1

Privacy Protected Query Processing Privacy Protected Query Processing Privacy Protected Query Processing on Spatial Networkson Spatial Networkson Spatial Networks

Wei-Shinn KuRoger ZimmermannWen-Chih PengSushama Shroff

Third International Workshop on PrivacyData ManagementApril 16, 2007

Presentation Outline

IntroductionRelated WorkSystem ArchitecturePrivacy Protected Query AlgorithmsSimulation ResultsFuture Research Directions

2

Introduction

Spatial QueriesNearest neighbor queries Window queriesSpatial join queries

Mobile ComputingPDAsCell and Smart phonesLaptops

• The global sales volume of GPS devices, laptops, and PDAs werearound 18 mil, 65 mil, and 7.5 mil respectively in 2006.

IDC Research http://www.idc.com/home.jhtml

Motivation

The proliferation of mobile devicesPDAs, cell phones, laptops, etc.

The popularity of positioning devicesGPS, GLONASS, GALILEO, etc.

Privacy threat from accessing Location-Based Services

e.g., “Find my closest bank”How to protect mobile users’ identities?

3

Contributions

We propose a novel algorithm for solving privacy protected nearest neighbor queries on spatial networks.

We extend our nearest neighbor query solution to answer range queries with protection of privacy.

We demonstrate the feasibility and efficiency of our approach through extensive simulations.

Presentation Outline

IntroductionRelated WorkSystem ArchitecturePrivacy Protected Query AlgorithmsSimulation ResultsFuture Research Directions

4

Spatial Queries - NNSpatial network nearest neighbor algorithm –Incremental Network Expansion [Papadias et al. 2003]

K-Anonymity

The mechanism to blur the identities of K users [Swe02].One trusted server (i.e., the location cloaker) is needed to cloak K users’ locations for protecting user privacy.

5

Presentation Outline

IntroductionRelated WorkSystem ArchitecturePrivacy Protected Query AlgorithmsSimulation ResultFuture Research Directions

System Architecture

6

System Architecture (Cont.)

Access PointPDAs, cell phones, laptops, etc.

Location-based Service Providerse.g., “Find my nearest gas station” - users have to reveal their identity.

Location CloakerA trusted server which implements K-Anonymity mechanisms and manages the location of users.User privacy policies – K-anonymous and the minimum cloaked region size.Need new query processing algorithms.

Presentation Outline

IntroductionRelated WorkSystem ArchitecturePrivacy Protected Query AlgorithmsSimulation ResultsFuture Research Directions

7

Privacy Protected Nearest Neighbor Query - Preprocessing

Privacy Protected Nearest Neighbor Query (k = 1)

8

Privacy Protected Range Query

Presentation Outline

IntroductionRelated WorkSystem ArchitecturePrivacy Protected Query AlgorithmsSimulation ResultsFuture Research Directions

9

Simulation Parameter Sets

Simulation - Cloaked Region Size

10

Simulation – Number of POI

Simulation – Real World Parameters

11

Presentation Outline

IntroductionRelated WorkSystem ArchitecturePrivacy Protected Query AlgorithmsSimulation ResultsFuture Research Directions

Future Research Directions

Cache management techniques for the location cloaker.Cloaking by road segments.Solution set size reduction.

12

Questions & suggestions