Privacy in Georeferenced Context-aware Services: A Survey

Location based services (LBS) are a specific instance of a broader class of Internet services that are predicted to become popular in a near future: context-aware services. The privacy concerns that LBS have raised are likely to become even more serious when several context data, other than location and time, are sent to service providers as part of an Internet request. This paper provides a classification and a brief survey of the privacy preservation techniques that have been proposed for this type of services. After identifying the benefits and shortcomings of each class of techniques, the paper proposes a combined approach to achieve a more comprehensive solution for privacy preservation in georeferenced context-aware services.

[1]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[2]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[3]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[4]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[5]  R. Sandhu,et al.  Access control: principles and practice , 1994, IEEE Commun. Mag..

[6]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[7]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[8]  Michael K. Reiter,et al.  Anonymous Web transactions with Crowds , 1999, CACM.

[9]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[10]  Sabrina De Capitani di Vimercati,et al.  Access Control: Policies, Models, and Mechanisms , 2000, FOSAD.

[11]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[12]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[13]  Wenliang Du,et al.  Secure Multi-party Computational Geometry , 2001, WADS.

[14]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[15]  Mustaque Ahamad,et al.  A context-aware security architecture for emerging applications , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[16]  Arun Kumar,et al.  Context sensitivity in role-based access control , 2002, OPSR.

[17]  Roy H. Campbell,et al.  Routing through the mist: privacy preserving communication in ubiquitous computing environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[18]  Marco Gruteser,et al.  USENIX Association , 1992 .

[19]  Paul Dourish,et al.  Unpacking "privacy" for a networked world , 2003, CHI '03.

[20]  Peter F. Patel-Schneider,et al.  Enabling context-aware and privacy-conscious user data sharing , 2004, IEEE International Conference on Mobile Data Management, 2004. Proceedings. 2004.

[21]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[22]  Mikhail J. Atallah,et al.  Privacy-preserving location-dependent query processing , 2004, The IEEE/ACS International Conference onPervasive Services, 2004. ICPS 2004. Proceedings..

[23]  Antonio Corradi,et al.  Context-based access control management in ubiquitous environments , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[24]  James A. Landay,et al.  Personal privacy through understanding and action: five pitfalls for designers , 2004, Personal and Ubiquitous Computing.

[25]  Douglas M. Blough,et al.  Data obfuscation: anonymity and desensitization of usable data sets , 2004, IEEE Security & Privacy Magazine.

[26]  Fabien L. Gandon,et al.  Semantic web technologies to reconcile privacy and context awareness , 2003, Journal of Web Semantics.

[27]  Peter Steenkiste,et al.  Access control to people location information , 2005, TSEC.

[28]  Charu C. Aggarwal,et al.  On k-Anonymity and the Curse of Dimensionality , 2005, VLDB.

[29]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[30]  Markus Endler,et al.  A Privacy Service for Context-aware Mobile Computing , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[31]  Yufei Tao,et al.  Personalized privacy preservation , 2006, Privacy-Preserving Data Mining.

[32]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[33]  John Daniels,et al.  Java™ on the bare metal of wireless sensor devices: the squawk Java virtual machine , 2006, VEE '06.

[34]  Peter Steenkiste,et al.  Avoiding privacy violations caused by context-sensitive services , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[35]  Peter Steenkiste,et al.  Avoiding Privacy Violations Caused by Context-Sensitive Services , 2006, PerCom.

[36]  Jizhong Zhao,et al.  A Study on Context-aware Privacy Protection for Personal Information , 2007, 2007 16th International Conference on Computer Communications and Networks.

[37]  Jadwiga Indulska,et al.  Context Privacy and Obfuscation Supported by Dynamic Context Source Discovery and Processing in a Context Management System , 2007, UIC.

[38]  Qiang Wang,et al.  Zero-Knowledge-Based User Authentication Technique in Context-aware System , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[39]  Lalana Kagal,et al.  Proteus: A Semantic Context-Aware Adaptive Policy Model , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[40]  Vijayalakshmi Atluri,et al.  A geotemporal role-based authorisation system , 2007, Int. J. Inf. Comput. Secur..

[41]  Ernesto Damiani,et al.  Location Privacy Protection Through Obfuscation-Based Techniques , 2007, DBSec.

[42]  Vijayalakshmi Atluri,et al.  Efficient Security Policy Enforcement in a Location Based Service Environment , 2007, DBSec.

[43]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[44]  Claudio Bettini,et al.  Shadow attacks on users' anonymity in pervasive computing environments , 2008, Pervasive Mob. Comput..

[45]  Vijayalakshmi Atluri,et al.  A Profile Anonymization Model for Privacy in a Personalized Location Based Service Environment , 2008, The Ninth International Conference on Mobile Data Management (mdm 2008).

[46]  Claudio Bettini,et al.  Privacy Protection through Anonymity in Location-based Services , 2008, Handbook of Database Security.

[47]  Elizabeth Papadopoulou,et al.  Using User Preferences to Enhance Privacy in Pervasive Systems , 2008, Third International Conference on Systems (icons 2008).

[48]  David Kotz,et al.  AnonySense: Opportunistic and Privacy-Preserving Context Collection , 2009, Pervasive.

[49]  Marten van Sinderen,et al.  Quality-of-Context and its use for Protecting Privacy in Context Aware Systems , 2008, J. Softw..

[50]  Hua Lu,et al.  SpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[51]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[52]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[53]  Claudio Bettini,et al.  Composition and Generalization of Context Data for Privacy Preservation , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[54]  Nalini Venkatasubramanian,et al.  Privacy-preserving event detection in pervasive spaces , 2009, 2009 IEEE International Conference on Pervasive Computing and Communications.

[55]  Sushil Jajodia,et al.  Preserving Anonymity of Recurrent Location-Based Queries , 2009, 2009 16th International Symposium on Temporal Representation and Reasoning.