Caché: caching location-enhanced content to improve user privacy

We present the design, implementation, and evaluation of Caché, a system that offers location privacy for certain classes of location-based applications. The core idea in Caché is to periodically pre-fetch potentially useful location-enhanced content well in advance. Applications then retrieve content from a local cache on the mobile device when it is needed. This approach allows an end-user to make use of location-enhanced content while only revealing to third-party content providers a large geographic region rather than a precise location. In this paper, we present an analysis that examines tradeoffs in terms of storage, bandwidth, and freshness of data. We then discuss the design and implementation of an Android service embodying these ideas. Finally, we provide two evaluations of Caché. One measures the performance of our approach with respect to privacy and mobile content availability using real-world mobility traces. The other focuses on our experiences using Caché to enhance user privacy in three open source Android applications.

[1]  Lorrie Faith Cranor,et al.  Understanding and capturing people’s privacy policies in a mobile social networking application , 2009, Personal and Ubiquitous Computing.

[2]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[3]  Anind K. Dey,et al.  Location-Based Services for Mobile Telephony: a Study of Users' Privacy Concerns , 2003, INTERACT.

[4]  Marco Gruteser,et al.  On the Anonymity of Periodic Location Samples , 2005, SPC.

[5]  Nathan Eagle,et al.  Behavioral Inference across Cultures: Using Telephones as a Cultural Lens , 2008, IEEE Intelligent Systems.

[6]  Ninghui Li,et al.  End-User Privacy in Human–Computer Interaction , 2009 .

[7]  Sandeep Pandey,et al.  Crawl ordering by search impact , 2008, WSDM '08.

[8]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[9]  David A. Cooper,et al.  Preserving privacy in a network of mobile computers , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[10]  Richard Harper Why do People Wear Active Badges , 1993 .

[11]  Mahadev Satyanarayanan,et al.  Predictive Resource Management for Wearable Computing , 2003, MobiSys '03.

[12]  Marco Gruteser,et al.  USENIX Association , 1992 .

[13]  John Zimmerman,et al.  I'm the mayor of my house: examining why people use foursquare - a social-driven location sharing application , 2011, CHI.

[14]  John Krumm,et al.  Exploring end user preferences for location obfuscation, location-based services, and the value of location , 2010, UbiComp.

[15]  Scott Shenker,et al.  A data-oriented (and beyond) network architecture , 2007, SIGCOMM '07.

[16]  Marvin Theimer,et al.  The Bayou Architecture: Support for Data Sharing Among Mobile Users , 1994, 1994 First Workshop on Mobile Computing Systems and Applications.

[17]  Norman M. Sadeh,et al.  Caché: caching location-enhanced content to improve user privacy , 2010, ACM SIGMOBILE Mob. Comput. Commun. Rev..

[18]  Carmela Troncoso,et al.  Unraveling an old cloak: k-anonymity for location privacy , 2010, WPES '10.

[19]  Bill N. Schilit,et al.  Place Lab: Device Positioning Using Radio Beacons in the Wild , 2005, Pervasive.

[20]  Mahadev Satyanarayanan,et al.  Disconnected Operation in the Coda File System , 1999, Mobidata.

[21]  Saikat Guha,et al.  Privad: Practical Privacy in Online Advertising , 2011, NSDI.

[22]  Steve Talbott The trouble with ubiquitous technology pushers , 2000, CFP '00.

[23]  Nitesh Saxena,et al.  On the Privacy of Web Search Based on Query Obfuscation: A Case Study of TrackMeNot , 2010, Privacy Enhancing Technologies.

[24]  Liviu Iftode,et al.  Privately querying location-based services with SybilQuery , 2009, UbiComp.

[25]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[26]  Alistair Kelman,et al.  Database Nation: The Death of Privacy in the 21st Century , 2000, J. Inf. Law Technol..

[27]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[28]  Norman M. Sadeh,et al.  Modeling people's place naming preferences in location sharing , 2010, UbiComp.

[29]  Hector Garcia-Molina,et al.  Synchronizing a database to improve freshness , 2000, SIGMOD '00.

[30]  Romit Roy Choudhury,et al.  Hiding stars with fireworks: location privacy through camouflage , 2009, MobiCom '09.

[31]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[32]  Philip S. Yu,et al.  Optimal crawling strategies for web search engines , 2002, WWW '02.

[33]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[34]  Sandeep Pandey,et al.  Recrawl scheduling based on information longevity , 2008, WWW.

[35]  Waseem A. Karim The Privacy Implications of Personal Locators: Why You Should Think Twice Before Voluntarily Availing Yourself to GPS Monitoring , 2004 .

[36]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[37]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[38]  Bill N. Schilit,et al.  Privacy and Security in the Location-enhanced World Wide Web , 2003 .

[39]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[40]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[41]  Eyal de Lara,et al.  Haggle: Seamless Networking for Mobile Applications , 2007, UbiComp.

[42]  Mahadev Satyanarayanan,et al.  Experience with Disconnected Operation in a Mobile Computing Environment , 1994, Mobidata.

[43]  Per Persson,et al.  DeDe: design and evaluation of a context-enhanced mobile messaging system , 2005, CHI.

[44]  Byung K. Yi,et al.  Location Based Services for Mobiles :Technologies and Standards , 2008 .

[45]  David Brin,et al.  The Transparent Society , 1998 .

[46]  Peter F. Patel-Schneider,et al.  Enabling context-aware and privacy-conscious user data sharing , 2004, IEEE International Conference on Mobile Data Management, 2004. Proceedings. 2004.

[47]  Ian Goldberg,et al.  Achieving Efficient Query Privacy for Location Based Services , 2010, Privacy Enhancing Technologies.

[48]  Roy Want You're Not Paranoid; They Really Are Watching You! , 2007, IEEE Pervasive Comput..

[49]  Lars Kulik,et al.  Location privacy and location-aware computing , 2006 .

[50]  John Seely Brown,et al.  The Origins of Ubiquitous Computing Research at PARC in the Late 1980s , 1999, IBM Syst. J..

[51]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[52]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[53]  Eija Kaasinen,et al.  User needs for location-aware mobile services , 2003, Personal and Ubiquitous Computing.