Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

Abedelaziz Mohaisen,Dowon Hong,DaeHun Nyang

DOI: https://doi.org/10.48550/arXiv.0903.2682

2009-03-16

Cryptography and Security

Abstract:Location based services (LBS) are one of the most promising and innovative directions of convergence technologies resulting of emergence of several fields including database systems, mobile communication, Internet technology, and positioning systems. Although being initiated as early as middle of 1990's, it is only recently that the LBS received a systematic profound research interest due to its commercial and technological impact. As the LBS is related to the user's location which can be used to trace the user's activities, a strong privacy concern has been raised. To preserve the user's location, several intelligent works have been introduced though many challenges are still awaiting solutions. This paper introduces a survey on LBS systems considering both localization technologies, model and architectures guaranteeing privacy. We also overview cryptographic primitive to possibly use in preserving LBS's privacy followed by fruitful research directions basically concerned with the privacy issue.

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Hongbo Jiang,Jie Li,Ping Zhao,Fanzi Zeng,Zhu Xiao,Arun Iyengar

DOI: https://doi.org/10.1145/3423165

IF: 16.6

2022-01-31

ACM Computing Surveys

Abstract:Location-based services (LBSs) provide enhanced functionality and convenience of ubiquitous computing, but they open up new vulnerabilities that can be utilized to violate the users’ privacy. The leakage of private location data in the LBS context has drawn significant attention from academics and industry due to its importance, leading to numerous research efforts aiming to confront the related challenges. However, to the best of our knowledge, none of relevant studies have performed a qualitative and quantitative comparison and analysis of the complex topic of designing countermeasures and discussed the viability of their use with different kinds of services and the potential elements that could be deployed to meet new challenges. Accordingly, the purpose of this survey is to examine the privacy-preserving techniques in LBSs. We categorize and provide an inside-out review of the existing techniques. Performing a retrospective analysis of several typical studies in each category, we summarize their basic principles and recent advances. Additionally, we highlight the use of privacy-preserving techniques in LBSs for enabling new research opportunities. Providing an up-to-date and comprehensive overview of existing studies, this survey may further stimulate new research efforts into this promising field.

computer science, theory & methods

Primault Vincent,Boutet Antoine,Ben Mokhtar Sonia,Brunie Lionel

DOI: https://doi.org/10.1109/COMST.2018.2873950

2018-10-09

Abstract:The widespread adoption of continuously connected smartphones and tablets developed the usage of mobile applications, among which many use location to provide geolocated services. These services provide new prospects for users: getting directions to work in the morning, leaving a check-in at a restaurant at noon and checking next day's weather in the evening are possible right from any mobile device embedding a GPS chip. In these location-based applications, the user's location is sent to a server, which uses them to provide contextual and personalised answers. However, nothing prevents the latter from gathering, analysing and possibly sharing the collected information, which opens the door to many privacy threats. Indeed, mobility data can reveal sensitive information about users, among which one's home, work place or even religious and political preferences. For this reason, many privacy-preserving mechanisms have been proposed these last years to enhance location privacy while using geolocated services. This article surveys and organises contributions in this area from classical building blocks to the most recent developments of privacy threats and location privacy-preserving mechanisms. We divide the protection mechanisms between online and offline use cases, and organise them into six categories depending on the nature of their algorithm. Moreover, this article surveys the evaluation metrics used to assess protection mechanisms in terms of privacy, utility and performance. Finally, open challenges and new directions to address the problem of computational location privacy are pointed out and discussed.

