Location-Privacy Leakage and Integrated Solutions for 5G Cellular Networks and Beyond

The 5g of cellular networks improves the precision of user localization and provides the means to disclose location information to ott service providers. The nwdaf can further elaborate this information at an aggregated level using artificial intelligence techniques. These powerful features may lead to the improper use of user location information by mno and ott service providers. Moreover, vulnerabilities at various layers may also leak user location information to eavesdroppers. Hence, the privacy of users is likely at risk, as location is part of their sensitive data. In this paper, we first go through the evolution of localization in cellular networks and investigate their effects on location privacy. Then, we propose a location-privacy-preserving integrated solution comprising virtual private mobile networks, an independent authentication and billing authority, and functions to protect wireless signals against location information leakage. Moreover, we advocate the continuous and detailed control of localization services by the user.

Download Full-text

Privacy vs. Reward in Indoor Location-Based Services

Proceedings on Privacy Enhancing Technologies ◽

10.1515/popets-2016-0031 ◽

2016 ◽

Vol 2016 (4) ◽

pp. 102-122 ◽

Cited By ~ 3

Author(s):

Kassem Fawaz ◽

Kyu-Han Kim ◽

Kang G. Shin

Keyword(s):

Location Privacy ◽

Indoor Localization ◽

Service Providers ◽

Location Based Services ◽

Location Information ◽

Privacy Concerns ◽

Indoor Location ◽

Location Data ◽

Personalized Services ◽

Privacy Risks

AbstractWith the advance of indoor localization technology, indoor location-based services (ILBS) are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service), a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.

Download Full-text

Mobility and Spatio-Temporal Exposure Control

Journal of Cyber Security and Mobility ◽

10.13052/jcsm2245-1439.144 ◽

2013 ◽

Author(s):

Geir M. Køien

Keyword(s):

Risk Assessment ◽

Risk Analysis ◽

Location Privacy ◽

Location Information ◽

Exposure Control ◽

Vm Migration ◽

Location Data ◽

Spatio Temporal ◽

Mobile Subscriber ◽

User Location

Modern risk assessment methods cover many issues and encompass both risk analysis and corresponding prevention/mitigation measures.However, there is still room for improvement and one aspect that may benefit from more work is “exposure control”.The “exposure” an asset experiences plays an important part in the risks facing the asset.Amongst the aspects that all too regularly get exposed is user identities and user location information,and in a context with mobile subscriber and mobility in the service hosting (VM migration/mobility) the problems associated with lost identity/location privacy becomes urgent.In this paper we look at “exposure control” as a way for analyzing and protecting user identity and user location data.

Download Full-text

Location Privacy Leakage through Sensory Data

Security and Communication Networks ◽

10.1155/2017/7576307 ◽

2017 ◽

Vol 2017 ◽

pp. 1-12 ◽

Cited By ~ 25

Author(s):

Yi Liang ◽

Zhipeng Cai ◽

Qilong Han ◽

Yingshu Li

Keyword(s):

Mobile Devices ◽

Dynamic Time Warping ◽

Location Privacy ◽

Embedded Sensors ◽

Location Information ◽

Time Warping ◽

Sensory Data ◽

Privacy Leakage ◽

Bounded Area ◽

Dynamic Time

Mobile devices bring benefits as well as the risk of exposing users’ location information, as some embedded sensors can be accessed without users’ permission and awareness. In this paper, we show that, only by using the data collected from the embedded sensors in mobile devices instead of GPS data, we can infer a user’s location information with high accuracy. Three issues are addressed which are route identification, user localization in a specific route, and user localization in a bounded area. The Dynamic Time Warping based technique is designed and we develop a Hidden Markov Model to solve the localization problem. Real experiments are performed to evaluate our proposed methods.

Download Full-text

Locally differentially private continuous location sharing with randomized response

International Journal of Distributed Sensor Networks ◽

10.1177/1550147719870379 ◽

2019 ◽

Vol 15 (8) ◽

pp. 155014771987037 ◽

Cited By ~ 2

Author(s):

Xingxing Xiong ◽

Shubo Liu ◽

Dan Li ◽

Jun Wang ◽

Xiaoguang Niu

Keyword(s):

