Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Imran Memon,Ibrar Hussain,Rizwan Akhtar,Gencai Chen

DOI: https://doi.org/10.1007/s11277-015-2699-1

IF: 2.017

2015-01-01

Wireless Personal Communications

Abstract:Past few years, the mobile technology and location based services have experienced a great increment in number of its users. The privacy issues related to these services are becoming main concerns because of the leakage of users' private information and contents. To prevent revelation of private information, many researchers have proposed several secure and authentication schemes which apply various technologies to provide integral security properties, such as symmetric encryption, digital signature, timestamp, etc. Unfortunately, some of these schemes still exhibit security and efficiency issues. In this research paper, we proposed an efficient and secure anonymous communication for location based service using asymmetric cryptography scheme over the wireless system was attempted missing some system detail. We also proposed the prevent user private information and secure communication by asymmetric cryptography scheme. We solved the wireless communication problem in A3 algorithm such as eavesdropping and this problem solved by asymmetric cryptography scheme because of its robustness against this type of attack by providing mutual authentication make the system more secure. Finally, performance and cost analysis show our scheme is more suitable for low-power and resource limited wireless system and thus availability for real implementation. According to our security analysis and performance, we can prove that our proposed asymmetric cryptography scheme is able to improve wireless communication system security and enhance efficiency in comparison to previous schemes.

Ji-ming Chen,Ting-ting Li,Liang-jun Wang

DOI: https://doi.org/10.1177/1550147719841494

IF: 1.938

2019-01-01

International Journal of Distributed Sensor Networks

Abstract:Location-based services has been widely applied in cloud-enabled Internet of vehicles. Within these services, location privacy issues have captured significant attention. Vehicles use the technology of anonymity to implement occultation, the location is not revealed. In this process, large-scale data transmissions can reduce the quality of services. In order to ensure location privacy and high-quality services, the cloud manager customizes virtual machines for vehicles to support location-based services according to the vehicles’ demands. To achieve better performance, this article presents a conditional anonymity method that does not use bilinear pairings to address the problem of privacy disclosure by using discrete logarithm problem and Diffie–Hellman problem. Moreover, asymmetric key algorithms are used in the Internet of vehicles environment to reduce the cost. To guarantee secure data transmission in Internet of vehicles, the batch validation technique is used to address data integrity. Our theoretical security analysis and experiments show that the proposed scheme is secure in compared attack models, such as impersonation attacks, replay attacks, the man-in-the-middle attacks, and so on. Our proposed scheme ensures the security requirements such as message authentication, location privacy protection, and traceability, while lowering transmission and computation cost.

Sheng Zhong,Yanbin Grace Liu,Yang Richard Yang

2004-01-01

Abstract:Mobility is key to personal freedom. With the increasing availability of mobile devices, many providers begin to offer location-based services. Although these services greatly enrich our mobility experiences, with them also comes the privacy concerns, as a location-based service provider now can continuously track the location of a user. This tracking may allow unauthorized access and cause serious consequences. Although a few solutions have been proposed to address the privacy concerns in various aspects, there has not been any comprehensive study of the problem; furthermore, most of the existing solutions require that a user trust a third party such as a location server. In this paper, we investigate privacy-preserving location- based services for the three components involved in pro- viding location-based services: the location-based service component, the localization component, and the commu- nications component. The focus of our study is on the location-based service component, but we also take the other two components into consideration. We identify two major types of location-based services and present novel designs to implement them without using a trusted server. Specifically, we first identify the general location- notification service, whose goal is to transfer location information of users to authorized entities. We design a security protocol to implement the service without trusting the location server. Thus our design uses the efficiency of a location server but does not suffer from associated privacy issues. Next, we investigate the design of an even more challenging location-based service: a location service whose goal is not transfering user location information but computing an outcome that is a function of user locations. We use dating service as an example and illustrate that an efficient protocol can be built such that no extra information about user locations is revealed during the service. For the localization component, we present an impossibility result and propose a privacy preserving localization technique based on directed signals. For the communications component, we propose an anonymous communication protocol. Our extensive evaluations show that our protocols have low overheads and are suitable for