Cryptography and Security

Chi-Yin Chow,Mohamed F. Mokbel

DOI: https://doi.org/10.1145/2031331.2031335

2011-08-31

ACM SIGKDD Explorations Newsletter

Abstract:The ubiquity of mobile devices with global positioning functionality (e.g., GPS and AGPS) and Internet connectivity (e.g., 3G andWi-Fi) has resulted in widespread development of location-based services (LBS). Typical examples of LBS include local business search, e-marketing, social networking, and automotive traffic monitoring. Although LBS provide valuable services for mobile users, revealing their private locations to potentially untrusted LBS service providers pose privacy concerns. In general, there are two types of LBS, namely, snapshot and continuous LBS. For snapshot LBS, a mobile user only needs to report its current location to a service provider once to get its desired information. On the other hand, a mobile user has to report its location to a service provider in a periodic or on-demand manner to obtain its desired continuous LBS. Protecting user location privacy for continuous LBS is more challenging than snapshot LBS because adversaries may use the spatial and temporal correlations in the user's location samples to infer the user's location information with higher certainty. Such user location trajectories are also very important for many applications, e.g., business analysis, city planning, and intelligent transportation. However, publishing such location trajectories to the public or a third party for data analysis could pose serious privacy concerns. Privacy protection in continuous LBS and trajectory data publication has increasingly drawn attention from the research community and industry. In this survey, we give an overview of the state-of-the-art privacy-preserving techniques in these two problems.

Sheng Zhong,Yanbin Grace Liu,Yang Richard Yang

2004-01-01

Abstract:Mobility is key to personal freedom. With the increasing availability of mobile devices, many providers begin to offer location-based services. Although these services greatly enrich our mobility experiences, with them also comes the privacy concerns, as a location-based service provider now can continuously track the location of a user. This tracking may allow unauthorized access and cause serious consequences. Although a few solutions have been proposed to address the privacy concerns in various aspects, there has not been any comprehensive study of the problem; furthermore, most of the existing solutions require that a user trust a third party such as a location server. In this paper, we investigate privacy-preserving location- based services for the three components involved in pro- viding location-based services: the location-based service component, the localization component, and the commu- nications component. The focus of our study is on the location-based service component, but we also take the other two components into consideration. We identify two major types of location-based services and present novel designs to implement them without using a trusted server. Specifically, we first identify the general location- notification service, whose goal is to transfer location information of users to authorized entities. We design a security protocol to implement the service without trusting the location server. Thus our design uses the efficiency of a location server but does not suffer from associated privacy issues. Next, we investigate the design of an even more challenging location-based service: a location service whose goal is not transfering user location information but computing an outcome that is a function of user locations. We use dating service as an example and illustrate that an efficient protocol can be built such that no extra information about user locations is revealed during the service. For the localization component, we present an impossibility result and propose a privacy preserving localization technique based on directed signals. For the communications component, we propose an anonymous communication protocol. Our extensive evaluations show that our protocols have low overheads and are suitable for

Xiang-Yang Li,Taeho Jung

DOI: https://doi.org/10.1109/infcom.2013.6567085

2013-01-01

Abstract:Location-Based Service (LBS) becomes increasingly popular with the dramatic growth of smartphones and social network services (SNS), and its context-rich functionalities attract considerable users. Many LBS providers use users' location information to offer them convenience and useful functions. However, the LBS could greatly breach personal privacy because location itself contains much information. Hence, preserving location privacy while achieving utility from it is still an challenging question now. This paper tackles this non-trivial challenge by designing a suite of novel fine-grained Privacy-preserving Location Query Protocol (PLQP). Our protocol allows different levels of location query on encrypted location information for different users, and it is efficient enough to be applied in mobile platforms.