Location Privacy ◽

Differential Privacy ◽

Service Providers ◽

Mobile Network ◽

Temporal Correlation ◽

Location Information ◽

Continuous Location ◽

Randomized Response ◽

Fifth Generation ◽

Location Sharing

With the growing popularity of fifth-generation-enabled Internet of Things devices with localization capabilities, as well as on-building fifth-generation mobile network, location privacy has been giving rise to more frequent and extensive privacy concerns. To continuously enjoy services of location-based applications, one needs to share his or her location information to the corresponding service providers. However, these continuously shared location information will give rise to significant privacy issues due to the temporal correlation between locations. In order to solve this, we consider applying practical local differential privacy to private continuous location sharing. First, we introduce a novel definition of [Formula: see text]-local differential privacy to capture the temporal correlations between locations. Second, we present a generalized randomized response mechanism to achieve [Formula: see text]-local differential privacy for location privacy preservation, which obtains the upper bound of error, and serve it as the basic building block to design a unified private continuous location sharing framework with an untrusted server. Finally, we conduct experiments on the real-world Geolife dataset to evaluate our framework. The results show that generalized randomized response significantly outperforms planar isotropic mechanism in the context of utility.

Download Full-text

A Location Privacy Attack Based on the Location Sharing Mechanism with Erroneous Distance in Geosocial Networks

Sensors ◽

10.3390/s20030918 ◽

2020 ◽

Vol 20 (3) ◽

pp. 918 ◽

Cited By ~ 1

Author(s):

Tu-Liang Lin ◽

Hong-Yi Chang ◽

Sheng-Lin Li

Keyword(s):

Location Privacy ◽

Service Providers ◽

Dominating Set ◽

Research Area ◽

Location Based Services ◽

Location Information ◽

Distance Information ◽

Space Partition ◽

Location Sharing ◽

True Location

Geographical social networks (GSN) is an emerging research area. For example, Foursquare, Yelp, and WeChat are all well-known service providers in this field. These applications are also known as location-based services (LBS). Previous studies have suggested that these location-based services may expose user location information. In order to ensure the privacy of the user’s location data, the service provider may provide corresponding protection mechanisms for its applications, including spatial cloaking, fuzzy location information, etc., so that the user’s real location cannot be easily cracked. It has been shown that if the positioning data provided by the user is not accurate enough, it is still difficult for an attacker to obtain the user’s true location. Taking this factor into consideration, our attack method is divided into two stages for the entire attack process: (1) Search stage: cover the area where the targeted user is located with unit discs, and then calculate the minimum dominating set. Use the triangle positioning method to find the minimum precision disc. (2) Inference phase: Considering the existence of errors, an Error-Adjusted Space Partition Attack Algorithm (EASPAA) was proposed during the inference phase. Improved the need for accurate distance information to be able to derive the user’s true location. In this study, we focus on the Location Sharing Mechanism with Maximal Coverage Limit to implement the whole attack. Experimental results show that the proposed method still can accurately infer the user’s real location even when there is an error in the user’s location information.

Download Full-text

Enhancing Location Privacy in Location-Based Services

Intelligent Technologies and Techniques for Pervasive Computing - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-4666-4038-2.ch013 ◽

2013 ◽

pp. 238-250

Author(s):

Constantinos Delakouridis

Keyword(s):

Mobile Phones ◽

Location Privacy ◽

Service Providers ◽

Personal Information ◽

Mobile User ◽

Location Based Services ◽

Location Information ◽

Position Information ◽

Privacy Requirements ◽

Privacy Issues

Location-based services are receiving signification attention over the last few years due to the increasing use of mobile devices. At the same time, location privacy is important, since position information is considered personal information. Thus, in order to address this issue, several mechanisms have been proposed protecting the mobile user. In this chapter, the authors present an architecture to shield the location of a mobile user and preserve the anonymity on the service delivery. This architecture relies on un-trusted entities to distribute segments of anonymous location information, and authorizes other entities to combine these portions and derive the actual location of a user. The chapter describes how the architecture takes into account the location privacy requirements, and how it is used by the end users’ devices, e.g., mobile phones, for the dissemination of location information to service providers. Furthermore, it notes privacy issues for further discussion and closes with proposed exercises.

Download Full-text

Location Privacy Protection in Distributed IoT Environments Based on Dynamic Sensor Node Clustering

Sensors ◽

10.3390/s19133022 ◽

2019 ◽

Vol 19 (13) ◽

pp. 3022 ◽

Cited By ~ 2

Author(s):

Konstantinos Dimitriou ◽

Ioanna Roussaki

Keyword(s):

