Concepts for personal location privacy policies
Proceedings of the 3rd ACM conference on Electronic Commerce
Framework for security and privacy in automotive telematics
WMC '02 Proceedings of the 2nd international workshop on Mobile commerce
A Framework for Generating Network-Based Moving Objects
Geoinformatica
Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Achieving k-anonymity privacy protection using generalization and suppression
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Challenge: ubiquitous location-aware computing and the "place lab" initiative
Proceedings of the 1st ACM international workshop on Wireless mobile applications and services on WLAN hotspots
Mix Zones: User Privacy in Location-aware Services
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
Data Privacy through Optimal k-Anonymization
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Incognito: efficient full-domain K-anonymity
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Location Privacy in Mobile Systems: A Personalized Anonymization Model
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Protecting Location Privacy Through Path Confusion
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Supporting location-based conditions in access control policies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Mondrian Multidimensional K-Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
The new Casper: query processing for location services without compromising privacy
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
A peer-to-peer spatial cloaking algorithm for anonymous location-based service
GIS '06 Proceedings of the 14th annual ACM international symposium on Advances in geographic information systems
Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking
Proceedings of the 1st international conference on Mobile systems, applications and services
PRIVE: anonymous location-based queries in distributed mobile systems
Proceedings of the 16th international conference on World Wide Web
MOBIHIDE: a mobilea peer-to-peer system for anonymous location-based queries
SSTD'07 Proceedings of the 10th international conference on Advances in spatial and temporal databases
A formal model of obfuscation and negotiation for location privacy
PERVASIVE'05 Proceedings of the Third international conference on Pervasive Computing
Preserving user location privacy in mobile data management infrastructures
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Query-aware location anonymization for road networks
Geoinformatica
Trajectory privacy in location-based services and data publication
ACM SIGKDD Explorations Newsletter
Proceedings of the 4th ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
A classification of location privacy attacks and approaches
Personal and Ubiquitous Computing
Hi-index | 0.00 |
An important privacy issue in Location Based Services is to hide a user's identity while still provide quality location based services. Previous work has addressed the problem of locational $\mathcal{K}$ -anonymity either based on centralized or decentralized schemes. However, a centralized scheme relies on an anonymizing server (AS) for location cloaking, which may become the performance bottleneck when there are large number of clients. More importantly, holding information in a centralized place is more vulnerable to malicious attacks. A decentralized scheme depends on peer communication to cloak locations and is more scalable. However, it may pose too much computation and communication overhead to the clients. The service fulfillment rate may also be unsatisfied especially when there are not enough peers nearby. This paper proposes a new hybrid framework called HiSC that balances the load between the AS and mobile clients. HiSC partitions the space into base cells and a mobile client claims a surrounding area consisting of base cells. The number of mobile clients in the surrounding cells is kept and updated at both client and AS sides. A mobile client can either request cloaking service from the centralized AS or use a peer-to-peer approach for spatial cloaking based on personalized privacy, response time, and service quality requirements. HiSC can elegantly distribute the work load between the AS and the mobile clients by tuning one system parameter base cell size and two client parameters - surrounding cell size and tolerance count. By integrating salient features of two schemes, HiSC successfully preserves query anonymity and provides more scalable and consistent service. Both the AS and the clients can enjoy much less work load. Additionally, we propose a simple yet effective random range shifting algorithm to prevent possible privacy leakage that would exist in the original P2P approach. Our experiments show that HiSC can elegantly balance the work load based on privacy requirements and client distribution. HiSC provides close to optimal service quality. Meanwhile, it reduces the response time by more than an order of magnitude from both the P2P scheme and the centralized scheme when anonymity level(value of $\mathcal{K}$ ) or number of clients is large. It also reduces the update message cost of the AS by nearly 6 times and the peer searching message cost of the clients by more than an order of magnitude.