Defining perfect location privacy using anonymization

The popularity of mobile devices and location-based services (LBS) has created great concerns regarding the location privacy of users of such devices and services. Anonymization is a common technique that is often being used to protect the location privacy of LBS users. In this paper, we provide a general information theoretic definition for location privacy. In particular, we define perfect location privacy. We show that under certain conditions, perfect privacy is achieved if the pseudonyms of users are changed before O(N(2/r-1)) observations by the adversary, where N is the number of users and r is the number of sub-regions or locations.

[1]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[2]  Marco Gruteser,et al.  USENIX Association , 1992 .

[3]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[4]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[5]  Maxim Raya,et al.  Mix-Zones for Location Privacy in Vehicular Networks , 2007 .

[6]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[7]  Vladimir Zadorozhny,et al.  Proceedings of the Seventh ACM International Workshop on Data Engineering for Wireless and Mobile Access , 2008, MobiDE 2008.

[8]  Laks V. S. Lakshmanan,et al.  Proceedings of the 2008 ACM SIGMOD international conference on Management of data , 2008, SIGMOD 2008.

[9]  Ashwin Machanavajjhala,et al.  Privacy: Theory meets Practice on the Map , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[10]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[11]  Hua Lu,et al.  PAD: privacy-area aware, dummy-based location privacy in mobile services , 2008, MobiDE '08.

[12]  Frank Kargl,et al.  A location privacy metric for V2X communication systems , 2009, 2009 IEEE Sarnoff Symposium.

[13]  Reza Shokri,et al.  On the Optimal Placement of Mix Zones , 2009, Privacy Enhancing Technologies.

[14]  Shen-Shyang Ho,et al.  Differential privacy for location pattern mining , 2011, SPRINGL '11.

[15]  George Danezis,et al.  Quantifying Location Privacy: The Case of Sporadic Location Exposure , 2011, PETS.

[16]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[17]  George Danezis,et al.  Proceedings of the 2012 ACM conference on Computer and communications security , 2012, CCS 2012.

[18]  Frank Dürr,et al.  A classification of location privacy attacks and approaches , 2012, Personal and Ubiquitous Computing.

[19]  Chris Clifton,et al.  Differential identifiability , 2012, KDD.

[20]  Carmela Troncoso,et al.  Protecting location privacy: optimal strategy against localization attacks , 2012, CCS.

[21]  Jong Kim,et al.  Differential Privacy in Practice , 2013, J. Comput. Sci. Eng..

[22]  Rinku Dewri,et al.  Local Differential Perturbations: Location Privacy under Approximate Knowledge Attackers , 2013, IEEE Transactions on Mobile Computing.

[23]  Catuscia Palamidessi,et al.  Broadening the Scope of Differential Privacy Using Metrics , 2013, Privacy Enhancing Technologies.

[24]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[25]  Catuscia Palamidessi,et al.  Geo-indistinguishability: differential privacy for location-based systems , 2012, CCS.

[26]  Catuscia Palamidessi,et al.  Optimal Geo-Indistinguishable Mechanisms for Location Privacy , 2014, CCS.

[27]  Reza Shokri,et al.  Optimal User-Centric Data Obfuscation , 2014 .

[28]  Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security , 2014, CCS.

[29]  C. Palamidessi,et al.  Location privacy via geo-indistinguishability , 2015, SIGL.

[30]  Catuscia Palamidessi,et al.  Geo-indistinguishability: A Principled Approach to Location Privacy , 2015, ICDCIT.