Privacy for Profitable Location Based Services

Location based services (LBS) are distributed multi-party infrastructures with the opportunity to generate profitable m-business applications. Also, LBS pose a great risk for their users' privacy, as they have access to private information about a person's whereabouts in a particular context. As location data is the essential input for LBS, protection of privacy in LBS is not a problem of providing anonymity by supressing data release, but a problem of identity management and control over information handling. In this paper we show a solution that ensures a LBS user's control over location information with managed identities. At the same time, our solution enables profitable business models, e.g. for mobile telephony operators. Additionally, we provide fine-grained consent management for the LBS user.

[1]  Jeevan Jaisingh,et al.  Privacy and Information Markets: An Experimental Study , 2004, PACIS.

[2]  Sebastian Clauß,et al.  Identity management and its support of multilateral security , 2001, Comput. Networks.

[3]  Kim Sheehan,et al.  Toward a Typology of Internet Users and Online Privacy Concerns , 2002, Inf. Soc..

[4]  Gary T. Marx,et al.  What's in a Name? Some Reflections on the Sociology of Anonymity , 1999, Inf. Soc..

[5]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[6]  Anind K. Dey,et al.  Location-Based Services for Mobile Telephony: a Study of Users' Privacy Concerns , 2003, INTERACT.

[7]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[8]  Marco Gruteser,et al.  USENIX Association , 1992 .

[9]  L. Camp Economics of Information Security , 2006 .

[10]  Frank Rose The Economics, Concept, and Design of Information Intermediaries , 1998 .

[11]  Peter Reichl,et al.  Distributed Temporary Pseudonyms: A New Approach for Protecting Location Information in Mobile Communication Networks , 1998, ESORICS.

[12]  Yves Pigneur,et al.  Business Model Analysis Applied to Mobile Business , 2003, ICEIS.

[13]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[14]  Daniela Gerd tom Markotten,et al.  Usability meets security - the Identity-Manager as your personal security assistant for the Internet , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[15]  Jussi Myllymaki,et al.  Location aggregation from multiple sources , 2002, Proceedings Third International Conference on Mobile Data Management MDM 2002.

[16]  Einar Snekkenes,et al.  Concepts for personal location privacy policies , 2001, EC '01.

[17]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[18]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[19]  H. Buhl,et al.  Information Age Economy , 2001 .

[20]  Klaus Turowski,et al.  Mobile commerce : Grundlagen und Techniken , 2004 .

[21]  Alessandro Acquisti,et al.  Privacy and Security of Personal Information - Economic Incentives and Technological Solutions , 2004, Economics of Information Security.

[22]  Hannes Federrath,et al.  Security in Public Mobile Communication Networks , 1995 .

[23]  Dieter Gollmann,et al.  Computer Security — ESORICS 98 , 1998, Lecture Notes in Computer Science.

[24]  K. Sheehan,et al.  Dimensions of Privacy Concern among Online Consumers , 2000 .

[25]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[26]  Peter Parnes,et al.  Location privacy in the Alipes platform , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[27]  William E. Winkler,et al.  Re-identification Methods for Masked Microdata , 2004, Privacy in Statistical Databases.