Yuanbo Cui,Fei Gao,Wenmin Li,Yijie Shi,Hua Zhang,Qiaoyan Wen,Emmanouil Panaousis

DOI: https://doi.org/10.3390/s20164651

IF: 3.9

2020-08-18

Sensors

Abstract:Location-Based Services (LBSs) are playing an increasingly important role in people’s daily activities nowadays. While enjoying the convenience provided by LBSs, users may lose privacy since they report their personal information to the untrusted LBS server. Although many approaches have been proposed to preserve users’ privacy, most of them just focus on the user’s location privacy, but do not consider the query privacy. Moreover, many existing approaches rely heavily on a trusted third-party (TTP) server, which may suffer from a single point of failure. To solve the problems above, in this paper we propose a Cache-Based Privacy-Preserving (CBPP) solution for users in LBSs. Different from the previous approaches, the proposed CBPP solution protects location privacy and query privacy simultaneously, while avoiding the problem of TTP server by having users collaborating with each other in a mobile peer-to-peer (P2P) environment. In the CBPP solution, each user keeps a buffer in his mobile device (e.g., smartphone) to record service data and acts as a micro TTP server. When a user needs LBSs, he sends a query to his neighbors first to seek for an answer. The user only contacts the LBS server when he cannot obtain the required service data from his neighbors. In this way, the user reduces the number of queries sent to the LBS server. We argue that the fewer queries are submitted to the LBS server, the less the user’s privacy is exposed. To users who have to send live queries to the LBS server, we employ the l-diversity, a powerful privacy protection definition that can guarantee the user’s privacy against attackers using background knowledge, to further protect their privacy. Evaluation results show that the proposed CBPP solution can effectively protect users’ location and query privacy with a lower communication cost and better quality of service.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zhen-gang WU,Hui-ping SUN,Zhi GUAN,Zhong CHEN

DOI: https://doi.org/10.3969/j.issn.1001-3695.2015.02.001

2015-01-01

Abstract:In the mobile Internet,mobile users send their personal location information to location based service(LBS)pro-viders and obtain point of interest(POI)data via spatial queries.In a continuous spatial query,a user submits multiple loca-tions along his trajectory.This query led to serious user privacy risks.Recently,the location privacy preservation technique of continuous spatial queries became a research hotspot in the wireless network security and privacy area.First,this paper intro-duced spatial queries and privacy threats in LBS.Next,it summed up privacy preservation models for continuous spatial que-ries,and compared the corresponding privacy preservation methods.Finally,it indicated the trends and future directions.

Zahrah A. Almusaylim,NZ Jhanjhi

DOI: https://doi.org/10.1007/s11277-019-06872-3

IF: 2.017

2019-10-17

Wireless Personal Communications

Abstract:One of the recent trends of networking and mobile technology is mobile cloud computing (MCC) that provides rich computational, storage resources and services in clouds to mobile users. MCC applications provide a variety of services to users and one of them is the location-based services (LBS) applications that are widely spread. By using mobile applications and LBS, mobile devices act as a thin client where the abundant data locations are collected and stored at the mobile cloud to provide corresponding services. Privacy of the user's location has been a renewed research interest and extensively studied in recent years. However, privacy is one of the most important challenges in MCC because the user's location on mobile devices is offloaded from mobile devices to cloud providers which can be utilized by third parties. Since protecting the privacy of the user is the key to maintain the trust on the mobile environment. LBS faces issues in protecting privacy such as, the privacy of user's current location, which may contain private information. In case, if the user's current location is compromised through unauthorized access, it possibly results in severe consequences. Therefore, protecting location privacy of the user while achieving precise location is still a challenge in MCC. This comprehensive research review will provide the challenge of protecting the privacy of user's location in MCC; analyze several related works regarding the issue. In addition, it suggests possible solutions related to the issue, in lighted few shortcomings which still needs attention with few related case studies.

telecommunications

Liang Yan,Lei Li,Xuejiao Mu,Hao Wang,Xian Chen,Hyoseop Shin

DOI: https://doi.org/10.3390/s23042121

IF: 3.9

2023-02-16

Sensors

Abstract:With the rapid development of intelligent mobile terminals and communication technologies, location-based services (LBSs) have become an essential part of users' lives. LBS providers upload and share the collected users' location data. The more commonly used methods for location privacy protection are differential privacy and its extensions. However, the semantic information about location, which is an integral part of the location data, often contains sensitive user information. Most existing research methods have failed to pay enough attention to protecting the semantic information in the location data. To remedy this problem, two different scenarios for location semantic privacy protection methods are proposed in this paper to address single-point and continuous location queries. Simulation experiments on real social location check-in datasets, and comparison of three different privacy protection mechanisms, show that our solution demonstrates good service quality and privacy protection considering location semantics.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Lan Zhang,Xibin Zhao,Ming Gu

2010-01-01

Abstract:As the wide use of personal mobile devices and rapid evolvement of location determining technologies, location-based services have largely enriched personal mobile applications. However, it brings a severe location privacy issue which has caught the attention of both industry and academia. This paper presents a brief survey of location determining technologies and location-based services. Then we proposed a formal model to mainly study the location privacy disclosure and protection problems on related work. Furthermore, there's a discussion about the potential future work.

