1 / 38

Preserving User Location Privacy in Mobile Data Management Infrastructures

The 6 th Workshop on Privacy Enhancing Technologies (2006). Preserving User Location Privacy in Mobile Data Management Infrastructures. Reynold Cheng ( csckcheng@comp.polyu.edu.hk ) The Hong Kong Polytechnic University. A joint work with: Yu Zhang, Elisa Bertino, and Sunil Prabhakar

idania
Download Presentation

Preserving User Location Privacy in Mobile Data Management Infrastructures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The 6th Workshop on Privacy Enhancing Technologies (2006) Preserving User Location Privacy in Mobile Data Management Infrastructures Reynold Cheng (csckcheng@comp.polyu.edu.hk) The Hong Kong Polytechnic University A joint work with: Yu Zhang, Elisa Bertino, and Sunil Prabhakar Purdue University

  2. Location-Based Services Find a friend within 50m of my location. Where is my nearest gas station? Service Provider Cheng, Zhang, Bertino, Prabhakar

  3. The Location Privacy Problem • Beresford et al. [BG03]: “Location privacy is the ability to prevent other parties from learning one’s current or past location” • Need to prevent: • Tracking of the user’s whereabouts • Discovery of the user’s personal habits Cheng, Zhang, Bertino, Prabhakar

  4. Location Cloaking [BS03,GG03] Actual Location y x time Uncertainty region seen by service provider Cheng, Zhang, Bertino, Prabhakar

  5. Privacy, Cloaking, and Quality Location Cloaking More uncertainty, More privacy • More uncertainty, Poorer service Better service, lower privacy? Location Privacy Service Quality Cheng, Zhang, Bertino, Prabhakar

  6. Location Cloaking Framework [CP04] Imprecise Location + Service Request Precise Location + Service Request Location Cloaking Engine Service Provider User Service + quality report Cheng, Zhang, Bertino, Prabhakar

  7. Our Contributions • A framework that trades off location privacy and service quality • An efficient algorithm for processing an important query class • Definition of “query quality” • Experimental simulations • Privacy threats and solutions Cheng, Zhang, Bertino, Prabhakar

  8. Cloaked Location Model Uniform distribution Evaluated by imprecise queries to produce answers with probabilistic confidence Cheng, Zhang, Bertino, Prabhakar

  9. The Cloaking Agent Cheng, Zhang, Bertino, Prabhakar

  10. The Policy Translator • Possible privacy preferences: • k-anonymity [BG03, GG03]: at least k users in the cloaking region • Privacy: minimum uncertainty region size • Accuracy: maximum uncertainty region size • Locations: cloaking required when being near to a certain object (physical or logical) • Other users/service providers: presence known/hidden to them? Cheng, Zhang, Bertino, Prabhakar

  11. Service Translator and Service Provider • Evaluate cloaked data, provide probabilistic answer, compute quality • Example: Range query (e.g., who is within 50m from me) Cheng, Zhang, Bertino, Prabhakar

  12. Result Translator • Provide query result and quality reports • Convert probabilistic answers to interpretable results • Example: Map probability ranges (0,0.2],(0.2,0.8],(0.8,1] to LOW, MEDIUM and HIGH Cheng, Zhang, Bertino, Prabhakar

  13. Precise Location-based Range Query Example: Who is within 100 metres from me? Only S4 is the answer. Cheng, Zhang, Bertino, Prabhakar

  14. Imprecise Location-based Range Query Overall probability: {(S2,0.1),, (S3,0.7), (S4,0.9)} Q2: {(S3,0.9), (S4,1)} Q1: {(S2,0.2),, (S3,0.6), (S4,0.7)} Cheng, Zhang, Bertino, Prabhakar

  15. Query Evaluation (1) • Transformation: decomposes imprecise queries into sub-queries • Evaluation: computes the probabilistic answers for each precise sub-queries • Aggregation: summarizes the final result from all sub-queries Cheng, Zhang, Bertino, Prabhakar

  16. Query Evaluation (2) • Probability pj(u,v) of user Sjsatisfying the range query issued at point (u,v)  U : Can be Expensive! • Probability pj of user Sjsatisfying the range query issued byU : Cheng, Zhang, Bertino, Prabhakar

  17. Efficient Query Evaluation • Pruning: removes all objects that do not have any chance of satisfying the query • Transformation: decomposes imprecise queries into sub-queries • Evaluation: computes the probabilistic answers for each precise sub-queries • Aggregation: summarizes the final result from all sub-queries Cheng, Zhang, Bertino, Prabhakar

  18. Pruning Cloaked Locations • The Minkowski Sum can be evaluated with computational geometry techniques [BK00] Cheng, Zhang, Bertino, Prabhakar

  19. Quality of Imprecise Queries • Query quality metric measures the effect of cloaking on service quality • Query quality is affected by: • Uncertainty of query issuer’s location • Uncertainty of data being queried Cheng, Zhang, Bertino, Prabhakar

