privacy against location-based personal identification

  • C.Y. Chow et al.

    Enabling private continuous queries for revealed user locations

  • C.Y. Chow et al.

    Query-aware location anonymization for road networks

    Geoinformatica

    (2011)
  • M.J. Culnan et al.

    Consumer privacy concerns, procedural fairness, and impersonal trust: an empirical investigation

    Organiz. Sci.

    (1999)
  • W. Enck et al.

    TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

    ACM Trans. Comput. Syst.

    (2014)
  • D. Feng et al.

    Big data security and privacy protection

    Chin. J. Comput.

    (2014)
  • G. Ghinita et al.

    Private queries in location based services: anonymizers are not necessary

  • Greenleaf, G. 2014. Global data privacy laws: 89 countries, and accelerating. Privacy Laws & Business International...
  • M. Gruteser et al.

    Anonymous usage of location-based services through spatial and temporal cloaking

  • F. Hamad et al.

    Energy-aware security in m-commerce and the Internet of Things

    IETE Tech. Rev.

    (2009)
  • J.I. Hong et al.

    An architecture for privacy-sensitive ubiquitous computing

  • C. Huang et al.

    Uncertain neighbors’ collaborative filtering recommendation algorithm

    Chin. J. Comput.

    (2010)
  • Z. Huo et al.

    PrivateCheckIn: trajectory privacy-preserving for check-in services in MSNS

    Chin. J. Comput.

    (2013)
  • X. Jiang et al.

    Research in online privacy: concept, progress and trend

    Inf. Sci.

    (2010)
  • Khoshgozaran, A., Shahabi, C., 2007. Blind evaluation of nearest neighbor queries using space transformation to...
  • H. Kido et al.

    An anonymous communication technique using dummies for location-based services

  • J. Kim

    Impact of concerns for information privacy on behavioral intention of providing privacy information in the context of m-commerce

    J. Internet Electron. Commerce Res.

    (2015)
  • D.J. Lee et al.

    Managing consumer privacy concerns in personalization: a strategic analysis of privacy protection

    MIS Q.

    (2010)
  • F. Li et al.

    On trip planning queries inspatial databases

  • P.Y. Li et al.

    A cloaking algorithm based on spatial networks for location privacy

  • Cited by (18)

    • Peer privacy protection motivation and action on social networking sites: Privacy self-efficacy and information security as moderators

      2022, Electronic Commerce Research and Applications
      Citation Excerpt :

      Therefore, after users perceive negative consequences of peer privacy issues and view themselves as highly susceptible, due to high ISA, they will limit the range of their sharing patterns and will be more willing to use the privacy disclosure protections offered by the social platform (Menard et al., 2017). Anonymous communication, data conversion, anonymity, and cryptography-based techniques are the most commonly used privacy-preserving technologies in the research on protecting privacy information (Piao et al., 2016). Initially, in this study, the antecedents of protection motivation were explored by introducing the constructs that form online peer relationships (Huang et al., 2018b).

    • Systematic literature review on the state of the art and future research work in anonymous communications systems

      2018, Computers and Electrical Engineering
      Citation Excerpt :

      The anonymity of delay-sensitive services has been considered in [179]. Solutions for commercial transactions has been proposed in [184,187], for roaming in [185], and for long distance geocast services [188]. For content-based infrastructures we can mention solutions for content-sharing and content-centric networking in [190,199], Peer-assisted Content Delivery Networks (CDNs) in [103], and anonymous data transmission system for cluster organised Space Information Network in [192].

    • Ubiquitous clinic recommendation by predicting a patient's preferences

      2017, Electronic Commerce Research and Applications
      Citation Excerpt :

      However, whether the questions completely address a patient’s concern is arguable, and if the same questions apply to different patients is unclear (Kuo et al., 2009; Chen, 2015). Ubiquitous recommendation has been extensively investigated by recent studies on ambient intelligence (Hossain et al., 2014; Rawashdeh et al., 2014), LASs (Garbers et al., 2006; Tsai and Chen, 2014), and mobile commerce (Tveit, 2001; Zhong et al., 2014; Piao et al., 2016). However, few studies have investigated ubiquitous clinic recommendation; this is because a patient’s preferences for different clinics considerably influence the recommendation process, and such preferences cannot be precisely identified.

    • Antecedents of trust and continuance intention in mobile payment platforms: The moderating effect of gender

      2019, Electronic Commerce Research and Applications
      Citation Excerpt :

      During recent years, several researchers have explored the influential critical factors of trust in m-payment from different theoretical perspectives. One stream of research focuses on public impression for building commercial trust, such as reputation (Oliveira et al., 2014; Lu et al., 2017; Gibreel et al., 2018); another stream of research focuses on the technical features of third-party payment platforms (Zhou, 2013; Teo et al., 2015; Qasim and Abu-Shanab, 2016; Oliveira et al., 2016; Hillman and Neustaedter, 2017; Gao and Waechter, 2017); a few other studies focus on the institutional mechanisms implemented on the platforms (e.g., Oliveira et al., 2014; Piao et al., 2016; Fan et al., 2018). To our knowledge, most of the previous studies concentrate on one theoretical perspective.

    • iSpy? Tailored versus Invasive Ads and Consumers’ Perceptions of Personalized Advertising

      2018, Electronic Commerce Research and Applications
      Citation Excerpt :

      Perceived privacy control has been found to negatively impact privacy concerns (Culnan and Armstrong, 1999; Lukaszewski et al., 2008). In other words, when consumers sense they have less control over their private information, they will exhibit increased levels of apprehension (Piao et al., 2016; Tucker, 2014). This makes intuitive sense, given that if a consumer believes he or she does not have control over their personal information, this will trigger the individual’s privacy concerns over that information.

    View all citing articles on Scopus
    View full text