Subscribe
Issue No.01 - January-February (2011 vol.8)
pp: 13-27
Marco Cremonini , University of Milan, Crema
Sabrina De Capitani di Vimercati , University of Milan, Crema
Pierangela Samarati , University of Milan, Crema
ABSTRACT
The pervasive diffusion of mobile communication devices and the technical improvements of location techniques are fostering the development of new applications that use the physical position of users to offer location-based services for business, social, or informational purposes. In such a context, privacy concerns are increasing and call for sophisticated solutions able to guarantee different levels of location privacy to the users. In this paper, we address this problem and present a solution based on different obfuscation operators that, when used individually or in combination, protect the privacy of the location information of users. We also introduce an adversary model and provide an analysis of the proposed obfuscation operators to evaluate their robustness against adversaries aiming to reverse the obfuscation effects to retrieve a location that better approximates the location of the users. Finally, we present some experimental results that validate our solution.
INDEX TERMS
Privacy, obfuscation techniques, location-based services.
CITATION
Marco Cremonini, Sabrina De Capitani di Vimercati, Pierangela Samarati, "An Obfuscation-Based Approach for Protecting Location Privacy", IEEE Transactions on Dependable and Secure Computing, vol.8, no. 1, pp. 13-27, January-February 2011, doi:10.1109/TDSC.2009.25
REFERENCES
[1] C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati, "Supporting Location-Based Conditions in Access Control Policies," Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS '06), Mar. 2006.
[2] C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati, "A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy," Proc. IFIP Int'l Information Security Conf. (SEC '07), May 2007.
[3] C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and S. Samarati, "Location Privacy Protection through Obfuscation-Based Techniques," Proc. IFIP Working Conf. Data and Applications Security (DBSEC '07), July 2007.
[4] L. Barkhuus and A. Dey, "Location-Based Services for Mobile Telephony: A Study of User's Privacy Concerns," Proc. IFIP Int'l Conf. Human-Computer Interaction (INTERACT '03), Sept. 2003.
[5] P. Bellavista, A. Corradi, and C. Giannelli, "Efficiently Managing Location Information with Privacy Requirements in Wi-Fi Networks: A Middleware Approach," Proc. Int'l Symp. Wireless Comm. Systems (ISWCS '05), Sept. 2005.
[6] A.R. Beresford and F. Stajano, "Location Privacy in Pervasive Computing," IEEE Pervasive Computing, vol. 2, no. 1, pp. 46-55, Jan.-Mar. 2003.
[7] A.R. Beresford and F. Stajano, "Mix Zones: User Privacy in Location-Aware Services," Proc. IEEE Ann. Conf. Pervasive Computing and Comm. Workshops (PERCOMW '04), Mar. 2004.
[8] C. Bettini, X.S. Wang, and S. Jajodia, "Protecting Privacy against Location-Based Personal Identification," Proc. Second VLDB Workshop Secure Data Management, 2005.
[9] "Rental Firm Uses GPS in Speeding Fine," Chicago Tribune, p. 9, July 2001.
[10] V. Ciriani, S. De Capitani di Vimercati, S. Foresti, and P. Samarati, "K-Anonymity," Secure Data Management in Decentralized Systems, T. Yu and S. Jajodia, eds., Springer-Verlag, 2007.
[11] V. Ciriani, S. De Capitani di Vimercati, S. Foresti, and P. Samarati, "Microdata Protection," Secure Data Management in Decentralized Systems, T. Yu and S. Jajodia, eds., Springer-Verlag, 2007.
[12] E. Damiani, M. Anisetti, and V. Bellandi, "Toward Exploiting Location-Based and Video Information in Negotiated Access Control Policies," Proc. Int'l Conf. Information Systems Security (ICISS '05), Dec. 2005.
[13] T. D'Roza and G. Bilchev, "An Overview of Location-Based Services," BT Technology J., vol. 21, no. 1, pp. 20-27, Jan. 2003.
[14] M. Duckham and L. Kulik, "A Formal Model of Obfuscation and Negotiation for Location Privacy," Proc. Int'l Conf. Pervasive Computing (PERVASIVE '05), May 2005.