Location Privacy ◽

Clustering Algorithm ◽

Data Dissemination ◽

Location Information ◽

Dynamic Clustering ◽

Sensitive Data ◽

Mobile Objects ◽

Current Location ◽

Series Of Experiments ◽

Location Privacy Protection

One of the most significant challenges in Internet of Things (IoT) environments is the protection of privacy. Failing to guarantee the privacy of sensitive data collected and shared over IoT infrastructures is a critical barrier that delays the wide penetration of IoT technologies in several user-centric application domains. Location information is the most common dynamic information monitored and lies among the most sensitive ones from a privacy perspective. This article introduces a novel mechanism that aims to protect the privacy of location information across Data Centric Sensor Networks (DCSNs) that monitor the location of mobile objects in IoT systems. The respective data dissemination protocols proposed enhance the security of DCSNs rendering them less vulnerable to intruders interested in obtaining the location information monitored. In this respect, a dynamic clustering algorithm is that clusters the DCSN nodes not only based on the network topology, but also considering the current location of the objects monitored. The proposed techniques do not focus on the prevention of attacks, but on enhancing the privacy of sensitive location information once IoT nodes have been compromised. They have been extensively assessed via series of experiments conducted over the IoT infrastructure of FIT IoT-LAB and the respective evaluation results indicate that the dynamic clustering algorithm proposed significantly outperforms existing solutions focusing on enhancing the privacy of location information in IoT.

Download Full-text

DCSS Protocol for Data Caching and Sharing Security in a 5G Network

Network ◽

10.3390/network1020006 ◽

2021 ◽

Vol 1 (2) ◽

pp. 75-94

Author(s):

Ed Kamya Kiyemba Edris ◽

Mahdi Aiash ◽

Jonathan Loo

Keyword(s):

Mobile Networks ◽

Service Providers ◽

Security Analysis ◽

Mobile Network ◽

End Users ◽

Third Party ◽

Control Mechanisms ◽

Security Measures ◽

Data Caching ◽

Pi Calculus

Fifth Generation mobile networks (5G) promise to make network services provided by various Service Providers (SP) such as Mobile Network Operators (MNOs) and third-party SPs accessible from anywhere by the end-users through their User Equipment (UE). These services will be pushed closer to the edge for quick, seamless, and secure access. After being granted access to a service, the end-user will be able to cache and share data with other users. However, security measures should be in place for SP not only to secure the provisioning and access of those services but also, should be able to restrict what the end-users can do with the accessed data in or out of coverage. This can be facilitated by federated service authorization and access control mechanisms that restrict the caching and sharing of data accessed by the UE in different security domains. In this paper, we propose a Data Caching and Sharing Security (DCSS) protocol that leverages federated authorization to provide secure caching and sharing of data from multiple SPs in multiple security domains. We formally verify the proposed DCSS protocol using ProVerif and applied pi-calculus. Furthermore, a comprehensive security analysis of the security properties of the proposed DCSS protocol is conducted.

Download Full-text

Systematically Quantifying IoT Privacy Leakage in Mobile Networks

IEEE Internet of Things Journal ◽

10.1109/jiot.2020.3038639 ◽

2020 ◽

pp. 1-1

Author(s):

Shuodi Hui ◽

Zhenhua Wang ◽

Xueshi Hou ◽

Xiao Wang ◽

Huandong Wang ◽

...

Keyword(s):

Mobile Networks ◽

Privacy Leakage

Download Full-text

ILSSPP: Intelligent location sharing system with privacy preserving features for smart cities

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-219102 ◽

2021 ◽

pp. 1-12

Author(s):

Gokay Saldamli ◽

Richard Chow ◽

Hongxia Jin

Keyword(s):

Service Providers ◽

Smart Cities ◽

User Interaction ◽

Privacy Preserving ◽

Location Based Services ◽

Third Party ◽

Location Information ◽

Fine Grained ◽

Location Sharing ◽

Social Network Structure

Social networking services are increasingly accessed through mobile devices. This trend has prompted services such as Facebook and Google+to incorporate location as a de facto feature of user interaction. At the same time, services based on location such as Foursquare and Shopkick are also growing as smartphone market penetration increases. In fact, this growth is happening despite concerns (growing at a similar pace) about security and third-party use of private location information (e.g., for advertising). Nevertheless, service providers have been unwilling to build truly private systems in which they do not have access to location information. In this paper, we describe an architecture and a trial implementation of a privacy-preserving location sharing system called ILSSPP. The system protects location information from the service provider and yet enables fine grained location-sharing. One main feature of the system is to protect an individual’s social network structure. The pattern of location sharing preferences towards contacts can reveal this structure without any knowledge of the locations themselves. ILSSPP protects locations sharing preferences through protocol unification and masking. ILSSPP has been implemented as a standalone solution, but the technology can also be integrated into location-based services to enhance privacy.

Download Full-text