150 research outputs found

    Privacy protection in context aware systems.

    Get PDF
    Smartphones, loaded with users’ personal information, are a primary computing device for many. Advent of 4G networks, IPV6 and increased number of subscribers to these has triggered a host of application developers to develop softwares that are easy to install on the mobile devices. During the application download process, users accept the terms and conditions that permit revelation of private information. The free application markets are sustainable as the revenue model for most of these service providers is through profiling of users and pushing advertisements to the users. This creates a serious threat to users privacy and hence it is important that “privacy protection mechanisms” should be in place to protect the users’ privacy. Most of the existing solutions falsify or modify the information in the service request and starve the developers of their revenue. In this dissertation, we attempt to bridge the gap by proposing a novel integrated CLOPRO framework (Context Cloaking Privacy Protection) that achieves Identity privacy, Context privacy and Query privacy without depriving the service provider of sustainable revenue made from the CAPPA (Context Aware Privacy Preserving Advertising). Each service request has three parameters: identity, context and actual query. The CLOPRO framework reduces the risk of an adversary linking all of the three parameters. The main objective is to ensure that no single entity in the system has all the information about the user, the queries or the link between them, even though the user gets the desired service in a viable time frame. The proposed comprehensive framework for privacy protecting, does not require the user to use a modified OS or the service provider to modify the way an application developer designs and deploys the application and at the same time protecting the revenue model of the service provider. The system consists of two non-colluding servers, one to process the location coordinates (Location server) and the other to process the original query (Query server). This approach makes several inherent algorithmic and research contributions. First, we have proposed a formal definition of privacy and the attack. We identified and formalized that the privacy is protected if the transformation functions used are non-invertible. Second, we propose use of clustering of every component of the service request to provide anonymity to the user. We use a unique encrypted identity for every service request and a unique id for each cluster of users that ensures Identity privacy. We have designed a Split Clustering Anonymization Algorithms (SCAA) that consists of two algorithms Location Anonymization Algorithm (LAA) and Query Anonymization Algorithm (QAA). The application of LAA replaces the actual location for the users in the cluster with the centroid of the location coordinates of all users in that cluster to achieve Location privacy. The time of initiation of the query is not a part of the message string to the service provider although it is used for identifying the timed out requests. Thus, Context privacy is achieved. To ensure the Query privacy, the generic queries (created using QAA) are used that cover the set of possible queries, based on the feature variations between the queries. The proposed CLOPRO framework associates the ads/coupons relevant to the generic query and the location of the users and they are sent to the user along with the result without revealing the actual user, the initiation time of query or the location and the query, of the user to the service provider. Lastly, we introduce the use of caching in query processing to improve the response time in case of repetitive queries. The Query processing server caches the query result. We have used multiple approaches to prove that privacy is preserved in CLOPRO system. We have demonstrated using the properties of the transformation functions and also using graph theoretic approaches that the user’s Identity, Context and Query is protected against the curious but honest adversary attack, fake query and also replay attacks with the use of CLOPRO framework. The proposed system not only provides \u27k\u27 anonymity, but also satisfies the \u3c k; s \u3e and \u3c k; T \u3e anonymity properties required for privacy protection. The complexity of our proposed algorithm is O(n)

    Towards trajectory anonymization: a generalization-based approach

    Get PDF
    Trajectory datasets are becoming popular due to the massive usage of GPS and locationbased services. In this paper, we address privacy issues regarding the identification of individuals in static trajectory datasets. We first adopt the notion of k-anonymity to trajectories and propose a novel generalization-based approach for anonymization of trajectories. We further show that releasing anonymized trajectories may still have some privacy leaks. Therefore we propose a randomization based reconstruction algorithm for releasing anonymized trajectory data and also present how the underlying techniques can be adapted to other anonymity standards. The experimental results on real and synthetic trajectory datasets show the effectiveness of the proposed techniques

    Privacy Preserving User Data Publication In Social Networks

    Get PDF
    Recent trends show that the popularity of Social Networks (SNs) has been increasing rapidly. From daily communication sites to online communities, an average person\u27s daily life has become dependent on these online networks. Additionally, the number of people using at least one of the social networks have increased drastically over the years. It is estimated that by the end of the year 2020, one-third of the world\u27s population will have social accounts. Hence, user privacy protection has gained wide acclaim in the research community. It has also become evident that protection should be provided to these networks from unwanted intruders. In this dissertation, we consider data privacy on online social networks at the network level and the user level. The network-level privacy helps us to prevent information leakage to third-party users like advertisers. To achieve such privacy, we propose various schemes that combine the privacy of all the elements of a social network: node, edge, and attribute privacy by clustering the users based on their attribute similarity. We combine the concepts of k-anonymity and l-diversity to achieve user privacy. To provide user-level privacy, we consider the scenario of mobile social networks as the user location privacy is the much-compromised problem. We provide a distributed solution where users in an area come together to achieve their desired privacy constraints. We also consider the mobility of the user and the network to provide much better results

