Privacy challenges in third-party location services

The concern for location privacy in mobile applications is commonly motivated by a scenario in which a mobile device communicates personal location data, i.e. the device holder location, to a third party e.g. LBS provider, in exchange for some information service. We argue that this scenario offers a partial view of the actual risks for privacy, because in reality the information How can be more complex. For example, more and more often location is computed by a third party, the location provider, e.g. Google Location Service. Location providers are in the position of collecting huge amounts of location data from the users of diverse applications (e.g. Facebook and Foursquare to cite a few). This raises novel privacy concerns. In this paper, we discuss two issues related to the protection from location providers. The first focuses on the compliance of emerging location services standards with European data protection norms; the latter focuses on hard privacy solutions protecting from untrusted location providers

Third party positioning services: novel challenges for location privacy in LBS

Acommon assumption in the research community working on location privacy in locationbased services (LBS) is that the location sources are trusted. In this paper we present a different perspective. We argue that, because of the deployment of wifi-based/hybrid positioning techniques and web-based LBSs, the user\u2019s location is increasingly computed by third-party location providers which may be not fully trusted. This change of perspective challenges the effectiveness of current location privacy-preserving techniques. To support this thesis we present an empirical investigation of the privacy issues raised by web-based LBSs. Moreover, following a holistic approach, we present the problem from three different and complementary angles, i.e., technical, user-based, and legal. The overall picture suggests a novel direction of research

Third party geolocation services in LBS: privacy requirements and research issues

The advances in positioning technologies and the emergence of geolocation standards opens up to the development of innovative location-based services (LBS), e.g., web-based LBS. These services challenge existing privacy protection solutions. For example, the position information is provided by a third party, the location provider, and this party may be not fully trusted. In this paper, we analyze the web-based LBS model. Then we outline the privacy-aware geolocation strategy which minimizes the interaction with the untrusted location provider by caching the information that is useful to determine the position in proximity of the private positions, e.g., home, which have been already visited. The deployment of this strategy requires investigating several issues and novel tools. The objective of this paper is to discuss the technical challenges and suggest directions of research towards a comprehensive privacy-preserving framework. To our knowledge, this is the first work on privacy protection against untrusted location providers

PMP: Privacy-Aware Matrix Profile against Sensitive Pattern Inference

Recent rapid development of sensor technology has allowed massive fine-grained time series (TS) data to be collected and set the foundation for the development of data-driven services and applications. During the process, data sharing is often involved to allow the third-party modelers to perform specific time series data mining (TSDM) tasks based on the need of data owner. The high resolution of TS brings new challenges in protecting privacy. While meaningful information in high-resolution TS shifts from concrete point values to local shape-based segments, numerous research have found that long shape-based patterns could contain more sensitive information and may potentially be extracted and misused by a malicious third party. However, the privacy issue for TS patterns is surprisingly seldom explored in privacy-preserving literature. In this work, we consider a new privacy-preserving problem: preventing malicious inference on long shape-based patterns while preserving short segment information for the utility task performance. To mitigate the challenge, we investigate an alternative approach by sharing Matrix Profile (MP), which is a non-linear transformation of original data and a versatile data structure that supports many data mining tasks. We found that while MP can prevent concrete shape leakage, the canonical correlation in MP index can still reveal the location of sensitive long pattern. Based on this observation, we design two attacks named Location Attack and Entropy Attack to extract the pattern location from MP. To further protect MP from these two attacks, we propose a Privacy-Aware Matrix Profile (PMP) via perturbing the local correlation and breaking the canonical correlation in MP index vector. We evaluate our proposed PMP against baseline noise-adding methods through quantitative analysis and real-world case studies to show the effectiveness of the proposed method

Tokens Shuffling Approach for Privacy, Security, and Reliability in IoHT under a Pandemic

Privacy and security are unavoidable challenges in the future of smart health services and systems. Several approaches for preserving privacy have been provided in the Internet of Health Things (IoHT) applications. However, with the emergence of COVID-19, the healthcare centers needed to track, collect, and share more critical data such as the location of those infected and monitor social distancing. Unfortunately, the traditional privacy-preserving approaches failed to deal effectively with emergency circumstances. In the proposed research, we introduce a Tokens Shuffling Approach (TSA) to preserve collected data’s privacy, security, and reliability during the pandemic without the need to trust a third party or service providers. TSA depends on a smartphone application and the proposed protocol to collect and share data reliably and safely. TSA depends on a proposed algorithm for swapping the identities temporarily between cooperated users and then hiding the identities by employing fog nodes. The fog node manages the cooperation process between users in a specific area to improve the system’s performance. Finally, TSA uses blockchain to save data reliability, ensure data integrity, and facilitate access. The results prove that TSA performed better than traditional approaches regarding data privacy and the performance level. Further, we noticed that it adapted better during emergency circumstances. Moreover, TSA did not affect the accuracy of the collected data or its related statistics. On the contrary, TSA will not affect the quality of primary healthcare services

Localization to Enhance Security and Services in Wi-Fi Networks under Privacy Constraints

Developments of seamless mobile services are faced with two broad challenges, systems security and user privacy - access to wireless systems is highly insecure due to the lack of physical boundaries and, secondly, location based services (LBS) could be used to extract highly sensitive user information. In this paper, we describe our work on developing systems which exploit location information to enhance security and services under privacy constraints. We describe two complimentary methods which we have developed to track node location information within production University Campus Networks comprising of large numbers of users. The location data is used to enhance security and services. Specifically, we describe a method for creating geographic firewalls which allows us to restrict and enhance services to individual users within a specific containment area regardless of physical association. We also report our work on LBS development to provide visualization of spatio-temporal node distribution under privacy considerations