Privacy considerations for cloud-based positioning

Cloud-based positioning provides better support for resource-constrained mobile devices; however, the user's location information is exposed during positioning when the computation is performed on the cloud. The improper exposure of location information could result in severe consequences that make users the target of fraudulent attacks. This study proposes a privacy-preserving localization scheme based on homomorphic encryption techniques in order to protect user privacy from both imminent attackers and untrusted cloud servers. The proposed algorithm exposes unreliable cloud only an encrypted version of the measurements and allows positioning to be performed in an encrypted domain. This scheme prevents cloud servers from understanding the computed results and avoid an adversary monitoring the transmission to log user behavior. On-site experiments show the feasibility of our approach. The results show that positioning in an encrypted domain would not affect accuracy. Experimental results also show that the proposed algorithm requires less computational overhead and achieves higher privacy level simultaneously compared to traditional encryption approaches.

[1]  Marc Joye,et al.  Optimal Left-to-Right Binary Signed-Digit Recoding , 2000, IEEE Trans. Computers.

[2]  Wade Trappe,et al.  Robust statistical methods for securing wireless localization in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[3]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[4]  Moe Z. Win,et al.  Intentional Network Interference for Denial of Wireless Eavesdropping , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[5]  Shih-Hau Fang,et al.  An encryption-based approach for protecting privacy in network-based location systems , 2011, 2011 International Conference on Machine Learning and Cybernetics.

[6]  Yingying Chen,et al.  Robust wireless localization to attacks on access points , 2009, 2009 IEEE Sarnoff Symposium.

[7]  Moe Z. Win,et al.  The role of aggregate interference on intrinsic network secrecy , 2012, 2012 IEEE International Conference on Communications (ICC).

[8]  Guangli Xiang,et al.  The Protection Methods for Mobile Code Based on Homomorphic Encryption and Data Confusion , 2011, 2011 Fifth International Conference on Management of e-Commerce and e-Government.

[9]  Craig Gentry,et al.  Fully Homomorphic Encryption without Squashing Using Depth-3 Arithmetic Circuits , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[10]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[11]  Walid G. Aref,et al.  The New Casper: A Privacy-Aware Location-Based Database Server , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[12]  Kang G. Shin,et al.  Privacy protection for users of location-based services , 2012, IEEE Wireless Communications.

[13]  Yung-Hsiang Lu,et al.  Energy savings in privacy-preserving computation offloading with protection by homomorphic encryption , 2010 .

[14]  Mohamed F. Mokbel,et al.  Privacy in Location-Based Services: State-of-the-Art and Research Directions , 2007, 2007 International Conference on Mobile Data Management.

[15]  Andrzej Cichocki,et al.  Simplified neural networks for solving linear least squares and total least squares problems in real time , 1994, IEEE Trans. Neural Networks.

[16]  Dengfeng Li,et al.  The location privacy protection research in location-based service , 2010, 2010 18th International Conference on Geoinformatics.

[17]  Hyundong Shin,et al.  Secure node packing of large-scale wireless networks , 2012, 2012 IEEE International Conference on Communications (ICC).

[18]  Mikkel Baun Kjærgaard,et al.  Improving pervasive positioning through three-tier cyber foraging , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[19]  Wei Xie,et al.  Security and Privacy in Cloud Computing: A Survey , 2010, 2010 Sixth International Conference on Semantics, Knowledge and Grids.

[20]  Hui Li,et al.  Elastic stream cloud (ESC): A stream-oriented cloud computing platform for Rich Internet Application , 2010, 2010 International Conference on High Performance Computing & Simulation.