27,501 research outputs found
Evaluating On-demand Pseudonym Acquisition Policies in Vehicular Communication Systems
Standardization and harmonization efforts have reached a consensus towards
using a special-purpose Vehicular Public-Key Infrastructure (VPKI) in upcoming
Vehicular Communication (VC) systems. However, there are still several
technical challenges with no conclusive answers; one such an important yet open
challenge is the acquisition of shortterm credentials, pseudonym: how should
each vehicle interact with the VPKI, e.g., how frequently and for how long?
Should each vehicle itself determine the pseudonym lifetime? Answering these
questions is far from trivial. Each choice can affect both the user privacy and
the system performance and possibly, as a result, its security. In this paper,
we make a novel systematic effort to address this multifaceted question. We
craft three generally applicable policies and experimentally evaluate the VPKI
system performance, leveraging two large-scale mobility datasets. We consider
the most promising, in terms of efficiency, pseudonym acquisition policies; we
find that within this class of policies, the most promising policy in terms of
privacy protection can be supported with moderate overhead. Moreover, in all
cases, this work is the first to provide tangible evidence that the
state-of-the-art VPKI can serve sizable areas or domain with modest computing
resources.Comment: 6 pages, 7 figures, IoV-VoI'1
BACK TO KATZ: REASONABLE EXPECTATION OF PRIVACY IN THE FACEBOOK AGE
Part I of this Note discusses the evolution of Fourth Amendment jurisprudence in reaction to advancing technology, the Supreme Court and circuit courts’ disposition in dealing with electronic “beeper” tracking (the technology that predated GPS), and the legal doctrine governing the government’s use of cellular phones to conduct surveillance of individuals both retroactively and in real-time. Part II examines the developing split among the federal circuits and state courts over whether GPS surveillance of vehicles constitutes a search, as well as the parallel concerns raised in recent published opinions by magistrate judges as to whether government requests for cell-site information from third party service providers require a warrant. Part III of this Note argues for the adoption of a rule that GPS surveillance constitutes a search and seizure and should require a warrant because the privacy expectation—that the government is not tracking its citizens twenty-four hours per day—is still one that society considers legitimate. It also argues that increasing public use or consent to third party use of GPS technology does not destroy an individual’s reasonable expectation of privacy in his movements, nor indicate that society no longer views these expectations as reasonable. In fact, increased public awareness of recent technological invasions of privacy may be producing an increased demand for control over information
Information Producers, Information Consumers : Location Data Privacy in Institutional Settings
Peer reviewedPreprin
Privacy-Friendly Mobility Analytics using Aggregate Location Data
Location data can be extremely useful to study commuting patterns and
disruptions, as well as to predict real-time traffic volumes. At the same time,
however, the fine-grained collection of user locations raises serious privacy
concerns, as this can reveal sensitive information about the users, such as,
life style, political and religious inclinations, or even identities. In this
paper, we study the feasibility of crowd-sourced mobility analytics over
aggregate location information: users periodically report their location, using
a privacy-preserving aggregation protocol, so that the server can only recover
aggregates -- i.e., how many, but not which, users are in a region at a given
time. We experiment with real-world mobility datasets obtained from the
Transport For London authority and the San Francisco Cabs network, and present
a novel methodology based on time series modeling that is geared to forecast
traffic volumes in regions of interest and to detect mobility anomalies in
them. In the presence of anomalies, we also make enhanced traffic volume
predictions by feeding our model with additional information from correlated
regions. Finally, we present and evaluate a mobile app prototype, called
Mobility Data Donors (MDD), in terms of computation, communication, and energy
overhead, demonstrating the real-world deployability of our techniques.Comment: Published at ACM SIGSPATIAL 201
PinMe: Tracking a Smartphone User around the World
With the pervasive use of smartphones that sense, collect, and process
valuable information about the environment, ensuring location privacy has
become one of the most important concerns in the modern age. A few recent
research studies discuss the feasibility of processing data gathered by a
smartphone to locate the phone's owner, even when the user does not intend to
share his location information, e.g., when the Global Positioning System (GPS)
is off. Previous research efforts rely on at least one of the two following
fundamental requirements, which significantly limit the ability of the
adversary: (i) the attacker must accurately know either the user's initial
location or the set of routes through which the user travels and/or (ii) the
attacker must measure a set of features, e.g., the device's acceleration, for
potential routes in advance and construct a training dataset. In this paper, we
demonstrate that neither of the above-mentioned requirements is essential for
compromising the user's location privacy. We describe PinMe, a novel
user-location mechanism that exploits non-sensory/sensory data stored on the
smartphone, e.g., the environment's air pressure, along with publicly-available
auxiliary information, e.g., elevation maps, to estimate the user's location
when all location services, e.g., GPS, are turned off.Comment: This is the preprint version: the paper has been published in IEEE
Trans. Multi-Scale Computing Systems, DOI: 0.1109/TMSCS.2017.275146
- …