Zhaowei Hu,Kaiyi Hu,Milu Md Khaled Hasan

DOI: https://doi.org/10.1371/journal.pone.0309990

IF: 3.7

2024-09-06

PLoS ONE

Abstract:Various methods such as k-anonymity and differential privacy have been proposed to safeguard users' private information in the publication of location service data. However, these typically employ a rigid "all-or-nothing" privacy standard that fails to accommodate users' more nuanced and multi-level privacy-related needs. Data is irrecoverable once anonymized, leading to a permanent reduction in location data quality, in turn significantly diminishing data utility. In the paper, a novel, bidirectional and multi-layered location privacy protection method based on attribute encryption is proposed. This method offers layered, reversible, and fine-grained privacy safeguards. A hierarchical privacy protection scheme incorporates various layers of dummy information, using an access structure tree to encrypt identifiers for these dummies. Multi-level location privacy protection is achieved after adding varying amounts of dummy information at different hierarchical levels N. This allows for precise control over the de-anonymization process, where users may adjust the granularity of anonymized data based on their own trust levels for multi-level location privacy protection. This method includes an access policy which functions via an attribute encryption-based access control system, generating decryption keys for data identifiers according to user attributes, facilitating a reversible transformation between data anonymity and de-anonymity. The complexities associated with key generation, distribution, and management are thus markedly reduced. Experimental comparisons with existing methods demonstrate that the proposed method effectively balances service quality and location privacy, providing users with multi-level and reversible privacy protection services.

Linke Guo,Chi Zhang,Yuguang Fang

DOI: https://doi.org/10.1109/CNS.2013.6682699

2013-01-01

Abstract:Location-based services enable people to obtain various kinds of services based on their current locations. Recently, the geosocial networking services, which utilize mobile users' location information to realize social interactions, lead to numerous fascinating applications, such as content sharing, social shopping, food sourcing, and so on. However, extensive and unnecessary uses of mobile users' spatial and temporal information pose conspicuous privacy threats not only to their locations, but also to the shared contents, which may contain sensitive information, such as special interests, real identity, and crucial social relationships. To preserve the privacy of mobile users, we may apply the attribute-based encryption (ABE) schemes to secure mobile users' location and their contents. Unfortunately, existing approaches fail to jointly consider the privacy of the past shared contents and the accessibility of the updated contents for non-revoked users. In this paper, we propose a privacy-preserving revocable content sharing scheme in geosocial networks. Our scheme allows mobile users to share their encrypted location-based contents on an untrusted server without revealing actual location information, and further enables other mobile users who physically check in at the particular location to search and decrypt the content if they have the corresponding attributes. Importantly, to secure mobile users' past shared contents and the corresponding location information, we design an efficient ciphertext update scheme to allow encrypted shared contents to be periodically updated and become inaccessible to revoked users. By trace-driven simulations, we show both the efficiency and privacy preservation of the proposed scheme.

Chang Xu,Xuan Xie,Liehuang Zhu,Kashif Sharif,Chuan Zhang,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.1007/s11432-019-1508-6

2020-01-01

Science China Information Sciences

Abstract:The recent proliferation of mobile devices has given rise to mobile online social networks(m OSNs), an emerging network paradigm that uses social networks as its main design element. As one of the most critical components in m OSNs, location sharing plays an important role in helping users share information and strengthen their social bonds, which however may compromise users’ privacy, including location information and social relationship details. To address these challenges, some solutions have been proposed. However, none of them considers the privacy of inter-user threshold distance, which effectively can be used to identify users, their friends, and location information, by malicious or undesired elements of the system. To overcome this limitation, we propose a secure distance comparison protocol. Furthermore,we present a privacy-preserving location-sharing scheme(PPLS), which allows users to build more complex access control policies. The safety of our scheme is validated by the security analysis and the experimental results demonstrate the efficiency of PPLS scheme.

