AnonySense: A system for anonymous opportunistic sensing

We describe AnonySense, a privacy-aware system for realizing pervasive applications based on collaborative, opportunistic sensing by personal mobile devices. AnonySense allows applications to submit sensing tasks to be distributed across participating mobile devices, later receiving verified, yet anonymized, sensor data reports back from the field, thus providing the first secure implementation of this participatory sensing model. We describe our security goals, threat model, and the architecture and protocols of AnonySense. We also describe how AnonySense can support extended security features that can be useful for different applications. We evaluate the security and feasibility of AnonySense through security analysis and prototype implementation. We show the feasibility of our approach through two plausible applications: a Wi-Fi rogue access point detector and a lost-object finder.

[1]  Gregory D. Abowd,et al.  Developing privacy guidelines for social location disclosure applications and services , 2005, SOUPS '05.

[2]  Suman Nath,et al.  SenseWeb: An Infrastructure for Shared Sensing , 2007, IEEE MultiMedia.

[3]  Markus Jakobsson,et al.  A charging and rewarding scheme for packet forwarding in multi-hop cellular networks , 2003, MobiHoc '03.

[4]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[5]  U Moeller,et al.  Mixmaster Protocol Version 2 , 2004 .

[6]  David Kotz,et al.  AnonySense: Opportunistic and Privacy-Preserving Context Collection , 2009, Pervasive.

[7]  James Fogarty,et al.  Putting people in their place: an anonymous and privacy-sensitive approach to collecting sensed data in location-based applications , 2006, CHI.

[8]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[9]  Wolfgang Kellerer,et al.  Objects Calling Home: Locating Objects Using Mobile Phones , 2007, Pervasive.

[10]  Emiliano Miluzzo,et al.  The BikeNet mobile sensing system for cyclist experience mapping , 2007, SenSys '07.

[11]  K. Shadan,et al.  Available online: , 2012 .

[12]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[13]  Panos Kalnis,et al.  Providing K-Anonymity in location based services , 2010, SKDD.

[14]  Levente Buttyán,et al.  Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks , 2003, Mob. Networks Appl..

[15]  Cristian Borcea,et al.  The Urbanet Revolution: Sensor Power to the People! , 2007, IEEE Pervasive Computing.

[16]  Leonidas J. Guibas,et al.  Mobiscopes for Human Spaces , 2007, IEEE Pervasive Computing.

[17]  Eric R. Verheul,et al.  Self-Blindable Credential Certificates from the Weil Pairing , 2001, ASIACRYPT.

[18]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[19]  Markus Jakobsson,et al.  A Micro-Payment Scheme Encouraging Collaboration in Multi-hop Cellular Networks , 2003, Financial Cryptography.

[20]  Mirco Musolesi,et al.  Sensing meets mobile social networks: the design, implementation and evaluation of the CenceMe application , 2008, SenSys '08.

[21]  Deborah Estrin,et al.  Achieving Participatory Privacy Regulation: Guidelines for CENS Urban Sensing , 2008 .

[22]  Minho Shin,et al.  Anonysense: privacy-aware people-centric sensing , 2008, MobiSys '08.

[23]  Emiliano Miluzzo,et al.  People-centric urban sensing , 2006, WICON '06.

[24]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[25]  Marco Gruteser,et al.  USENIX Association , 1992 .

[26]  Ramachandran Ramjee,et al.  Nericell: rich monitoring of road and traffic conditions using mobile smartphones , 2008, SenSys '08.

[27]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[28]  Mikkel Baun Kjærgaard,et al.  Zone-Based RSS Reporting for Location Fingerprinting , 2007, Pervasive.

[29]  Romit Roy Choudhury,et al.  Micro-Blog: sharing and querying content through mobile phones and social participation , 2008, MobiSys '08.

[30]  X. S. Wang,et al.  Preserving Anonymity in Location-based Services When Requests from the Same Issuer May Be Correlated , 2007 .

[31]  Sheng Zhong,et al.  Sprite: a simple, cheat-proof, credit-based system for mobile ad-hoc networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[32]  Marco Gruteser,et al.  Protecting Location Privacy Through Path Confusion , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[33]  Jon E. Froehlich,et al.  Measuring the Pulse of the City through Shared Bicycle Programs , 2008 .

[34]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[35]  Yang Zhang,et al.  CarTel: a distributed mobile sensor computing system , 2006, SenSys '06.

[36]  Helen J. Wang,et al.  Preserving location privacy in wireless lans , 2007, MobiSys '07.