Privacy preservation in the dissemination of location data

The rapid advance in handheld communication devices and the appearance of smartphones has allowed users to connect to the Internet and surf on the WWW while they are moving around the city or traveling. Location based services have been developed to deliver content that is adjusted to the current user location. Social networks have also responded to the challenge of users who can access the Internet from any place in the city, and location based social-networks like Foursquare have become very popular in a short period of time. The popularity of these applications is linked to the significant advantages they offer: users can exploit live location-based information to take dynamic decisions on issues like transportation, identification of places of interest or even on the opportunity to meet a friend or an associate in nearby locations. A side effect of sharing location-based information is that it exposes the user to substantial privacy related threats. Revealing the user's location carelessly can prove to be embarrassing, harmful professionally, or even dangerous. Research in the data management field has put significant effort on anonymization techniques that obfuscate spatial information in order to hide the identity of the user or her exact location. Privacy guaranties and anonymization algorithms become increasingly sophisticated offering better and more efficient protection in data publishing and data exchange. Still, it is not clear yet what are the greatest dangers to user privacy and which are the most realistic privacy breaching scenarios. The aim of the paper is to provide a brief survey of the attack scenarios, the privacy guaranties and the data transformations employed to protect user privacy in real time. The paper focuses mostly on providing an overview of the privacy models that are investigated in literature and less on the algorithms and their scaling capabilities. The models and the attack scenarios are classified and compared, in order to provide an overview of the cases that are covered by existing research.

[1]  Ling Liu,et al.  Supporting anonymous location queries in mobile environments with privacygrid , 2008, WWW.

[2]  Mohamed F. Mokbel,et al.  Identifying Unsafe Routes for Network-Based Trajectory Privacy , 2009, SDM.

[3]  Marco Gruteser,et al.  USENIX Association , 1992 .

[4]  Vania Bogorny,et al.  Preserving privacy in semantic-rich trajectories of human mobility , 2010, SPRINGL '10.

[5]  David J. DeWitt,et al.  Incognito: efficient full-domain K-anonymity , 2005, SIGMOD '05.

[6]  D. Boyd,et al.  Social Network Sites: Public Private or What? , 2007 .

[7]  Elisa Bertino,et al.  Privacy-Aware Location-Aided Routing in Mobile Ad Hoc Networks , 2010, 2010 Eleventh International Conference on Mobile Data Management.

[8]  Emre Kaplan,et al.  Discovering private trajectories using background information , 2010, Data Knowl. Eng..

[9]  Stavros Papadopoulos,et al.  Nearest neighbor search with strong location privacy , 2010, Proc. VLDB Endow..

[10]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[11]  Man Lung Yiu,et al.  Private and Flexible Proximity Detection in Mobile Social Networks , 2010, 2010 Eleventh International Conference on Mobile Data Management.

[12]  Axel Küpper,et al.  Anonymous User Tracking for Location-Based Community Services , 2006, LoCA.

[13]  Ove Andersen,et al.  A Location Privacy Aware Friend Locator , 2009, SSTD.

[14]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[15]  A. Khoshgozaran,et al.  SPIRAL: A Scalable Private Information Retrieval Approach to Location Privacy , 2008, 2008 Ninth International Conference on Mobile Data Management Workshops, MDMW.

[16]  Doo-Kwon Baik,et al.  An anonymous communication model for privacy-enhanced location based service using an echo agent , 2009, ICUIMC '09.

[17]  Hua Lu,et al.  SpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[18]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[19]  Ashwin Machanavajjhala,et al.  Privacy-Preserving Data Publishing , 2009, Found. Trends Databases.

[20]  Elisa Bertino,et al.  The PROBE Framework for the Personalized Cloaking of Private Locations , 2010, Trans. Data Priv..

[21]  Elisa Bertino,et al.  Preventing velocity-based linkage attacks in location-aware applications , 2009, GIS.

[22]  Panos Kalnis,et al.  Privacy-preserving anonymization of set-valued data , 2008, Proc. VLDB Endow..

[23]  Nigel Davies,et al.  Preserving Privacy in Environments with Location-Based Applications , 2003, IEEE Pervasive Comput..

[24]  Panos Kalnis,et al.  A reciprocal framework for spatial K-anonymity , 2010, Inf. Syst..

[25]  Laks V. S. Lakshmanan,et al.  Anonymizing moving objects: how to hide a MOB in a crowd? , 2009, EDBT '09.

