A Lightweight Privacy-Preserving Fair Meeting Location Determination Scheme

Equipped with mobile devices, people relied on location-based services can expediently and reasonably organize their activities. But location information may disclose people\u27s sensitive information, such as interests, health status. Besides, the limited resources of mobile devices restrict the further development of location-based services. In this paper, aiming at the fair meeting position determination service, we design a lightweight privacy-preserving solution. In our scheme, mobile users only need to submit service requests. A cloud server and a location services provider are responsible for service response, where the cloud server achieves most of the calculation, and the location services provider determines the fair meeting location based on the computational results of the cloud server and broadcasts it to mobile users. The proposed scheme adopts homomorphic encryptions and random permutation methods to preserve the location privacy of mobile users. The security analyses show that the proposed scheme is privacy-preserving under our defined threat models. Besides, the presented solution only needs to calculate n Euclidean distances, and hence, our scheme has linear computation and communication complexity

An Efficient and Privacy-Preserving Multiuser Cloud-Based LBS Query Scheme

Location-based services (LBSs) are increasingly popular in today’s society. People reveal their location information to LBS providers to obtain personalized services such as map directions, restaurant recommendations, and taxi reservations. Usually, LBS providers offer user privacy protection statement to assure users that their private location information would not be given away. However, many LBSs run on third-party cloud infrastructures. It is challenging to guarantee user location privacy against curious cloud operators while still permitting users to query their own location information data. In this paper, we propose an efficient privacy-preserving cloud-based LBS query scheme for the multiuser setting. We encrypt LBS data and LBS queries with a hybrid encryption mechanism, which can efficiently implement privacy-preserving search over encrypted LBS data and is very suitable for the multiuser setting with secure and effective user enrollment and user revocation. This paper contains security analysis and performance experiments to demonstrate the privacy-preserving properties and efficiency of our proposed scheme

Privacy Preserving Physical Layer Authentication Scheme for LBS based Wireless Networks

With the fast development in services related to localisation, location-based service (LBS) gains more importance amongst all the mobile wireless services. To avail the service in the LBS system, information about the location and identity of the user has to be provided to the service provider. The service provider authenticates the user based on their identity and location before providing services. In general, sharing location information and preserving the user’s privacy is a highly challenging task in conventional authentication techniques. To resolve these challenges in authenticating the users, retaining users’ privacy, a new SVD (singular value decomposition) based Privacy Preserved Location Authentication Scheme (SPPLAS) has been proposed. In this proposed method, physical layer signatures such as channel state information (CSI) and carrier frequency offset (CFO) are used for generating secret key required for encrypting the user’s location and identity information, and thus encrypted user’s information is sent to service provider for authentication. Secret key is generated by applying SVD on CSI vector. The proposed scheme aids in authenticating the user through location information while protecting the user’s privacy. The performance of the proposed method is evaluated in terms of bit mismatch, leakage and bit error rate performance of receiver and adversary. The simulation results show that the proposed scheme achieves better robustness and security than the existing location-based authentication techniques

User-Defined Privacy Location-Sharing System in Mobile Online Social Networks

With the fusion of social networks and location-based services, location sharing is one of the most important services in mobile online social networks (mOSNs). In location-sharing services, users have to provide their location information to service provider. However, location information is sensitive to users, which may cause a privacy-preserving issue needs to be solved. In the existing research, location-sharing services, such as friends’ query, does not consider the attacks from friends. In fact, a user may not trust all of his/her friends, so just a part of his/her friends will be allowed to obtain the user’s location information. In addition, users’ location privacy and social network privacy should be guaranteed. In order to solve the above problems, we propose a new architecture and a new scheme called User-Defined Privacy Location-Sharing (UDPLS) system for mOSNs. In our scheme, the query time is almost irrelevant to the number of friends. We also evaluate the performance and validate the correctness of our proposed algorithm through extensive simulations

A Solution for Privacy-Preserving and Security in Cloud for Document Oriented Data (By Using NoSQL Database)