  20. Quality of Imprecise Queries • The larger the query issuer’s uncertainty, the more likely that different sub-query answers are generated • Low quality when: • There are many different answer sets; • The members of different answer sets differ from each other significantly Cheng, Zhang, Bertino, Prabhakar

  21. Query Quality: An Illustration Cheng, Zhang, Bertino, Prabhakar

  22. Query Quality Metric • Precision of Rk with respect to R: • Probability that S gets the answer Rk: • Query Score: Cheng, Zhang, Bertino, Prabhakar

  23. Experiment Model • Based on the City Simulator 2.0 developed at IBM [KMJ01] • 71 buildings, 48 roads, 6 road intersections and 1 park • 10,000 people moving in a city Cheng, Zhang, Bertino, Prabhakar

  24. Quality and Privacy Cheng, Zhang, Bertino, Prabhakar

  25. Privacy and Performance Cheng, Zhang, Bertino, Prabhakar

  26. Quality and Query Size Cheng, Zhang, Bertino, Prabhakar

  27. Implementation Issues • Systems that don’t track locations regularly • Example: GPS, RFID • GPS receiver in user obtains info from satellites • Cloaking agent controls when to report location • Systems that track locations regularly • Example: GSM, PCS • Cloaking agent reports cloaked locations in terms of neighboring cells regularly [WL00] Cheng, Zhang, Bertino, Prabhakar

  28. References [BK00] M. Berg, M. Kreveld, M. Overmars and O. Schwarzkopf. Computational Geometry – Algorithms and Applications. 2nd ed., Springer Verlag (2000). [BS03] A. Beresford and F. Stajano. Location Privacy in Pervasive Computing. IEEE Pervasive Computing, 2(1):46-55, 2003. [CKP03] R. Cheng, D. Kalashnikov and S. Prabhakar. Evaluating Probabilistic Queries over Imprecise Data. In Proc. of ACM SIGMOD, June 2003. [CKP04] R. Cheng, D. Kalashnikov and S. Prabhakar. Querying Imprecise Data in Moving Object Environments. . In Transactions of Knowledge and Data Engineering, 2004. [CP04] R. Cheng and S. Prabhakar. Using uncertainty to provide privacy-preserving and high-quality location-based services. In Workshop on Location Systems Privacy and Control, MobileHCI 2004. [GG03] M. Gruteser and D. Grunwald. Anonymous Usage of Location-based Services through Spatial and Temporal Cloaking. In Proc. of the 1st Intl. Conf. on Mobile Systems, Applications and Services, May 2003. [GL05] B. Gedik and L. Liu.Location Privacy in Mobile Systems: A Personalized Anonymization Model. ICDCS, 2005. [KMJ01] J. Kaufman, J. Myllymaki and J. Jackson. IBM City Simulator Spatial Data Generator 2.0, 2001. [VL2000] V. Wong and V. Leung. Location management for next-generation personal communications network. IEEE Network (2000). Cheng, Zhang, Bertino, Prabhakar

  29. Conclusions and Future Work • A framework for capturing uncertainty, location privacy, service quality • Evaluation and quality metrics for imprecise range queries • Future work: • Large-scale data indexing • Other query types • Possible privacy threats • System prototype development Contact Reynold Cheng (csckcheng@comp.polyu.edu.hk) for more details http://www.comp.polyu.edu.hk/~csckcheng Cheng, Zhang, Bertino, Prabhakar

  30. Related Work: Cloaking • Adaptive-Interval Cloaking Algorithm [GG03]: partition the area into quadrants of equal area until the user and other k-1 users are included • Clique-cloak algorithm [GL05]: each user has her own k-anonymity requirement • These work did not provide probability computation and precise measurements over service quality Cheng, Zhang, Bertino, Prabhakar

  31. Related Work: Uncertainty Management • Probabilistic queries [CKP03, CKP04] manage uncertain data in location and sensor databases • Evaluation of answers with probabilities • Metrics for query ambiguity • Assume queries are precise (i.e., no uncertainty about the query issuer) Cheng, Zhang, Bertino, Prabhakar

  32. Privacy of Cloaking • Size of uncertainty region • Coverage of sensitive region Cheng, Zhang, Bertino, Prabhakar

  33. Privacy Threats Cheng, Zhang, Bertino, Prabhakar

  34. Possible Solutions to Privacy Threats Cheng, Zhang, Bertino, Prabhakar

  35. Uncertainty vs. Velocity Cheng, Zhang, Bertino, Prabhakar

  36. Quality vs. Privacy Cheng, Zhang, Bertino, Prabhakar

  37. Response Time vs. Velocity Cheng, Zhang, Bertino, Prabhakar

  38. Query Pruning • Called the Minkowski Sum, which can be computed with computational geometric techniques [BK00] Cheng, Zhang, Bertino, Prabhakar

More Related