Locally differentially private continuous location sharing with randomized response

With the growing popularity of fifth-generation-enabled Internet of Things devices with localization capabilities, as well as on-building fifth-generation mobile network, location privacy has been giving rise to more frequent and extensive privacy concerns. To continuously enjoy services of location-based applications, one needs to share his or her location information to the corresponding service providers. However, these continuously shared location information will give rise to significant privacy issues due to the temporal correlation between locations. In order to solve this, we consider applying practical local differential privacy to private continuous location sharing. First, we introduce a novel definition of [Formula: see text]-local differential privacy to capture the temporal correlations between locations. Second, we present a generalized randomized response mechanism to achieve [Formula: see text]-local differential privacy for location privacy preservation, which obtains the upper bound of error, and serve it as the basic building block to design a unified private continuous location sharing framework with an untrusted server. Finally, we conduct experiments on the real-world Geolife dataset to evaluate our framework. The results show that generalized randomized response significantly outperforms planar isotropic mechanism in the context of utility.

Download Full-text

A Location Privacy Attack Based on the Location Sharing Mechanism with Erroneous Distance in Geosocial Networks

Sensors ◽

10.3390/s20030918 ◽

2020 ◽

Vol 20 (3) ◽

pp. 918 ◽

Cited By ~ 1

Author(s):

Tu-Liang Lin ◽

Hong-Yi Chang ◽

Sheng-Lin Li

Keyword(s):

Location Privacy ◽

Service Providers ◽

Dominating Set ◽

Research Area ◽

Location Based Services ◽

Location Information ◽

Distance Information ◽

Space Partition ◽

Location Sharing ◽

True Location

Geographical social networks (GSN) is an emerging research area. For example, Foursquare, Yelp, and WeChat are all well-known service providers in this field. These applications are also known as location-based services (LBS). Previous studies have suggested that these location-based services may expose user location information. In order to ensure the privacy of the user’s location data, the service provider may provide corresponding protection mechanisms for its applications, including spatial cloaking, fuzzy location information, etc., so that the user’s real location cannot be easily cracked. It has been shown that if the positioning data provided by the user is not accurate enough, it is still difficult for an attacker to obtain the user’s true location. Taking this factor into consideration, our attack method is divided into two stages for the entire attack process: (1) Search stage: cover the area where the targeted user is located with unit discs, and then calculate the minimum dominating set. Use the triangle positioning method to find the minimum precision disc. (2) Inference phase: Considering the existence of errors, an Error-Adjusted Space Partition Attack Algorithm (EASPAA) was proposed during the inference phase. Improved the need for accurate distance information to be able to derive the user’s true location. In this study, we focus on the Location Sharing Mechanism with Maximal Coverage Limit to implement the whole attack. Experimental results show that the proposed method still can accurately infer the user’s real location even when there is an error in the user’s location information.

Download Full-text

Privacy vs. Reward in Indoor Location-Based Services

Proceedings on Privacy Enhancing Technologies ◽

10.1515/popets-2016-0031 ◽

2016 ◽

Vol 2016 (4) ◽

pp. 102-122 ◽

Cited By ~ 3

Author(s):

Kassem Fawaz ◽

Kyu-Han Kim ◽

Kang G. Shin

Keyword(s):

Location Privacy ◽

Indoor Localization ◽

Service Providers ◽

Location Based Services ◽

Location Information ◽

Privacy Concerns ◽

Indoor Location ◽

Location Data ◽

Personalized Services ◽

Privacy Risks

AbstractWith the advance of indoor localization technology, indoor location-based services (ILBS) are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service), a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.