Fengwei Wang,Hui Zhu,Rongxing Lu,Fen Liu,Cheng Huang,Hui Li

DOI: https://doi.org/10.1109/jiot.2017.2766701

2018-01-01

Abstract:With the pervasiveness of location-aware mobile terminals and the popularity of social applications, location-based social networking service (LBSNS) has brought great convenience to people's life. Meanwhile, proximity detection, which makes LBSNS more flexible, has aroused widespread concern. However, the prosperity of LBSNS still faces many severe challenges on account of users' location privacy and data security. In this paper, we propose two efficient and privacy-preserving proximity detection schemes, named arbitrary geometric range query for polygons (AGRQ-P) and arbitrary geometric range query for circles (AGRQ-C), for location-based social applications. With proposed schemes, a user can choose any area on the map, and query whether her/his friends are within the region without divulging the query information to both social application servers and other users, meanwhile, the accurate locations of her/his friends are also confidential for the servers and the query user. Specifically, with algorithms based on ciphertext of geometric range query, users' query and location information is blurred into ciphertext in client, thus no one but the user knows her/his own sensitive information. Detailed security analysis shows that various security threats can be defended. In addition, the proposed schemes are implemented in an IM APP with a real LBS dataset, and extensive simulation results over smart phones further demonstrate that AGRQ-P and AGRQ-C are highly efficient and can be implemented effectively.

Shengchao Liu,Jessie Hui Wang,Jilong Wang,Qianli Zhang

DOI: https://doi.org/10.1109/access.2020.2978488

IF: 3.9

2020-01-01

IEEE Access

Abstract:As location-based services become widely used in daily life, there is growing concern in preserving location privacy of users to avoid that attackers infer information about users by collecting and analyzing requests initiated by users. We argue that a good location privacy preservation scheme should have these properties. First, a user should never expose its precise location to any other entity. Second, a user should be able to specify its own requirement on the strength of privacy preservation, since a stricter preservation requirement may increase its overhead. Third, the scheme should be able to preserve as many as possible aspects of users' privacy under various attacks. With these desired properties in mind, we carefully design an encoding scheme of users' identifiers and a fully distributed architecture for our purpose and propose a privacy preservation scheme based on them. With the help of the encoding scheme and the distributed architecture, we develop a distributed negotiation algorithm to help users conduct negotiations among themselves to find their cloaked regions that satisfy their self-defined requirements without exposing their precise locations. The negotiations are completed without coordination from any central servers, and a random proxy is selected for each individual request, therefore the potential risks caused by any central server (location-based service servers or trusted-third-party servers) are mitigated as much as possible. Experiments show that our scheme can satisfy different strengths of privacy preservation required by each user even under the most severe scenarios.

Meng Han,Lei Li,Ying Xie,Jinbao Wang,Zhuojun Duan,Ji Li,Mingyuan Yan

DOI: https://doi.org/10.1109/access.2018.2805464

IF: 3.9

2018-01-01

IEEE Access

Abstract:While enjoying the convenience of location-based services (LBSs) in everyday life, wireless device users could also put their location privacy at risk. An untrusted LBS provider can store mobile users' data on its server, track users in various ways or share users location data to the third parties. To protect LBS users' privacy, many position confusion algorithms were proposed, but those algorithms often have difficulty balancing the utility-privacy tradeoffs. In this paper, we propose a new cognitive approach that enables nearcomplete privacy protection for LBS users by leveraging existing social network resources. We introduce a heterogeneous multi-server architecture that cuts off the direct connection between the LBS queries and the query issuers, and an auction-based incentive mechanism guaranteed user participation, which is critical for the success of the proposed architecture. A simulation system and a smartphone application were developed, and our evaluation results show that the proposed method can not only achieve the near-total privacy protection for LBS users, but also significantly improve the quality of the services.

