A NOVEL FRAMEWORKFOR LBS PRIVACY PRESERVINGIN DYNAMIC CONTEXT ENVIRONMENT

ACOMP 2011

Le Nguyen Duy VuNguyen Le VinhNguyen Ngoc TuanDo Son ThanhTran Trung HienDang Tran Khanh

Outline2

Location-based services: privacy concerns in dynamic-context environment

Privacy preserving based on an evaluating system The proposed framework Demo Conclusion

Outline3

Location-based services: privacy concerns in dynamic-context environment

Privacy preserving based on an evaluating system The proposed framework Demo Conclusion

Location-based service: Definition [1]4

In an abstract way

A certain service that is offered to the users based on their locations

Location-based service: Everywhere5

Location-based traffic reports: What is the estimated time travel to

reach my destination?

Location-based store finder:Where is my nearest fast food restaurant?

Location-based advertisement:Send E-coupons to all customers within

five miles of my store.

Privacy concenrns in LBS6

“New technologies can pinpoint your location at any time and place. They promise safety and convenience but threaten privacy and security” Cover story, IEEE Spectrum, July 2003

YOU ARE TRACKED…!!!!

Location-based service: Now7

Steadly growing with variety of services

Location-based service: Now8

Location-based service: Now9

Context-enabling flourishes the quality of LBS

Location-based service becoming context-aware service [2] 10

Key Problem11

Users want to entertain LBS without revealing their sensitive-information

Service providers must provide suitable privacy techniques concerning user current context

robust enough to protect users‘ information ensure service quality

Outline12

Location-based services: privacy concerns in dynamic-context environment

Privacy preserving based on an evaluating system The proposed framework Demo Conclusion

Motivation and Approach13

Motivation: offer the ability of privacy preserving and evaluating to service providers

Context-using LBSs raise difficulties in evaluating privacy algorithm, because: Different services require different

techniques Choice of algorithms varies according to

user’s current context

Motivation and Approach (cont.)14

Approach: employ existing privacy

preserving algorithms evaluate privacy results modify the outputs (if

necessary)

Privacy Algorithm

Result

Evaluating

Refining

Output

Privacy algorithms [3, 4]15

Location obfuscation ie. Location pertubation

Privacy algorithms (cont.)16

Location k-anonymity

10-anonymity

Attack and Defense Models [5, 6]17

Attack models categorized on adversary background-knowledge Attack exploting Quasi-Indentifiers Snapshot or Historical attack Single or Multiple-Issuer Attack Attack exploiting Knowledge of the Defense

Value the defense by metric: Snapshot, single-issuer, def-aware attack:

Reciprocity Historical, single-issuer attack:

memorization (i.e. historical k-anonymity) Mutiple issuers attack:

m-invariance

Related systems (1/4)18

An index-based privacy-preserving service-trigger by Y. Lee, O. Kwon [7]

Related systems (2/4)19

An index-based privacy preserving service trigger by Y. Lee, O. Kwon [7]

Advantage Easy implementation & good performance

Disadvantages Data mostly based on user feeling Static context, lack of context managent method

Related systems (3/4)20

CARE Middleware [8]

Related systems (4/4)21

CARE Middleware [8]

Advantages Manage context effeciently and dynamically Results can be used directly for privacy

algorithms Scalability

Disadvantages No mechanism to evaluate privacy techniques

Outline22

Location-based services: privacy concerns in dynamic-context environment

Privacy preserving based on an evaluating system The proposed framework Demo Conclusion

Architecture overview23

The proposed framework24

Context Aggregation25

Context data collected from Profile Managers automatically and up to date.

Capable of solving conflicts between policies of user, service provider and context provider.

Case-based calculation26

Checking reciprocity property

Ontology Reasoner27

Checking memorization and m-invariance properties Connect to Profile Managers & retrieve relevant data

Outline28

Location-based services: privacy concerns in dynamic-context environment

Privacy preserving based on an evaluating system The proposed framework Demo Conclusion

Demo29

Outline30

Location-based services: privacy concerns in dynamic-context environment

Privacy preserving based on an evaluating system The proposed framework Demo Conclusion

Conclusion31

Modern privacy techniques need to concern context information

A novel framework proposed to address user’s privacy in dynamic context

32

Thank you!!

References33

[1] F.M. Mohamed - Privacy in Location-based Services: State-of-the-art and Research Directions, MDM (2007).

[2] A. Kupper - Location-Based Services - Fundamentals and Operation, Wiley, 2005 [3] Preserving Anonymity in Location based Services, Technical Report B6/06 (2006). [4] C.A. Ardagna, M. Cremonini, E. Damiani, S.D.C. Vimercati, and P. Samarati -

Location-Privacy Protection through Obfuscation-based Techniques, Springer 4602 (2007) 531-552.

[5] C. Bettini, S. Mascetti, X. S. Wang, D. Freni, and S. Jajodia - Anonymity and Historical-Anonymity in Location-Based Services, Springer 5599 (2009) 1-30.

[6] R. Dewri, I. Ray, I. Ray, and D. Whitley - Query m-Invariance: Preventing Query Disclosures in Continuous Location-Based Services, MDM (2010) 95-104.

[7] Y. Lee and O. Kwon - An Index-based Privacy Preserving Service Trigger in Context-Aware Computing Environments, Expert Systems with Apps. 37(7) (2010) 5192–5200.

[8] C. Bettini, L. Pareschi, and D. Riboni - Efficient Profile Aggregation and Policy Evaluation in a Middleware for Adaptive Mobile Applications, Pervasive and Mobile Computing 4(5) (2008) 697–718.