Download Full-text

Formal Verification of Authentication and Service Authorization Protocols in 5G-Enabled Device-to-Device Communications Using ProVerif

Electronics ◽

10.3390/electronics10131608 ◽

2021 ◽

Vol 10 (13) ◽

pp. 1608

Author(s):

Ed Kamya Kiyemba Edris ◽

Mahdi Aiash ◽

Jonathan Loo

Keyword(s):

Service Providers ◽

Security Analysis ◽

Mobile Network ◽

Network Services ◽

Control Mechanisms ◽

D2d Communications ◽

Fifth Generation ◽

Device To Device ◽

Pi Calculus ◽

Authentication And Authorization

Device-to-Device (D2D) communications will be used as an underlay technology in the Fifth Generation mobile network (5G), which will make network services of multiple Service Providers (SP) available anywhere. The end users will be allowed to access and share services using their User Equipments (UEs), and thus they will require seamless and secured connectivity. At the same time, Mobile Network Operators (MNOs) will use the UE to offload traffic and push contents closer to users relying on D2D communications network. This raises security concerns at different levels of the system architecture and highlights the need for robust authentication and authorization mechanisms to provide secure services access and sharing between D2D users. Therefore, this paper proposes a D2D level security solution that comprises two security protocols, namely, the D2D Service security (DDSec) and the D2D Attributes and Capability security (DDACap) protocols, to provide security for access, caching and sharing data in network-assisted and non-network-assisted D2D communications scenarios. The proposed solution applies Identity-based Encryption (IBE), Elliptic Curve Integrated Encryption Scheme (ECIES) and access control mechanisms for authentication and authorization procedures. We formally verified the proposed protocols using ProVerif and applied pi calculus. We also conducted a security analysis of the proposed protocols.

Download Full-text

ILSSPP: Intelligent location sharing system with privacy preserving features for smart cities

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-219102 ◽

2021 ◽

pp. 1-12

Author(s):

Gokay Saldamli ◽

Richard Chow ◽

Hongxia Jin

Keyword(s):

Service Providers ◽

Smart Cities ◽

User Interaction ◽

Privacy Preserving ◽

Location Based Services ◽

Third Party ◽

Location Information ◽

Fine Grained ◽

Location Sharing ◽

Social Network Structure

Social networking services are increasingly accessed through mobile devices. This trend has prompted services such as Facebook and Google+to incorporate location as a de facto feature of user interaction. At the same time, services based on location such as Foursquare and Shopkick are also growing as smartphone market penetration increases. In fact, this growth is happening despite concerns (growing at a similar pace) about security and third-party use of private location information (e.g., for advertising). Nevertheless, service providers have been unwilling to build truly private systems in which they do not have access to location information. In this paper, we describe an architecture and a trial implementation of a privacy-preserving location sharing system called ILSSPP. The system protects location information from the service provider and yet enables fine grained location-sharing. One main feature of the system is to protect an individual’s social network structure. The pattern of location sharing preferences towards contacts can reveal this structure without any knowledge of the locations themselves. ILSSPP protects locations sharing preferences through protocol unification and masking. ILSSPP has been implemented as a standalone solution, but the technology can also be integrated into location-based services to enhance privacy.

Download Full-text

Enabling Location Privacy Preservation in MANETs Based on Distance, Angle, and Spatial Cloaking

Electronics ◽

10.3390/electronics9030458 ◽

2020 ◽

Vol 9 (3) ◽

pp. 458

Author(s):

Nanlan Jiang ◽

Sai Yang ◽

Pingping Xu

Keyword(s):

