USENIX Association

Advances in sensing and tracking technology enable location-based applications but they also create significant privacy risks. Anonymity can provide a high degree of privacy, save service users from dealing with service providers’ privacy policies, and reduce the service providers’ requirements for safeguarding private information. However, guaranteeing anonymous usage of location-based services requires that the precise location information transmitted by a user cannot be easily used to re-identify the subject. This paper presents a middleware architecture and algorithms that can be used by a centralized location broker service. The adaptive algorithms adjust the resolution of location information along spatial or temporal dimensions to meet specified anonymity constraints based on the entities who may be using location services within a given area. Using a model based on automotive traffic counts and cartographic material, we estimate the realistically expected spatial resolution for different anonymity constraints. The median resolution generated by our algorithms is 125 meters. Thus, anonymous location-based requests for urban areas would have the same accuracy currently needed for E-911 services; this would provide sufficient resolution for wayfinding, automated bus routing services and similar location-dependent services.

[1]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[2]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[3]  Hanan Samet,et al.  The Design and Analysis of Spatial Data Structures , 1989 .

[4]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[5]  Andy Hopper,et al.  The active badge location system , 1992, TOIS.

[6]  Marvin Theimer,et al.  Providing location information in a ubiquitous computing environment (panel session) , 1994, SOSP '93.

[7]  P A Karger,et al.  SECURITY AND PRIVACY THREATS TO ITS , 1995 .

[8]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[9]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[10]  Theodore S. Rappaport,et al.  An overview of the challenges and progress in meeting the E-911 requirement for location service , 1998, IEEE Commun. Mag..

[11]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[12]  Paul Syverson,et al.  Onion Routing for Anonymous and Private Internet Connections , 1999 .

[13]  Andy Hopper,et al.  The Anatomy of a Context-Aware Application , 1999, Wirel. Networks.

[14]  Rui José,et al.  Scalable and Flexible Location-Based Services for Ubiquitous Information Access , 1999, HUC.

[15]  Hari Balakrishnan,et al.  6th ACM/IEEE International Conference on on Mobile Computing and Networking (ACM MOBICOM ’00) The Cricket Location-Support System , 2022 .

[16]  Brian Neil Levine,et al.  A protocol for anonymous communication over the Internet , 2000, CCS.

[17]  Ramakrishnan Srikant,et al.  Privacy-preserving data mining , 2000, SIGMOD '00.

[18]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[19]  Charu C. Aggarwal,et al.  On the design and quantification of privacy preserving data mining algorithms , 2001, PODS.

[20]  Stéphane H. Maes,et al.  Enabling location-based applications , 2001, WMC '01.

[21]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[22]  Marco Gruteser,et al.  Framework for security and privacy in automotive telematics , 2002, WMC '02.

[23]  J. Mcneff The global positioning system , 2002 .

[24]  Roy H. Campbell,et al.  Routing through the mist: privacy preserving communication in ubiquitous computing environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[25]  Asim Smailagic,et al.  Location sensing and privacy in a context-aware computing environment , 2002, IEEE Wirel. Commun..

[26]  Riccardo Bettati,et al.  A quantitative analysis of anonymous communications , 2004, IEEE Transactions on Reliability.