ABSTRACT
A major concern for large-scale deployment of location-based services (LBSs) is the potential abuse of their client location data, which may imply sensitive personal information. Location privacy protection is challenging because a location itself may reveal a subject's identity. To support location anonymity, existing research reduces location resolution by ensuring each location reported to a service provider is a cloaking area that contains at least K mobile nodes. This strategy is effective when each location update can be considered as an independent event. In this paper, we investigate location anonymity in the context of continuous LBSs, which require frequent location updates from service users. Knowing that a user is inside a cloaking area constrains its position in the next cloaking area. Thus, simply ensuring each cloaking area contains at least K users does not give a user K-anonymity protection. We propose to measure the anonymity degree of a cloaking area using entropy, which takes into account not only the number of the entities inside, but also their anonymity probability distribution. To find a cloaking area that can provide a given level of anonymity protection and is also as small as possible, we present a novel technique with a polynomial time complexity. The effectiveness of our techniques is studied under various conditions using location data synthetically generated using real road maps and traffic volume data. The results show that our techniques can indeed protect user anonymity at a desired level, and at the same time, minimize the size of each cloaking area, allowing users to receive high quality services.
- P. E. Agre. Transport Informatics and the New Landscape of Privacy Issues. In Computer Professionals for Social Responsibility (CPSR) Newsletter, volume 13(3), 1995.Google Scholar
- L. Barkhuus and A. Dey. Location-based Services for Mobile Telephony: A Study of Users' Privacy Concerns. In 9th International Conference on Human-Computer Interaction, 2003.Google Scholar
- A. R. Beresford and F. Stajano. Location Privacy in Pervasive Computing. In IEEE Security and Privacy, volume 2, pages 46--55, 2003. Google ScholarDigital Library
- T. Brinkhoff. A Framework for Generating Network-Based Moving Objects. In GeoInformatica, volume 6(2), 2002. Google ScholarDigital Library
- Y. Cai, K. A. Hua, G. Cao, and T. Xu. Real-Time Processing of Range-Monitoring Queries in Heterogeneous Mobile Databases. IEEE Transactions on Mobile Computing, 5(7):931--942, July 2006. Google ScholarDigital Library
- R. Cheng, Y. Zhang, E. Bertino, and S. Prabhakar. Preserving User Location Privacy in Mobile Data Management Infrastructure. In 6th Workshop on Privacy Enhancing Technologies, 2006. Google ScholarDigital Library
- C. Y. Chow, M. F. Mokbel, and X. Liu. A Peer-to-Peer Spatial Cloaking Algorithm for Anonymous Location-based Services. In ACM GIS'06, pages 171--178, November 2006. Google ScholarDigital Library
- T. M. Cover and J. A. Thomas. Elements of Information Theory. Wiley, 2006. ISBN 0-471-24195-4. Google ScholarDigital Library
- J. Cuellar, J. Morris, and D. Mulligan. In Internet Engineering Task Force Geopriv Requirements, http://www.ietf.org/html.charters/geopriv-charter.html. Google ScholarDigital Library
- J. R. Cuellar, J. B. Morris, and D. K. Mulligan. Geopriv Requirements. In Internet draft, www.ietf.org/internet-drafts/draft-ietf-geopriv-reqs-01.txt. Google ScholarDigital Library
- S. Duri, M. Gruteser, X. Liu, P. Moskowitz, R. Perez, M. Singh, and J. Tang. Framework for Security and Privacy in Automotive Telematics. In Proceedings of the second International Workshop on Mobile Commerce, pages 25--32. ACM Press, 2002. Google ScholarDigital Library
- B. Gedik and L. Liu. A Customizable k-Anonymity Model for Protecting Location Privacy. In ICDCS'05, pages 620--629, 2005.Google Scholar
- M. Gruteser and D. Grunwald. Anonymous Usage of Location-based Services through Spatial and Temporal Cloaking. In ACM MobiSys'03, pages 31--42, 2003. Google ScholarDigital Library
- B. Hoh and M. Gruteser. Location Privacy Through Path Confusion. In IEEE/CreateNet Intl. Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm), 2005. Google ScholarDigital Library
- P. Kalnis, G. Ghinita, K. Mouratidis, and D. Papadias. Preserving Anonymity in Location Based Services. In Technical Report TRB6/06, Department of Computer Science, National University of Singapore.Google Scholar
- P. A. Karger and Y. Frankel. Security and Privacy Threats to ITS. In Proceedings of the Second World Congress on Intelligent Transport Systems, volume 5, pages 2452--2458, 1995.Google Scholar
- H. Kido, Y. Yanagisawa, and T. Satoh. An Anonymous Communication Technique using Dummies for Location-based Services. In IEEE ICPS'05, pages 88--97, 2005.Google ScholarCross Ref