Privacy Preservation ◽

Location Privacy ◽

Differential Privacy ◽

Geographic Routing ◽

Base Station ◽

Wireless Channel ◽

Location Based Services ◽

Location Information ◽

Communication Overhead ◽

Spatial Cloaking

Preserving the location privacy of users in Mobile Ad hoc Networks (MANETs) is a significant challenge for location information. Most of the conventional Location Privacy Preservation (LPP) methods protect the privacy of the user while sacrificing the capability of retrieval on the server-side, that is, legitimate devices except the user itself cannot retrieve the location in most cases. On the other hand, applications such as geographic routing and location verification require the retrievability of locations on the access point, the base station, or a trusted server. Besides, with the development of networking technology such as caching technology, it is expected that more and more distributed location-based services will be deployed, which results in the risk of leaking location information in the wireless channel. Therefore, preserving location privacy in wireless channels without losing the retrievability of the real location is essential. In this paper, by focusing on the wireless channel, we propose a novel LPP enabled by distance (ranging result), angle, and the idea of spatial cloaking (DSC-LPP) to preserve location privacy in MANETs. DSC-LPP runs without the trusted third party nor the traditional cryptography tools in the line-of-sight environment, and it is suitable for MANETs such as the Internet of Things, even when the communication and computation capabilities of users are limited. Qualitative evaluation indicates that DSC-LPP can reduce the communication overhead when compared with k-anonymity, and the computation overhead of DSC-LPP is limited when compared with conventional cryptography. Meanwhile, the retrievability of DSC-LPP is higher than that of k-anonymity and differential privacy. Simulation results show that with the proper design of spatial divisions and parameters, other legitimate devices in a MANET can correctly retrieve the location of users with a high probability when adopting DSC-LPP.

Download Full-text

Prophet: A Context-Aware Location Privacy-Preserving Scheme in Location Sharing Service

Discrete Dynamics in Nature and Society ◽

10.1155/2017/6814832 ◽

2017 ◽

Vol 2017 ◽

pp. 1-11 ◽

Cited By ~ 1

Author(s):

Jiaxing Qu ◽

Guoyin Zhang ◽

Zhou Fang

Keyword(s):

Location Privacy ◽

Behavior Patterns ◽

Location Information ◽

Context Aware ◽

Mobile Social Networks ◽

New Class ◽

Privacy Threats ◽

Temporal Correlations ◽

Location Sharing ◽

State Classification

Location sharing service has become an indispensable part in mobile social networks. However, location sharing may introduce a new class of privacy threats ranging from localizing an individual to profiling and identifying him based on the places he shared. Although users may avoid releasing geocontent in sensitive locations, it does not necessarily prevent the adversary from inferring users’ privacy through space-temporal correlations and historical information. In this paper, we design a Prophet framework, which provides an effective security scheme for users sharing their location information. First, we define fingerprint identification based on Markov chain and state classification to describe the users’ behavior patterns. Then, we propose a novel location anonymization mechanism, which adopts a ε-indistinguishability strategy to protect user’s sensitive location information published. Finally, experimental results are given to illustrate good performance and effectiveness of the proposed scheme.

Download Full-text

Toward Addressing Location Privacy Issues: New Affiliations with Social and Location Attributes

Future Internet ◽

10.3390/fi11110234 ◽

2019 ◽

Vol 11 (11) ◽

pp. 234 ◽

Cited By ~ 2

Author(s):

Vgena ◽

Kitsiou ◽

Kalloniatis ◽

Kavroudakis ◽

Gritzalis

Keyword(s):

Systematic Review ◽

Social Media ◽

Information Disclosure ◽

Location Privacy ◽

Location Information ◽

Sensitive Information ◽

Privacy Concerns ◽

Location Sharing ◽

Privacy Issues ◽

Different Levels

Nowadays, location-sharing applications (LSA) within social media enable users to share their location information at different levels of precision. Users on their side are willing to disclose this kind of information in order to represent themselves in a socially acceptable online way. However, they express privacy concerns regarding potential malware location-sharing applications, since users’ geolocation information can provide affiliations with their social identity attributes that enable the specification of their behavioral normativity, leading to sensitive information disclosure and privacy leaks. This paper, after a systematic review on previous social and privacy location research, explores the overlapping of these fields in identifying users’ social attributes through examining location attributes while online, and proposes a targeted set of location privacy attributes related to users’ socio-spatial characteristics within social media.