Meng Han,Jinbao Wang,Mingyuan Yan,Chuyu Ai,Zhuojun Duan,Zhen Hong

DOI: https://doi.org/10.1016/j.procs.2018.03.079

2018-01-01

Procedia Computer Science

Abstract:While enjoying the amenities and convenience provided by the location-based service (LBS) in our daily life, wireless device users may surrender their location together with social activity privacy to the LBS provider. The untrusted LBS server has all the information about users in the LBS and it may track them in various ways or release their privacy data to third parties. To address the privacy protection issue, many location obfuscation algorithms behind a location-privacy preserving mechanisms (LPPMs) were proposed but only approached the trade-off between utility and privacy. Unlike the existing approaches, we propose the first methodology and application, to the best of our knowledge, that enables a near-complete location privacy protection for LBS users to achieve an cognitive optimal resolution by employing the social network associated with the LBS to separate the utility and privacy. Evaluation of both simulation and practical smartphone application shows that the proposed methodology could achieve a near-complete privacy protection in terms of entropy and significantly improve the quality of service utility.

Shushu Liu,An Liu,Lei Zhao,Guanfeng Liu,Zhixu Li,Pengpeng Zhao,Kai Zheng,Lu Qin

DOI: https://doi.org/10.1007/978-3-319-32049-6_19

2016-01-01

Abstract:Data privacy in location-based services involves two aspects. The location of a user is a kind of private data as many sensitive information can be inferred from it given some background knowledge. On the other hand, the POI database is a great asset to the LBS provider as its construction requires many resources and efforts. In this paper, we propose a method of protecting mutual privacy i.e., the location of the user issuing a query and the POI database of the LBS provider for location-based query processing. Our approach consists of two steps: data preparation and query processing. Data preparation is conducted by LBS itself and is totally an offline computation, while query processing involves some online computation and multiple rounds of communication between LBS and the user. We implement the query processing by two rounds of oblivious transfer extension OT-Extension on two small key sets, resulting an immediate response even on some big POI databases. We also theoretically prove the security and analyze the complexity of our approach. Compared with two state-of-the-art methods, our approach has several orders of magnitude improvement in response time, at the expense of little and acceptable communication cost.

Eric Ke Wang,Yunming Ye,S. M. Yiu,L. C. K. Hui

DOI: https://doi.org/10.7763/ijcce.2013.v2.200

2013-01-01

International Journal of Computer and Communication Engineering

Abstract:—The wide use of mobile social networks has made it easier for people to share and exchange information with others anywhere, anytime. However, sharing operations of personal data on mobile social networks has put individual privacy under risk in unprecedented ways. We propose a protocol for privacy-preserving P2P information sharing for mobile social networking; because of the limitation of computation and communication for mobile devices, traditional privacy-preserving information sharing for private data sources cannot be applied in mobile social networks. Therefore, we designed a lightweight obfuscation and encryption model to defend against honest-but-curious behavior attack. The protocol is practical for mobile devices and the simulation performance is encouraging.

Han Wang,Yang Qin,Zechao Liu,Yibing Li

DOI: https://doi.org/10.1145/3321408.3323079

2019-01-01

Abstract:With the rapid development of global positioning system, cellular networks and relative technologies, people can request location-based services (LBSs) from the service provider using a handheld device quickly and easily. This greatly facilitates people's life. However, it brings a lot of privacy leakage problems. To reduce it, many methods have been proposed. But, they still don't balance the intensity and efficiency of privacy protection very well. Based on distributed storage and the quadratic residual theorem, this paper proposes a LBS user privacy protection scheme with both security features and efficiency. The traditional encryption method, private information retrieval (PIR), will bring high communication cost and computing pressure on the server side. A distributed storage system architecture can greatly reduce network overhead and the risk that the server will identify the user's real location because requests can be answered by the caching proxies without arriving at the server. To enable encrypted requests to be answered correctly by the caching proxies without being known by proxies, we build an index table. Compared with the similar work, simulation results show that our scheme can effectively reduce user communication and server computing overhead.

Shuyang Tang,Shengli Liu,Xinyi Huang,Zhiqiang Liu

DOI: https://doi.org/10.1504/ijcse.2019.103946

2019-01-01

International Journal of Computational Science and Engineering

Abstract:We propose an efficient privacy-preserving, content-protecting location-based service (LBS) scheme. Our proposal gives refined data classification and uses generalised ElGamal to support flexible access to different data classes. We also make use of pseudo-random function (PRF) to protect users' position query. Since PRF is light-weight primitive, our proposal enables the cloud server to locate position efficiently while preserving the privacy of the queried position.