- M. Langheinrich. A Privacy Awareness System for Ubiquitous Computing Environments. In 4th International Conference on Ubiquitous Computing, volume 2498, pages 237--245, 2003. Google ScholarDigital Library
- K. LeFevre, D. DeWitt, and R. Ramakrishnan. Incognito: Efficient Full-Domain K-Anonymity. In SIGMOD'05, pages 49--60, 2005. Google ScholarDigital Library
- K. LeFevre, D. DeWitt, and R. Ramakrishnan. Mondrian Multidimensional K-Anonymity. In ICDE'06, page 25, 2006. Google ScholarDigital Library
- A. Meyerson and R. Williams. On the Complexity of Optimal K-Anonymity. In PODS'04, pages 223--228, 2004. Google ScholarDigital Library
- M. F. Mokbel, C.-Y. Chow, and W. G. Aref. The New Casper: Query Processing for Location Services without Compromising Privacy. In Proceedings of the 32nd International Conference on Very Large Data Bases (VLDB'06), pages 763--774, 2006. Google ScholarDigital Library
- M. F. Mokbel, X. Xiong, and W. G. Aref. SINA: Scalable Incrementable Processing of Continuous Queries in Spatio-temporal Databases. In SIGMOD '04, pages 623--634, Paris, France, 2004. Google ScholarDigital Library
- G. Myles, A. Friday, and N. Davies. Preserving Privacy in Environments with Location-based Applications. In IEEE Pervasive Computing, volume 02, pages 56--64, 2003. Google ScholarDigital Library
- D. Reid. An Algorithm for Tracking Multiple Targets. IEEE Transactions on Automatic Control, 24(6):843--854, December 1979.Google Scholar
- N. Roussopoulos, S. Kelley, and F. Vincent. Nearest Neighbor Queries. In Proceedings of ACM SIGMOD'95, pages 71--79, May 1995. Google ScholarDigital Library
- A. Serjantov and G. Danezis. Towards an Information Theoretic Metric for Anonymity. In Roger Dingledine and Paul Syverson, editors, Privacy Enhancing Technologies workshop (PET 2002), volume 2482 of LNCS, pages 41--53. Springer-Verlag, 2002. Google ScholarDigital Library
- C. Shannon. The Mathematical Theory of Communication. In Bell System Technical Journal, volume 30, pages 50--64, 1948.Google Scholar
- Z. Song and N. Roussopoulos. K-nearest Neighbor Search for Moving Query Point. In Proceedings of the 7th International Symposium on Advances in Spatial and Temporal Databases (SSTD'01), pages 79--96, London, UK, 2001. Google ScholarDigital Library
- L. Sweeney. A Model for Protecting Privacy. In International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, volume 10(5), pages 557--570, 2002. Google ScholarDigital Library
- L. Sweeney. Achieving k-anonymity Privacy Protection Using Generalization and Suppression. In International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, volume 10(5), pages 571--588, 2002. Google ScholarDigital Library
- Y. Tao, D. Papadias, and Q. Shen. Continuous Nearest Neighbor Search. In Proc. of International Conference on Very Large Data Bases (VLDB'02), pages 287--298, Hong Kong, China, August 20--23, 2002. Google ScholarDigital Library
- R. Want, A. Hopper, V. Falco, and J. Gibbons. The Active Badge Location System. In ACM Transactions on Information Systems (TOIS), volume 10(1), pages 91--102, 1992. Google ScholarDigital Library
- J. Warrior, E. McHenry, and K. McGee. They Know Where You Are. In IEEE Spectrum, 2003.Google ScholarDigital Library
- B. Zheng, W.-C. Lee, and D. Lee. Search continuous nearest neighbors on the air. In the First International Conference on Mobile and Ubiquitous Systems: Networking and Services (Mobiquitous'04), pages 236--245, Boston, MA, U.S.A, August 22--26 2004.Google Scholar
Index Terms
Location anonymity in continuous location-based services
Recommendations
Feeling-based location privacy protection for location-based services
CCS '09: Proceedings of the 16th ACM conference on Computer and communications securityAnonymous location information may be correlated with restricted spaces such as home and office for subject re-identification. This makes it a great challenge to provide location privacy protection for users of location-based services. Existing work ...
Landscape-aware location-privacy protection in location-based services
Mobile network providers have developed a variety of location-based services (LBSs), such as friend-finder, point of interest services, emergency rescue and many other safety and security services. The protection of location-privacy has consequently ...
From location to location pattern privacy in location-based services
Location privacy is extensively studied in the context of location-based services (LBSs). Typically, users are assigned a location privacy profile and the precise locations are cloaked so that the privacy profile is not compromised. Though being well-...
Comments