Trust no one: a decentralized matching service for privacy in location based services

We propose a new approach to ensure privacy in location based services, without requiring any support from a "trusted" entity. We observe that users of location based services are sensitive about their i) location coordinates and ii) their interests and social relationships, as captured in their queries. We also observe there are entities that naturally have access to at least one of these pieces of information. The user and/or their mobile operator has access to their current location, and the LBS provider needs to know of the interests (in businesses, services and acquaintances) of a user. In this paper we consider whether it is possible for these entities to exchange information such that a user's queries to the LBS can be answered without i) any one entity coming to know of all sensitive information ii) a loss in the quality of service of the query, or an inordinate load on the user. Specifically, we outline the design of a decentralized matching service that takes encoded information from both the participating entities, and creates triggers when a user, and their objects of interest are in the vicinity of each other. Given that each component of the matching service has access to only a limited amount of encoded information, we argue that it will be impossible to recreate any sensitive user-specific information.

[1]  Chi-Yin Chow,et al.  A peer-to-peer spatial cloaking algorithm for anonymous location-based service , 2006, GIS '06.

[2]  Panos Kalnis,et al.  MobiHide: A Mobilea Peer-to-Peer System for Anonymous Location-Based Queries , 2007, SSTD.

[3]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[4]  Marco Gruteser,et al.  On the Anonymity of Periodic Location Samples , 2005, SPC.

[5]  Ben Y. Zhao,et al.  Towards a Common API for Structured Peer-to-Peer Overlays , 2003, IPTPS.

[6]  Anjali Gupta,et al.  Efficient Routing for Peer-to-Peer Overlays , 2004, NSDI.

[7]  Wolfgang Kellerer,et al.  Hybrid DHT Design for Mobile Environments , 2006, AP2PC.

[8]  Justin Manweiler,et al.  SMILE: encounter-based trust for mobile social services , 2009, CCS.

[9]  Romit Roy Choudhury,et al.  Hiding stars with fireworks: location privacy through camouflage , 2009, MobiCom '09.

[10]  Marco Gruteser,et al.  Protecting Location Privacy Through Path Confusion , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[11]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[12]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[13]  Tetsuji Satoh,et al.  Protection of Location Privacy using Dummies for Location-based Services , 2005, 21st International Conference on Data Engineering Workshops (ICDEW'05).

[14]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[15]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[16]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[17]  Liviu Iftode,et al.  Privately querying location-based services with SybilQuery , 2009, UbiComp.

[18]  I. Kelenyi,et al.  Distributed Hash Table on Mobile Phones , 2008, 2008 5th IEEE Consumer Communications and Networking Conference.

[19]  Ramón Cáceres,et al.  Virtual individual servers as privacy-preserving proxies for mobile devices , 2009, MobiHeld '09.

[20]  Christian Bonnet,et al.  Vehicular Mobility Simulation for VANETs , 2007, 40th Annual Simulation Symposium (ANSS'07).

[21]  Ling Liu,et al.  Supporting anonymous location queries in mobile environments with privacygrid , 2008, WWW.

[22]  Marco Gruteser,et al.  USENIX Association , 1992 .

[23]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[24]  Thomas Brinkhoff,et al.  A Framework for Generating Network-Based Moving Objects , 2002, GeoInformatica.

[25]  Pierangela Samarati,et al.  Location privacy in pervasive computing , 2008 .