Towards Privacy-Aware Location-Based Database Servers

The wide spread of location-based services results in a strong market for location-detection devices (e.g., GPS-like devices, RFIDs, handheld devices, and cellular phones). Examples of location-based services include location-aware emergency service, location-based advertisement, live traffic reports, and location-based store finder. However, location-detection devices pose a major privacy threat on its users where it transmits private information (i.e., the location) to the server who may be untrustworthy. The existing model of location-based applications trades service with privacy where if a user wants to keep her private location information, she has to turn off her location-detection device, i.e., unsubscribe from the service. This paper tackles this model in a way that protects the user privacy while keeping the functionality of location-based services. The main idea is to employ a trusted third party, the Location Anonymizer, that expands the user location into a spatial region such that: (1) The exact user location can lie anywhere in the spatial region, and (2) There are k other users within the expanded spatial region so that each user is k-anonymous. The location-based database server is equipped with additional functionalities that support spatio-temporal queries based on the spatial region received from the location anonymizer rather than the exact point location received from the user.

[1]  Haibo Hu,et al.  When location-based services meet databases , 2005, Mob. Inf. Syst..

[2]  Marco Gruteser,et al.  USENIX Association , 1992 .

[3]  Eija Kaasinen,et al.  User needs for location-aware mobile services , 2003, Personal and Ubiquitous Computing.

[4]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[5]  Divyakant Agrawal,et al.  Privacy Preserving Query Processing Using Third Parties , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[6]  Peter Steenkiste,et al.  Protecting Access to People Location Information , 2003, SPC.

[7]  Peter Steenkiste,et al.  Access Control to Information in Pervasive Computing Environments , 2003, HotOS.

[8]  David J. DeWitt,et al.  Mondrian Multidimensional K-Anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[9]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[10]  Gus Hosein,et al.  They Know Where You Are , 2007 .

[11]  Anind K. Dey,et al.  Location-Based Services for Mobile Telephony: a Study of Users' Privacy Concerns , 2003, INTERACT.

[12]  Adam Meyerson,et al.  On the complexity of optimal K-anonymity , 2004, PODS.

[13]  Christos Faloutsos,et al.  Auditing Compliance with a Hippocratic Database , 2004, VLDB.

[14]  Roberto J. Bayardo,et al.  Data privacy through optimal k-anonymization , 2005, 21st International Conference on Data Engineering (ICDE'05).

[15]  Ralf Hartmut Güting,et al.  SECONDO: an extensible DBMS platform for research prototyping and teaching , 2005, 21st International Conference on Data Engineering (ICDE'05).

[16]  David J. DeWitt,et al.  Limiting Disclosure in Hippocratic Databases , 2004, VLDB.

[17]  Marco Gruteser,et al.  Protecting privacy, in continuous location-tracking applications , 2004, IEEE Security & Privacy Magazine.

[18]  Sunil Prabhakar,et al.  Evaluating probabilistic queries over imprecise data , 2003, SIGMOD '03.

[19]  Wenliang Du,et al.  Secure multi-party computation problems and their applications: a review and open problems , 2001, NSPW '01.

[20]  Walid G. Aref,et al.  SINA: scalable incremental processing of continuous queries in spatio-temporal databases , 2004, SIGMOD '04.

[21]  Chris J. Mitchell,et al.  A Proposed Architecture for Trusted Third Party Services , 1995, Cryptography: Policy and Algorithms.

[22]  Walid G. Aref,et al.  Towards scalable location-aware services: requirements and research issues , 2003, GIS '03.

[23]  Pierangela Samarati,et al.  Location privacy in pervasive computing , 2008 .

[24]  Marco Gruteser,et al.  Data Protection and Data Sharing in Telematics , 2004, Mob. Networks Appl..

[25]  Walid G. Aref,et al.  Scalable spatio-temporal continuous query processing for location-aware services , 2004, Proceedings. 16th International Conference on Scientific and Statistical Database Management, 2004..

[26]  Marco Gruteser,et al.  Privacy-Aware Location Sensor Networks , 2003, HotOS.

[27]  Jennifer Widom,et al.  Vision Paper: Enabling Privacy for the Paranoids , 2004, VLDB.

[28]  Sharad Mehrotra,et al.  Approximate selection queries over imprecise data , 2004, Proceedings. 20th International Conference on Data Engineering.

[29]  Ling Liu,et al.  A Customizable k-Anonymity Model for Protecting Location Privacy , 2004 .

[30]  Walid G. Aref,et al.  PLACE: A Query Processor for Handling Real-time Spatio-temporal Data Streams , 2004, VLDB.

[31]  Naphtali Rishe,et al.  Management of Dynamic Location Information in DOMINO , 2002, EDBT.

[32]  Alexandre V. Evfimievski,et al.  Information sharing across private databases , 2003, SIGMOD '03.

[33]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[34]  Asim Smailagic,et al.  Location sensing and privacy in a context-aware computing environment , 2002, IEEE Wirel. Commun..

[35]  Laura M. Haas,et al.  Transforming Heterogeneous Data with Database Middleware: Beyond Integration , 1999, IEEE Data Eng. Bull..

[36]  John Krumm,et al.  Data Store Issues for Location-Based Services , 2005, IEEE Data Eng. Bull..

[37]  David J. DeWitt,et al.  Incognito: efficient full-domain K-anonymity , 2005, SIGMOD '05.

[38]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[39]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[40]  Roger Barga,et al.  Proceedings of the 22nd International Conference on Data Engineering Workshops, ICDE 2006, 3-7 April 2006, Atlanta, GA, USA , 2006, ICDE Workshops.

[41]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[42]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[43]  Christian S. Jensen Database Aspects of Location-Based Services , 2004, Location-Based Services.

[44]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[45]  Nectaria Tryfona,et al.  Location-based services: A database perspective , 2001, ScanGIS.