    Knowing Your Population: Privacy-Sensitive Mining of Massive Data

    Full text link
    Location and mobility patterns of individuals are important to environmental planning, societal resilience, public health, and a host of commercial applications. Mining telecommunication traffic and transactions data for such purposes is controversial, in particular raising issues of privacy. However, our hypothesis is that privacy-sensitive uses are possible and often beneficial enough to warrant considerable research and development efforts. Our work contends that peoples behavior can yield patterns of both significant commercial, and research, value. For such purposes, methods and algorithms for mining telecommunication data to extract commonly used routes and locations, articulated through time-geographical constructs, are described in a case study within the area of transportation planning and analysis. From the outset, these were designed to balance the privacy of subscribers and the added value of mobility patterns derived from their mobile communication traffic and transactions data. Our work directly contrasts the current, commonly held notion that value can only be added to services by directly monitoring the behavior of individuals, such as in current attempts at location-based services. We position our work within relevant legal frameworks for privacy and data protection, and show that our methods comply with such requirements and also follow best-practice

    Privacy and trustworthiness management in moving object environments

    Get PDF
    The use of location-based services (LBS) (e.g., Intel\u27s Thing Finder) is expanding. Besides the traditional centralized location-based services, distributed ones are also emerging due to the development of Vehicular Ad-hoc Networks (VANETs), a dynamic network which allows vehicles to communicate with one another. Due to the nature of the need of tracking users\u27 locations, LBS have raised increasing concerns on users\u27 location privacy. Although many research has been carried out for users to submit their locations anonymously, the collected anonymous location data may still be mapped to individuals when the adversary has related background knowledge. To improve location privacy, in this dissertation, the problem of anonymizing the collected location datasets is addressed so that they can be published for public use without violating any privacy concerns. Specifically, a privacy-preserving trajectory publishing algorithm is proposed that preserves high data utility rate. Moreover, the scalability issue is tackled in the case the location datasets grows gigantically due to continuous data collection as well as increase of LBS users by developing a distributed version of our trajectory publishing algorithm which leveraging the MapReduce technique. As a consequence of users being anonymous, it becomes more challenging to evaluate the trustworthiness of messages disseminated by anonymous users. Existing research efforts are mainly focused on privacy-preserving authentication of users which helps in tracing malicious vehicles only after the damage is done. However, it is still not sufficient to prevent malicious behavior from happening in the case where attackers do not care whether they are caught later on. Therefore, it would be more effective to also evaluate the content of the message. In this dissertation, a novel information-oriented trustworthiness evaluation is presented which enables each individual user to evaluate the message content and make informed decisions --Abstract, page iii

    Towards trajectory anonymization: A generalization-based approach

    Get PDF
    Trajectory datasets are becoming,popular,due,to the massive,usage,of GPS and,location- based services. In this paper, we address privacy issues regarding the identification of individuals in static trajectory datasets. We first adopt the notion of k-anonymity,to trajectories and propose,a novel generalization-based approach,for anonymization,of trajectories. We further show,that releasing anonymized,trajectories may,still have,some,privacy,leaks. Therefore we propose,a randomization based,reconstruction,algorithm,for releasing anonymized,trajectory data and,also present how,the underlying,techniques,can be adapted,to other anonymity,standards. The experimental,results on real and,synthetic trajectory datasets show,the effectiveness of the proposed,techniques

    Achieving Location Privacy in iOS Platform Using Location Privacy Framework

    Get PDF
    Rising popularity of location-services mobile applications and geotagging digitalactivities resulted in astonishing amount of mobility data collected from user devices, raising privacy concerns regarding the way this data is extracted and handled. Despite numerous studies concluded that human location trace is highly unique and poses great re-identification risks, modern mobile operating systems fell short of implementing granular location access mechanism. Existing binary location access resulted into location-based-services being able to retrieve precise user’s coordinates regardless of how much details their functionality actually require and sell it to data brokers. This paper aims to provide practical solution how a mobile operating system (iOS) can adopt a system that enforces better location privacy for user devices with Location Privacy Framework(LPF) that works as a trusted middleware between mobile operating system and third-party apps. LPF provides granulated way of extracting location-related data from device, maximizing privacy by applying geomasking algorithm based on minimum level of accuracy the app needs and ensuring k-anonymity with dummy-generation mechanisms. Furthermore, LPF enforces control over all location data network communication to and from the app to make sure that no identifying data is being shared with data brokers
    • 

    corecore