Hao Zhou,Yingjie Wu,Sisi Zhong,Zhao Luo,Xiaodong Wang

DOI: https://doi.org/10.1109/icicee.2012.418

2012-01-01

Abstract:The query privacy issue in location-based services (LBS) has recently received considerable attention. To protect the query privacy of users, current state-of-the-art techniques adopt cloaking which cloaks the sender's location to k-anonymized spatial region (ASR), such that an attack based on the sender's location cannot identify the query source with probability larger than 1/k, among other k-1 users. However, these techniques do not consider that these k-1 additional mobile users with different privacy requirements may send request at the same time. In this paper, we propose a new attack model that an adversary who observes all the ASRs at one time can identify the query source with probability larger than 1/k based on prior knowledge of the locations of all users. And we propose our two algorithms, namely, Basic and Adaptive Algorithms, which strengthen the privacy guarantee to defend such inference attack while still support personalized user privacy requirements. We verify the effectiveness of the proposed algorithms by experiments on location data which synthetically generated on real road maps.

Fang-Jing Wu,Matthias R. Brust,Yan-Ann Chen,Tie Luo

DOI: https://doi.org/10.48550/arXiv.1808.01010

2018-08-02

Networking and Internet Architecture

Abstract:Mobile location-based services (LBSs) empowered by mobile crowdsourcing provide users with context-aware intelligent services based on user locations. As smartphones are capable of collecting and disseminating massive user location-embedded sensing information, privacy preservation for mobile users has become a crucial issue. This paper proposes a metric called privacy exposure to quantify the notion of privacy, which is subjective and qualitative in nature, in order to support mobile LBSs to evaluate the effectiveness of privacy-preserving solutions. This metric incorporates activity coverage and activity uniformity to address two primary privacy threats, namely activity hotspot disclosure and activity transition disclosure. In addition, we propose an algorithm to minimize privacy exposure for mobile LBSs. We evaluate the proposed metric and the privacy-preserving sensing algorithm via extensive simulations. Moreover, we have also implemented the algorithm in an Android-based mobile system and conducted real-world experiments. Both our simulations and experimental results demonstrate that (1) the proposed metric can properly quantify the privacy exposure level of human activities in the spatial domain and (2) the proposed algorithm can effectively cloak users' activity hotspots and transitions at both high and low user-mobility levels.

Ahmed Aloui,Okba Kazar,Samir Bourekkache,Aymen Chikh

DOI: https://doi.org/10.1080/17489725.2022.2041213

2022-03-12

Journal of Location Based Services

Abstract:In location-based services (LBS), the users with mobile devices share information such as their locations and queries to obtain desired services. Additionally, LBS providers are often able to track or record the movements of their users with great spatial and temporal accuracy. However, user location information can be misused by LBS providers or attackers, which creates privacy problems for users. This raises concerns about privacy breaches; therefore, many approaches have been proposed to protect user privacy. Thus, in previous works, the authors have proposed approaches to maintain the privacy of mobile users in the Euclidean space. However, it is difficult to apply current methods of Euclidean space to the environment of the road networks due to the topological characteristics of the road networks. In this paper, we propose a new approach to preserve user privacy in LBS over road networks. Additionally, in this paper, we provide new methods for selecting segments and users on the road network to face the attacks. Moreover, to evaluate our work, we compared it with other works such as MCC, BATCH, V-DCA, D-TC, and GCA approaches. After comparing these works, our work offers a good balance between quality of service and privacy.