[15] M. Duckham and L. Kulik, "Dynamic & Mobile GIS: Investigating Change in Space and Time," Location Privacy and Location-Aware Computing, Taylor & Francis, 2006.
[16] B. Gedik and L. Liu, "Protecting Location Privacy with Personalized K-Anonymity: Architecture and Algorithms," IEEE Trans. Mobile Computing, vol. 7, no. 1, pp. 1-18, Jan. 2008.
[17] Geographic Location/Privacy (Geopriv), http://www.ietf.org/html.chartersgeopriv-charter.html , Sept. 2006.
[18] G. Ghinita, P. Kalnis, and S. Skiadopoulos, "Privè: Anonymous Location-Based Queries in Distributed Mobile Systems," Proc. Int'l World Wide Web Conf. (WWW '07), May 2007.
[19] M. Gruteser and D. Grunwald, "Anonymous Usage of Location-Based Services through Spatial and Temporal Cloaking," Proc. MobiSys '03, May 2003.
[20] F. Gustafsson and F. Gunnarsson, "Mobile Positioning Using Wireless Networks: Possibilities and Fundamental Limitations Based on Available Wireless Network Measurements," IEEE Signal Processing Magazine, vol. 22, no. 4, pp. 41-53, July 2005.
[21] B. Ho and M. Gruteser, "Protecting Location Privacy through Path Confusion," Proc. IEEE/CreateNet SecureComm '05, Sept. 2005.
[22] B. Hoh, M. Gruteser, H. Xiong, and A. Alrabady, "Preserving Privacy in GPS Traces via Density-Aware Path Cloaking," Proc. ACM Conf. Computer and Comm. Security (CCS '07), Oct. 2007.
[23] M. Langheinrich, "Privacy by Design-Principles of Privacy-Aware Ubiquitous Systems," Proc. Symp. Ubiquitous Computing (UBICOMP '01), Sept./Oct. 2001.
[24] M. Langheinrich, "A Privacy Awareness System for Ubiquitous Computing Environments," Proc. Symp. Ubiquitous Computing (UBICOMP '02), Sept./Oct. 2002.
[25] J.-W. Lee, "Location-Tracing Sparks Privacy Concerns," Korea Times, http:/times.hankooki.com, Nov. 2004.
[26] Loopt, http:/www.loopt.com/, Dec. 2008.
[27] M.F. Mokbel, C.-Y. Chow, and W.G. Aref, "The New Casper: Query Processing for Location Services without Compromising Privacy," Proc. Int'l Conf. Very Large Data Bases (VLDB '06), Sept. 2006.
[28] P. Olofsson, Probability, Statistics and Stochastic Processes. John Wiley & Sons, Inc., 2005.
[29] Privacy Rights Clearinghouse/UCAN, A Chronology of Data Breaches, http://www.privacyrights.org/arChronDataBreaches. htm , 2006.
[30] P. Samarati, "Protecting Respondents' Identities in Microdata Release," IEEE Trans. Knowledge and Data Eng., vol. 13, no. 6, pp. 1010-1027, Nov./Dec. 2001.
[31] H. Shin, V. Atluri, and J. Vaidya, "A Profile Anonymization Model for Privacy in a Personalized Location Based Service Environment," Proc. Int'l Conf. Mobile Data Management (MDM '08), Apr. 2008.
[32] G. Sun, J. Chen, W. Guo, and K.J.R. Liu, "Signal Processing Techniques in Network-Aided Positioning: A Survey of State-of-the-Art Positioning Designs," IEEE Signal Processing Magazine, vol. 22, no. 4, pp. 12-23, July 2005.
[33] B. Thuraisingham, "Dependable Infrastructures and Data Managers for Sensor Networks," Proc. IEEE Int'l Workshop Object-Oriented Real-Time Dependable Systems (WORDS '03), Oct. 2003.
[34] B. Thuraisingham, "Directions for Security and Privacy for Semantic E-Business Applications," Comm. ACM, vol. 48, no. 12, pp. 71-73, Dec. 2005.
[35] B. Thuraisingham, "Privacy Constraint Processing in a Privacy-Enhanced Database Management System," Data and Knowledge Eng., vol. 55, no. 2, pp. 159-188, Nov. 2005.