Qingshui Xue,Tianrui Cui

DOI: https://doi.org/10.1109/iciibms60103.2023.10347863

2023-01-01

Abstract:We proposes a privacy-preserving location sharing scheme based on Learning with Errors (LWE) encryption, emphasizing its ability to resist quantum computing attacks and provide a high level of security. In order for real-world usage, we focus on its efficiency, flexibility, and adaptability for streaming. Location privacy has has emerged as a critical concern in today's data-driven society, due to the widespread usage of location-based services and the growing demand for personalized information. We leverages for fast and accurate information retrieval while maintaining robust privacy guarantees, achieving peer-to-peer transmission, 128-bit security or higher and an unparalleled throughput of 10 GB/s/core Through extensive experimental evaluations conducted on real-world deployments, we demonstrate the remarkable performance of our scheme in terms of preserving privacy and retrieval speed, particularly for streaming location data.

Yuwei Yao,Xinpeng Zhang,Hanzhou Wu,Zichi Wang,Jiangfeng Wang

DOI: https://doi.org/10.1080/02564602.2020.1737586

2020-01-01

Abstract:With the development of smartphones and mobile wireless network, social discovery applications are becoming more and more popular now. These applications help users to chat with nearby people and make friends. However, the location of a user could be exploited by attackers in some situations. This paper concentrates on the protection of location privacy in social discovery application. Firstly, we formalize the location attack problem using probability theory. Then we propose a new distance obfuscation method to defend the location inference attack. Guided by entropy theory, we obfuscate the distance between two users with a specific probability instead of random obfuscation to make the inference attack more difficult. To keep the balance between the privacy level and the service quality, we resolve the optimal mechanism. Experimental results show that the proposed method performs well in protecting the users' locations without significantly compromising the quality-of-service of social discovery applications.

Yu Wang,Dingbang Xu,Xiao He,Chao Zhang,Fan Li,Bin Xu

DOI: https://doi.org/10.1109/INFCOM.2012.6195577

2012-01-01

Abstract:Location privacy has been a serious concern for mobile users who use location-based services provided by the third-party provider via mobile networks. Recently, there have been tremendous efforts on developing new anonymity or obfuscation techniques to protect location privacy of mobile users. Though effective in certain scenarios, these existing techniques usually assume that a user has a constant privacy requirement along spatial and/or temporal dimensions, which may not be true in real-life scenarios. In this paper, we introduce a new location privacy problem: Location-aware Location Privacy Protection (L2P2) problem, where users can define dynamic and diverse privacy requirements for different locations. The goal of the L2P2 problem is to find the smallest cloaking area for each location request so that diverse privacy requirements over spatial and/or temporal dimensions are satisfied for each user. In this paper, we formalize two versions of the L2P2 problem, and propose several efficient heuristics to provide such location-aware location privacy protection for mobile users. Through multiple simulations on a large data set of trajectories for one thousand mobile users, we confirm the effectiveness and efficiency of the proposed L2P2 algorithms.

Shengke Zeng,Yi Mu,Mingxing He,Yong Chen

DOI: https://doi.org/10.1007/s11277-018-5748-8

IF: 2.017

2018-01-01

Wireless Personal Communications

Abstract:Location-based services (LBS) are very popular for personal communications in the mobile Internet. In such applications, users make use of the mobile devices to obtain the information of the nearest gas stations, restaurants, banks etc from service provider (SP), as well as identification of the optimal route to reach destination according to user position. Obviously, location data is effective for service provisioning. Therefore, the privacy threat is the inherent problem in LBS. Previous known solutions for privacy-preserving LBS require to blind the location data to SP. Consequently, it certainly suffers from a privacy/quality of service trade-off. We present a new approach to handle such problem for privacy-aware LBS communications. In our protocol, the user submits the exact location to SP to obtain the high quality service, while his location data and the communication transcript cannot be the evidence to be obtained by any third party. Hence the privacy of this user is preserved. We take the deniable (ring) authentication as the building blocks. In this way, it is not necessary for the user to provide coarse location information which would degrade the service quality certainly.