Cloud computing delivers massively scalable computing resources as a service with Internet based technologies those can share resources within the cloud users. The cloud offers various types of services that majorly include infrastructure as services, platform as a service, and software as a service and security as a services and deployment model as well. The foremost issues in cloud data security include data security and user privacy, data protection, data availability, data location, and secure transmission. In now day, preserving-privacy of data and user, and manipulating query from big-data is the most challenging problem in the cloud. So many researches were conducted on privacy preserving techniques for sharing data and access control; secure searching on encrypted data and verification of data integrity. This work  included preserving-privacy of document oriented data security, user privacy in the three phases those are data security at rest, at process and at transit by using Full Homomorphic encryption and decryption scheme to achieve afore most mentioned goal. This work implemented on document oriented data only by using NoSQL database and  the encryption/decryption algorithm such as RSA and Paillier’s cryptosystem in Java package with MongoDB, Apache Tomcat Server 9.1, Python, Amazon Web Service mLab for MongoDB as remote server.  Keywords: Privacy-Preserving, NoSQL, MongoDB, Cloud computing, Homomorphic encryption/decryption, public key, private key, RSA Algorithm, Paillier’s cryptosystem DOI: 10.7176/CEIS/11-3-02 Publication date:May 31st 202

Location Privacy Protection in Social Networks

University of Technology Sydney. Faculty of Engineering and Information Technology.Social networks have become more ubiquitous due to new advances in smartphone technology. This has provided an opportunity for social network service providers to utilise location information of users in their services. For example, Facebook Places, Foursquare and Yelp are popular social networks that mostly rely on utilising users' location data in their services. They offer a variety of useful services, from location recommendations to nearby friend alerts. However, protecting location privacy of users is still an open challenge for social network service providers. It has been shown that hiding real identity and choosing a pseudonym does not guarantee to protect a user's privacy since privacy may be invaded by analysing position data only. This is really a big issue since other private information of users can be revealed by analysing their location data (e.g., home address, health condition, interests, etc.). In this study, we investigate the location privacy issue of social networks and propose several solutions. We classify the proposed solutions into three categories based on the selected approaches, i.e. (i) differential privacy-based, (ii) cryptography-based, and (iii) anonymity-based solutions. We first study the approach in which differential privacy is utilised to preserve privacy of users. In this regard, we develop Distance-Based Location Privacy Protection mechanism (DBLP2), a customisable location privacy protection approach that is uniquely designed for social network users. It utilises the concept of social distance to generalise users' location data before it is published in a social network. The level of generalisation is decided based on the social distance between users. Secondly, we study cryptography-based methods for location privacy protection in Location-Based Services (LBS) and social networks. In this domain, we propose three cryptography-based and privacy-aware location verification schemes to preserve location privacy of users: (i) Privacy-Aware and Secure Proof Of pRoximiTy (PASPORT), (ii) Secure, Privacy-Aware and collusion Resistant poSition vErification (SPARSE), and (iii) a blockchain-based location verification scheme. These schemes prevent location spoofing attacks conducted by dishonest users while protect location privacy of users. To the best of our knowledge, majority of the existing location verification schemes do not preserve location privacy of users. Thirdly, we investigate anonymity as another approach to preserve users' privacy in social networks. In this regard, we first study the relevant protocols and discuss their features and drawbacks. Then, we introduce Harmonized and Stable DC-net (HSDC-net), a self-organizing protocol for anonymous communications in social networks. As far as we know, social networks do not offer any secure anonymous communication service. In social networks, privacy of users is preserved using pseudonymity, i.e., users select a pseudonym for their communications instead of their real identity. However, it has been shown that pseudonymity does not always result in anonymity (perfect privacy) if users' activities in social media are linkable. This makes users' privacy vulnerable to deanonymization attacks. Thus, by employing a secure anonymous communication service, social network service providers will be able to effectively preserve users' privacy. We perform extensive experiments and provide comprehensive security and privacy analysis to evaluate performance of the proposed schemes and mechanisms. Regarding the DBLP2 mechanism, our extensive analysis shows that it offers the optimum data utility regarding the trade-off between privacy protection and data utility. In addition, our experimental results indicate that DBLP2 is capable of offering variable location privacy protection and resilience to post processing. For the SPARSE scheme, our analysis and experiments show that SPARSE provides privacy protection as well as security properties for users including integrity, unforgeability and non-transferability of the location proofs. Moreover, it achieves a highly reliable performance against collusions. To validate performance of the PASPORT scheme, we implement a prototype of the proposed scheme on the Android platform. Extensive experiments indicate that the proposed method can efficiently protect location-based applications against fake submissions. For the proposed blockchain-based scheme, our prototype implementation on the Android platform shows that the proposed scheme outperforms other currently deployed location proof schemes. Finally, our prototype implementation of the HSDC-net protocol shows that it achieves low latencies that makes it a practical protocol. In summary, this research study focuses on developing new mechanisms for preserving location privacy of social network users. This is done through different approaches. Moreover, extensive effort is made to make the current location-related schemes and protocols privacy-aware. In this regard, several solutions in the form of scheme, mechanism, and protocol are introduced and their performance is evaluated. The results of this research work have also been presented in seven papers published in peer-reviewed journals and conferences

