A System-Level Architecture for Fine-Grained Privacy Control in Location-Based Services

We introduce a system-level architecture providing fine-grained control over user privacy, in the context of location-based services accessed via mobile devices. In contrast with most mobile platforms today, users only have coarse-grained control over their privacy, either accepting to unconditionally stream their locations in order to use a service, or renouncing the service altogether. However, not all location-based services do require the same level of location accuracy and the same level of privacy renouncement. With this architecture, the user can adapt the tradeoff between location privacy and location accuracy. To achieve this, our architecture relies on three main elements: a trusted module extending the underlying mobile platform, a secure protocol between that module and untrusted applications offering location-based services, and a tree capturing user's zones of interest and organizing them in various accuracy levels. Untrusted mobile applications no longer receive user locations directly: the trusted module intercepts them to compute user's zones of interest and create the tree. The user can then decide what level of accuracy will be disclosed to what application. We evaluate this architecture from a privacy preserving point of view by comparing well-known blurring mechanisms and our tree.

[1]  Sébastien Gambs,et al.  Show me how you move and I will tell you who you are , 2010, SPRINGL '10.

[2]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[3]  Marios Hadjieleftheriou,et al.  R-Trees - A Dynamic Index Structure for Spatial Searching , 2008, ACM SIGSPATIAL International Workshop on Advances in Geographic Information Systems.

[4]  G. Rushton,et al.  Geographically masking health data to preserve confidentiality. , 1999, Statistics in medicine.

[5]  Reza Shokri,et al.  Privacy through Fake yet Semantically Real Traces , 2015, ArXiv.

[6]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[7]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[8]  Imad Aad,et al.  The Mobile Data Challenge: Big Data for Mobile Computing Research , 2012 .

[9]  Adrian Holzer,et al.  Middleware for location privacy: an overview , 2012, RACS.

[10]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[11]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[12]  Jie Yang,et al.  Towards Understanding the Advertiser's Perspective of Smartphone User Privacy , 2015, 2015 IEEE 35th International Conference on Distributed Computing Systems.

[13]  Hunter N. B. Moseley,et al.  Limits of Predictability in Human Mobility , 2010 .

[14]  Xiaodong Lin,et al.  FINE: A fine-grained privacy-preserving location-based service framework for mobile devices , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[15]  César A. Hidalgo,et al.  Unique in the Crowd: The privacy bounds of human mobility , 2013, Scientific Reports.

[16]  Norman M. Sadeh,et al.  Caché: caching location-enhanced content to improve user privacy , 2011, MobiSys '11.

[17]  Nigel Davies,et al.  Preserving Privacy in Environments with Location-Based Applications , 2003, IEEE Pervasive Comput..

[18]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[19]  Hui Zang,et al.  Anonymization of location data does not work: a large-scale measurement study , 2011, MobiCom.

[20]  Osmar R. Zaïane,et al.  Privacy Preserving Clustering by Data Transformation , 2010, J. Inf. Data Manag..

[21]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[22]  Kang G. Shin,et al.  Location Privacy Protection for Smartphone Users , 2014, CCS.

[23]  Alastair R. Beresford,et al.  MockDroid: trading privacy for application functionality on smartphones , 2011, HotMobile '11.

[24]  Indrakshi Ray,et al.  Towards Achieving Personalized Privacy for Location-Based Services , 2009, Trans. Data Priv..