Enhancing Customer Privacy for Commercial Continuous Location-Based Services

The likelihood of consumers to use commercial location-based services significantly depends on their perception of privacy protection by the service provider. In this paper we discuss existing privacy-enhancing architectures for LBS and argue that they are either not applicable or insufficient for services requiring continuous location queries. In order to offer such services providers often prefer to refrain from storing fine-grained location information of their customers. Instead some form of data aggregation on the mobile device is used and only aggregated information is released to the service provider upon approval of the customer. This leads to a rather loose integration of the mobile device into the backend process. We explain our concept for such an enhanced architecture and discuss some implementation aspects. The work has been motivated by a specific application scenario in an insurance context for which we are currently developing a prototype.

[1]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[2]  Bernhard Walke,et al.  Enabling High Performance Mobile Web Services Provisioning , 2009, 2009 IEEE 70th Vehicular Technology Conference Fall.

[3]  A. Khoshgozaran,et al.  SPIRAL: A Scalable Private Information Retrieval Approach to Location Privacy , 2008, 2008 Ninth International Conference on Mobile Data Management Workshops, MDMW.

[4]  Jeremy L. Jacob,et al.  Security specifications , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[5]  Roy Fielding,et al.  Architectural Styles and the Design of Network-based Software Architectures"; Doctoral dissertation , 2000 .

[6]  Lars Kulik Privacy for real-time location-based services , 2009, SIGSPACIAL.

[7]  M. Decker,et al.  Location Privacy-An Overview , 2008, 2008 7th International Conference on Mobile Business.

[8]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[9]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[10]  Hua Lu,et al.  SpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[11]  Marco Gruteser,et al.  USENIX Association , 1992 .

[12]  Cesare Pautasso,et al.  Restful web services vs. "big"' web services: making the right architectural decision , 2008, WWW.