[26]  Indrakshi Ray,et al.  Towards Achieving Personalized Privacy for Location-Based Services , 2009, Trans. Data Priv..

[27]  Walid G. Aref,et al.  The New Casper: A Privacy-Aware Location-Based Database Server , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[28]  Sushil Jajodia,et al.  Privacy-Aware Proximity Based Services , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[29]  Cyrus Shahabi,et al.  Location privacy: going beyond K-anonymity, cloaking and anonymizers , 2011, Knowledge and Information Systems.

[30]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[31]  Sushil Jajodia,et al.  Privacy in geo-social networks: proximity notification with untrusted service providers and curious buddies , 2010, The VLDB Journal.

[32]  Peter Steenkiste,et al.  Access control to people location information , 2005, TSEC.

[33]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[34]  George Danezis,et al.  A study on the value of location privacy , 2006, WPES '06.

[35]  Elisa Bertino,et al.  A Hybrid Technique for Private Location-Based Queries with Database Protection , 2009, SSTD.

[36]  Peter Steenkiste,et al.  Implementing access control to people location information , 2004, SACMAT '04.

[37]  Lorrie Faith Cranor,et al.  Understanding and capturing people’s privacy policies in a mobile social networking application , 2009, Personal and Ubiquitous Computing.

[38]  Mor Naaman,et al.  Over-exposed?: privacy patterns and considerations in online and mobile photo sharing , 2007, CHI.

[39]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[40]  Danah Boyd,et al.  Facebook privacy settings: Who cares? , 2010, First Monday.

[41]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[42]  Panos Kalnis,et al.  Providing K-Anonymity in location based services , 2010, SKDD.

[43]  Dan Boneh,et al.  Location Privacy via Private Proximity Testing , 2011, NDSS.

[44]  Danah Boyd,et al.  Social Network Sites: Definition, History, and Scholarship , 2007, J. Comput. Mediat. Commun..

[45]  Francesco Bonchi,et al.  Never Walk Alone: Uncertainty for Anonymity in Moving Objects Databases , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[46]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[47]  Kien A. Hua,et al.  Query l-diversity in Location-Based Services , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[48]  Kun Liu,et al.  An Attacker's View of Distance Preserving Maps for Privacy Preserving Data Mining , 2006, PKDD.

[49]  Panos Kalnis,et al.  Location Diversity: Enhanced Privacy Protection in Location Based Services , 2009, LoCA.

[50]  Ben Y. Zhao,et al.  Preserving privacy in location-based mobile social applications , 2010, HotMobile '10.

[51]  Josep Domingo-Ferrer,et al.  Privacy-preserving publication of trajectories using microaggregation , 2010, SPRINGL '10.

[52]  John Krumm,et al.  Exploring end user preferences for location obfuscation, location-based services, and the value of location , 2010, UbiComp.

[53]  Francesco Bonchi,et al.  Anonymization of moving objects databases by clustering and perturbation , 2010, Inf. Syst..

[54]  Chi-Yin Chow,et al.  Enabling Private Continuous Queries for Revealed User Locations , 2007, SSTD.

[55]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[56]  Sushil Jajodia,et al.  Preserving Anonymity of Recurrent Location-Based Queries , 2009, 2009 16th International Symposium on Temporal Representation and Reasoning.

[57]  Alessandro Acquisti,et al.  Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook , 2006, Privacy Enhancing Technologies.

[58]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[59]  Aris Gkoulalas-Divanis,et al.  A Free Terrain Model for Trajectory K-Anonymity , 2008, DEXA.

[60]  Raymond Chi-Wing Wong,et al.  Minimality Attack in Privacy Preserving Data Publishing , 2007, VLDB.

[61]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[62]  Nikos Mamoulis,et al.  Privacy Preservation in the Publication of Trajectories , 2008, The Ninth International Conference on Mobile Data Management (mdm 2008).

[63]  Hans-Peter Kriegel,et al.  The R*-tree: an efficient and robust access method for points and rectangles , 1990, SIGMOD '90.

[64]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[65]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[66]  Sushil Jajodia,et al.  Protecting Privacy Against Location-Based Personal Identification , 2005, Secure Data Management.

[67]  Ying Cai,et al.  Exploring Historical Location Data for Anonymity Preservation in Location-Based Services , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[68]  Anna Monreale,et al.  Movement data anonymity through generalization , 2009, SPRINGL '09.