Download Full-text

Differential Privacy Location Protection Scheme Based on Hilbert Curve

Security and Communication Networks ◽

10.1155/2021/5574415 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Jie Wang ◽

Feng Wang ◽

Hongtao Li

Keyword(s):

Privacy Protection ◽

Location Privacy ◽

Differential Privacy ◽

Dimensional Space ◽

Location Based Services ◽

Data Availability ◽

Location Information ◽

Hilbert Curve ◽

One Dimensional ◽

Protection Scheme

Location-based services (LBS) applications provide convenience for people’s life and work, but the collection of location information may expose users’ privacy. Since these collected data contain much private information about users, a privacy protection scheme for location information is an impending need. In this paper, a protection scheme DPL-Hc is proposed. Firstly, the users’ location on the map is mapped into one-dimensional space by using Hilbert curve mapping technology. Then, the Laplace noise is added to the location information of one-dimensional space for perturbation, which considers more than 70% of the nonlocation information of users; meanwhile, the disturbance effect is achieved by adding noise. Finally, the disturbed location is submitted to the service provider as the users’ real location to protect the users’ location privacy. Theoretical analysis and simulation results show that the proposed scheme can protect the users’ location privacy without the trusted third party effectively. It has advantages in data availability, the degree of privacy protection, and the generation time of anonymous data sets, basically achieving the balance between privacy protection and service quality.

Download Full-text

Location recommendation privacy protection method based on location sensitivity division

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-019-1606-y ◽

2019 ◽

Vol 2019 (1) ◽

Cited By ~ 4

Author(s):

Chunyong Yin ◽

Xiaokang Ju ◽

Zhichao Yin ◽

Jin Wang

Keyword(s):

Service Quality ◽

Privacy Protection ◽

Location Privacy ◽

Differential Privacy ◽

Experimental Results ◽

Location Information ◽

Location Recommendation ◽

Protection Method ◽

Privacy Budget ◽

The Impact

AbstractLocation-based recommendation services can provide users with convenient services, but this requires monitoring and collecting a large amount of location information. In order to prevent location information from being leaked after monitoring and collection, location privacy must be effectively protected. Therefore, this paper proposes a privacy protection method based on location sensitivity for location recommendation. This method uses location trajectories and check-in frequencies to set a threshold so as to classify location sensitivity levels. The corresponding privacy budget is then assigned based on the sensitivity to add Laplace noise that satisfies the differential privacy. Experimental results show that this method can effectively protect the user’s location privacy and reduce the impact of differential privacy noise on service quality.

Download Full-text

Noise-added selection method for location-based service using differential privacy in Internet of Things

Advances in Mechanical Engineering ◽

10.1177/1687814018822393 ◽

2019 ◽

Vol 11 (1) ◽

pp. 168781401882239 ◽

Cited By ~ 1

Author(s):

Zhimin Li ◽

Haoze Lv ◽

Zhaobin Liu

Keyword(s):

Big Data ◽

Internet Of Things ◽

Privacy Protection ◽

Location Privacy ◽

Differential Privacy ◽

Poor Performance ◽

Data Availability ◽

Location Information ◽

Location Based Service ◽

Protection Method

With the development of Internet of Things, many applications need to use people’s location information, resulting in a large amount of data need to be processed, called big data. In recent years, people propose many methods to protect privacy in the location-based service aspect. However, existing technologies have poor performance in big data area. For instance, sensor equipments such as smart phones with location record function may submit location information anytime and anywhere which may lead to privacy disclosure. Attackers can leverage huge data to achieve useful information. In this article, we propose noise-added selection algorithm, a location privacy protection method that satisfies differential privacy to prevent the data from privacy disclosure by attacker with arbitrary background knowledge. In view of Internet of Things, we maximize the availability of data and algorithm when protecting the information. In detail, we filter real-time location distribution information, use our selection mechanism for comparison and analysis to determine privacy-protected regions, and then perform differential privacy on them. As shown in the theoretical analysis and the experimental results, the proposed method can achieve significant improvements in security, privacy, and complete a perfect balance between privacy protection level and data availability.

Download Full-text