Hongyu Jin,Panos Papadimitratos

DOI: https://doi.org/10.1145/3319401

2020-01-22

Abstract:Location-Based Services (LBSs) provide valuable services, with convenient features for mobile users. However, the location and other information disclosed through each query to the LBS erodes user privacy. This is a concern especially because LBS providers can be honest-but-curious, collecting queries and tracking users' whereabouts and infer sensitive user data. This motivated both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome disadvantages of centralized schemes, eliminating anonymizers, and enhancing users' control over sensitive information. However, an insecure decentralized system could create serious risks beyond private information leakage. More so, attacking an improperly designed decentralized LBS privacy protection scheme could be an effective and low-cost step to breach user privacy. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. We show our scheme can be deployed with off-the-shelf devices based on an experimental evaluation of an implementation in a static automotive testbed.

Cryptography and Security

Zhengang Wu,Liangwen Yu,Jiawei Zhu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-39527-7_31

2013-01-01

Abstract:With rapidly popular location-aware applications, location privacy becomes an emerging issue. This paper studies how to protect the two-fold privacy for both client-side and server-side in location-based queries. This technique is a significant component in privacy-friendly Location Based Services (LBS). Participants protect their own privacy. The LBS server protects against excessive disclose of location records in its Points of Interest (POIs) database while the mobile user protects his exact location by the cloaking technique. The proposed hybrid approach can achieve the challenging goal. Our solution integrates the cloaking technique with a cryptographic protocol, Private Set Intersection (PSI). In addition, this solution is secure in malicious model and also practical. © 2013 Springer-Verlag.

Alireza Partovi,Wei Zheng,Taeho Jung,Hai Lin

DOI: https://doi.org/10.48550/arXiv.2002.10055

2020-02-24

Abstract:In recent years, the widespread of mobile devices equipped with GPS and communication chips has led to the growing use of location-based services (LBS) in which a user receives a service based on his current location. The disclosure of user's location, however, can raise serious concerns about user privacy in general, and location privacy in particular which led to the development of various location privacy-preserving mechanisms aiming to enhance the location privacy while using LBS applications. In this paper, we propose to model the user mobility pattern and utility of the LBS as a Markov decision process (MDP), and inspired by probabilistic current state opacity notation, we introduce a new location privacy metric, namely $\epsilon-$privacy, that quantifies the adversary belief over the user's current location. We exploit this dynamic model to design a LPPM that while it ensures the utility of service is being fully utilized, independent of the adversary prior knowledge about the user, it can guarantee a user-specified privacy level can be achieved for an infinite time horizon. The overall privacy-preserving framework, including the construction of the user mobility model as a MDP, and design of the proposed LPPM, are demonstrated and validated with real-world experimental data.

Cryptography and Security

Xuemei Wei,Yang Qian,Chunhua Sun,Jianshan Sun,Yezheng Liu

DOI: https://doi.org/10.1007/s10707-021-00450-1

IF: 2.7729

2021-09-24

GeoInformatica

Abstract:The development of mobile devices and positioning technology has facilitated the rapid growth of location-based social networks (LBSNs). Users in these networks can share geo-related information in real-time, including locations, trajectories, geo-tagged pictures, and tweets. LBSNs record massive amounts of spatiotemporal data and offer a great opportunity to analyze human and location-specific spatiotemporal characteristics. It plays an important role in various applications, such as marketing, recommendations, and urban planning. In this study, we collect relevant literature about LBSNs research in the past 10 years and use a topic model, latent Dirichlet allocation (LDA), to uncover the highly heterogeneous area of research related to LBSNs. Then, we conduct a systematic review of those works. In doing so, we organize identified literature into eight fine-grained directions. For each direction, we sum up the major research focus and contributions. We also systematize future research into four main themes concerning data simulation and fusion, privacy-aware methods, new applications and services, and technological innovations.

computer science, information systems,geography, physical