Abstract
Location-based Services (LBSs) provide valuable services, with convenient features for users. However, the information disclosed through each request harms user privacy. This is a concern particularly with honest-but-curious LBS servers, which could, by collecting requests, track users and infer additional sensitive user data. This is the motivation of both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome the disadvantages of centralized schemes, eliminating anonymizers and enhancing users’ control over sensitive information. However, an insecure decentralized system could pose even more serious security threats than privacy leakage. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. Our design leverages architectures proposed for large scale mobile systems, while it incurs minimal changes to LBS servers as it can be deployed in parallel to the LBS servers. This further motivates the adoption of our design, in order to cater to the needs of privacy-sensitive users. We provide an analysis of security and privacy concerns and countermeasures, as well as a performance evaluation of basic protocol operations showing the practicality of our design.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Google maps api. https://developers.google.com/maps/
Lte direct. https://www.qualcomm.com/invention/technologies/lte/direct
The Spongy Castle Cryptography APIs. https://rtyley.github.io/spongycastle/
Uber api. https://developer.uber.com/
Wi-fi direct. https://rtyley.github.io/spongycastle/
PRIME Framework Version. 3 (2008). https://www.prime-project.eu/prime_products/reports/fmwk/
IEEE Standard for Wireless Access in Vehicular Environments Security Services for Applications and Management Messages. IEEE Std 1609.2-2013 (2013)
Barkhuus, L., Dey, A.K.: Location-based services for mobile telephony: a study of users’ privacy concerns. In: INTERACT, Cape Town, South Africa, September 2003
Calandriello, G., Papadimitratos, P., Hubaux, J.-P., Lioy, A.: Efficient and robust pseudonymous authentication in vanet. In: ACM VANET, Montreal, Canada, September 2007
Calandriello, G., Papadimitratos, P., Hubaux, J.-P., Lioy, A.: On the performance of secure vehicular communication systems. In: IEEE TDSC (2011)
Chow, C.-Y., Mokbel, M.F., Liu, X.: A peer-to-peer spatial cloaking algorithm for anonymous location-based service. In: ACM GIS, New York, NY, November 2006
Cutillo, L.A., Molva, R., Strufe, T.: Privacy preserving social networking through decentralization. In: IEEE/IFIP WONS, Snowbird, Utah, February 2009
Gedik, B., Liu, L.: Protecting location privacy with personalized k-anonymity: Architecture and algorithms. IEEE Transactions on Mobile Computing, January 2008
Ghinita, G., Kalnis, P., Skiadopoulos, S.: Mobihide: a mobilea peer-to-peer system for anonymous location-based queries. In: SSTD, Boston, MA, July 2007
Gisdakis, S., Giannetsos, T., Papadimitratos, P.: Sppear: security & privacy-preserving architecture for participatory-sensing applications. In: ACM WiSec, Oxford, UK, July 2014
Gisdakis, S., Laganà, M., Giannetsos, T., Papadimitratos, P.: Serosa: Service oriented security architecture for vehicular communications. In: IEEE VNC, Boston, MA, December 2013
Han, L., Nath, B., Iftode, L., Muthukrishnan, S.: Social butterfly: Social caches for distributed social networks. In: PASSAT, Boston, MA, October 2011
Johnson, M., McGuire, D., Willey, N.: The evolution of the peer-to-peer file sharing industry and the security risks for users. In: HICSS, Waikoloa, Big Island, Hawaii, January 2008
Khodaei, M., Jin, H., Papadimitratos, P.: Towards deploying a scalable & robust vehicular identity and credential management infrastructure. In: IEEE VNC, Paderborn, Germany, December 2014
Kwok, S.H., Lang, K.R., Tam, K.Y.: Peer-to-peer technology business and service models: risks and opportunities. Electronic Markets (2002)
Louail, T., Lenormand, M., Cantu Ros, O.G., Picornell, M., Herranz, R., Frias-Martinez, E., Ramasco, J.J., Barthelemy, M.: From mobile phone data to the spatial structure of cities. Scientific Reports, June 2014
Martucci, L.A., Kohlweiss, M., Andersson, C., Panchenko, A.: Self-certified sybil-free pseudonyms. In: ACM WiSec, Alexandria, VA, April 2008
Mascetti, S., Bettini, C., Freni, D., Wang, X.S.: Spatial generalisation algorithms for lbs privacy preservation. Journal of Location Based Services (2007)
Mezzour, G., Perrig, A., Gligor, V., Papadimitratos, P.: Privacy-preserving relationship path discovery in social networks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 189–208. Springer, Heidelberg (2009)
Mokbel, M.F., Chow, C.-Y., Aref, W.G.: The new casper: query processing for location services without compromising privacy. In: Proceedings of the 32nd International Conference on Very large Data Bases, Seoul, Korea, September 2006
Myles, G., Friday, A., Davies, N.: Preserving privacy in environments with location-based applications. IEEE Pervasive Computing (2003)
Papadimitratos, P., Calandriello, G., Lioy, A., Hubaux, J.-P.: Impact of vehicular communication security on transportation safety. In: IEEE INFOCOM MOVE, Phoenix, AZ, April 2008
Sampigethaya, K., Li, M., Huang, L., Poovendran, R.: Amoeba: Robust location privacy scheme for vanet. IEEE JSAC (2007)
Shokri, R., Theodorakopoulos, G., Papadimitratos, P., Kazemi, E., Hubaux, J.-P.: Hiding in the mobile crowd: Location privacy through collaboration. IEEE TDSC (2014)
Zhou, L., Zhang, L., McSherry, F., Immorlica, N., Costa, M., Chien, S.: A first look at peer-to-peer worms: threats and defenses. In: Proceedings of the 4th International Conference on Peer-to-Peer Systems, Konstanz, Germany, August 2005
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Jin, H., Papadimitratos, P. (2015). Resilient Collaborative Privacy for Location-Based Services. In: Buchegger, S., Dam, M. (eds) Secure IT Systems. NordSec 2015. Lecture Notes in Computer Science, vol 9417. Springer, Cham. https://doi.org/10.1007/978-3-319-26502-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-26502-5_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26501-8
Online ISBN: 978-3-319-26502-5
eBook Packages: Computer ScienceComputer Science (R0)