An Obfuscation-Based Approach for Protecting Location Privacy

The pervasive diffusion of mobile communication devices and the technical improvements of location techniques are fostering the development of new applications that use the physical position of users to offer location-based services for business, social, or informational purposes. In such a context, privacy concerns are increasing and call for sophisticated solutions able to guarantee different levels of location privacy to the users. In this paper, we address this problem and present a solution based on different obfuscation operators that, when used individually or in combination, protect the privacy of the location information of users. We also introduce an adversary model and provide an analysis of the proposed obfuscation operators to evaluate their robustness against adversaries aiming to reverse the obfuscation effects to retrieve a location that better approximates the location of the users. Finally, we present some experimental results that validate our solution.

[1]  Sara Foresti,et al.  Microdata Protection , 2007, Encyclopedia of Cryptography and Security.

[2]  Sushil Jajodia,et al.  Protecting Privacy Against Location-Based Personal Identification , 2005, Secure Data Management.

[3]  F. Gustafsson,et al.  Mobile positioning using wireless networks: possibilities and fundamental limitations based on available wireless network measurements , 2005, IEEE Signal Processing Magazine.

[4]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[6]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[7]  Vijayalakshmi Atluri,et al.  A Profile Anonymization Model for Privacy in a Personalized Location Based Service Environment , 2008, The Ninth International Conference on Mobile Data Management (mdm 2008).

[8]  Bhavani M. Thuraisingham,et al.  Privacy constraint processing in a privacy-enhanced database management system , 2005, Data Knowl. Eng..

[9]  Bhavani M. Thuraisingham,et al.  Dependable Infrastructures and Data Managers for Sensor Networks , 2003, 2003 The Ninth IEEE International Workshop on Object-Oriented Real-Time Dependable Systems.

[10]  Ernesto Damiani,et al.  Toward Exploiting Location-Based and Video Information in Negotiated Access Control Policies , 2005, ICISS.

[11]  Marco Gruteser,et al.  Protecting Location Privacy Through Path Confusion , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[12]  Sushil Jajodia,et al.  Secure Data Management in Decentralized Systems , 2014, Secure Data Management in Decentralized Systems.

[13]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[14]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[15]  Marco Gruteser,et al.  USENIX Association , 1992 .

[16]  Mikael Andersson,et al.  Probability, Statistics, and Stochastic Processes: Olofsson/Probability 2E , 2005 .

[17]  Aarnout Brombacher,et al.  Probability... , 2009, Qual. Reliab. Eng. Int..

[18]  Ernesto Damiani,et al.  Location Privacy Protection Through Obfuscation-Based Techniques , 2007, DBSec.

[19]  Pierangela Samarati,et al.  Location privacy in pervasive computing , 2008 .

[20]  Anind K. Dey,et al.  Location-Based Services for Mobile Telephony: a Study of Users' Privacy Concerns , 2003, INTERACT.

[21]  P. Bellavista,et al.  Efficiently managing location information with privacy requirements in Wi-Fi networks: a middleware approach , 2005, 2005 2nd International Symposium on Wireless Communication Systems.

[22]  Bhavani M. Thuraisingham,et al.  Directions for security and privacy for semantic e-business applications , 2005, CACM.

[23]  Lars Kulik,et al.  Location privacy and location-aware computing , 2006 .

[24]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[25]  Ernesto Damiani,et al.  Supporting location-based conditions in access control policies , 2006, ASIACCS '06.

[26]  K.J.R. Liu,et al.  Signal processing techniques in network-aided positioning: a survey of state-of-the-art positioning designs , 2005, IEEE Signal Processing Magazine.

[27]  T D'Roza,et al.  An Overview of Location-Based Services , 2003 .

[28]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[29]  Stan Lipovetsky,et al.  Probability, Statistics, and Stochastic Processes , 2006, Technometrics.

[30]  Frank Stajano,et al.  Mix zones: user privacy in location-aware services , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[31]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[32]  Ernesto Damiani,et al.  A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy , 2007, SEC.

[33]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.