A caching and spatial K-anonymity driven privacy enhancement scheme in continuous location-based services

With the rapid pervasion of location-based services (LBSs), protection of location privacy has become a significant concern. In most continuous LBSs' privacy-preserving solutions, users need to transmit the location query data to an untrusted location service provider (LSP) to obtain query results, and the users discard these results immediately after using them. This results in an ineffective use of these results by future queries and in turn leads to a higher risk to user privacy from the LSP. To address these issues, we generally use caching to cache the query results for users' future queries. However, the minimization of the interaction between users and LSPs is a challenge. In this paper, we propose an enhanced user privacy scheme through caching and spatial K-anonymity (CSKA) in continuous LBSs; it adopts multi-level caching to reduce the risk of exposure of users' information to untrusted LSPs. In continuous LBS queries, our scheme first utilizes the Markov model to predict the next query location according to the user mobility. Then, according to the predicted location, cell's cache contribution rate, and data freshness, an algorithm for forming spatial K-anonymity is designed to improve the user's cache hit rate and enhance the user location privacy. The security analysis and simulation results demonstrate that our proposed CSKA scheme can provide higher privacy protection than a few previous methods, and it can minimize the overhead of the LBS server

A Privacy-Preserving Mechanism for Requesting Location Data Provider with Wi-Fi Access Points

With the democratization of mobile devices embedding different positioning capabilities, the location of users is now collected to track the location of users. When used for behav-ioral profiling, this tracking for enhancing raises more and more privacy concerns.Depending on the permissions, mobile applications can get a fine-grained user's location from the GPS or a coarse-grained location by requesting location data provider with surrounding Wi-Fi access points for instance. While using the GPS does not rely on external untrusted party, requesting a location data provider clearly exposes the location of users. Whereas location privacy has been an active research field this last decade, most of the contributions are performed on GPS-based data, and it is not clear how to efficiently protect Wi-Fi-based positioning to preserve the users' privacy. In this paper, we propose a novel solution to preserve users' privacy from curious location data providers when requesting users' location from Wi-Fi while supporting high-utility. The key idea behind our online approach is to combine a random sampling (for controlling the quantity of revealed information) and a obfuscation scheme (for ensuring privacy-preserving information disclosure). We exhaustively evaluate our solution with a real dataset of mobility traces collected through multiple sensors. We show that the proposed approach provides a trade-off between privacy (i.e., avoiding to reveal its true location) and utility (i.e., still benefiting from services such as places recommendation) fully control-lable by the users. Lastly, we also discuss the integration of our protection scheme in mobile operating systems