Abstract
This work studies the location-privacy preserving location update in the context of data-centric people mobility applications. The mobility model involves an urban area annotated city network (ACN) over which the users move and record/report their locations at non-regular intervals. The ACN is modeled as a directed weighted graph. Since the data receiver (e.g., an LBS provider) is curious in our privacy model, the users share their locations after anonymization which requires k-member partitioning of the ACN. Our framework, in the offline stage, requires a prototype vertex selection for each of the partitions. To this end, we develop a heuristic to obtain more representative prototype vertices. The temporal dimension of the location anonymity is achieved by two notions of the anonymity models, called weak location k-anonymity (to provide snapshot location anonymity) and strong location k-anonymity (to provide historical location anonymity). The attack scenario models the belief of the attacker (the LBS provider) on the whereabouts of the users at each location update. In the online stage, our algorithms make anonymity violation tests at every location update request and selectively block the anonymity violating ones. The online stage algorithms providing weak/strong location k-anonymity are shown to run in constant time per location update. An extensive experimental evaluation, mainly addressing the issue of privacy/utility trade-off, on three real ACNs with a simulated mobility is presented.
Similar content being viewed by others
References
Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the 1st international conference on mobile systems, applications and services. ACM Press
Yigitoglu E, Damiani ML, Abul O, Silvestri C (2012) Privacy-preserving sharing of sensitive semantic locations under road-network constraints. In: Proceedings of the IEEE mobile data management (MDM 2012)
Ghinita G, Damiani ML, Silvestri C, Bertino E (2009) Preventing velocity-based linkage attacks in location-aware applications. In: Proceedings of the 17th ACM GIS
Bonchi F, Saygin Y, Verykios VS, Atzori M, Gkoulalas-Divanis A, Kaya SV, Savaş E (2008) Privacy in spatiotemporal data mining, Berlin, Heidelberg, pp 297–333
Osman A, Francesco B, Mirco N (2010) Anonymization of moving objects databases by clustering and perturbation. Inf Syst 35(8):884–910
Ardagna CA, Cremonini M, Damiani E, di Vimercati SDC, Samarati P (2007) Location privacy protection through obfuscation-based techniques. In: 21st annual IFIP WG 11.3 working conference on data and applications security, July 2007
O’Leary DE (1991) Knowledge discovery as a threat to database security. In: Piatetsky-Shapiro G, Frawley WJ (eds) Knowledge discovery in databases, AAAI/MIT Press, pp 507–516
Agrawal R, Srikant R (2000) Privacy-preserving data mining. In: Proceedings of the 2000 ACM SIGMOD international conference on management of data, SIGMOD ’00, New York, NY, USA, 2000. ACM, pp 439–450
Atallah M, Bertino E, Elmagarmid A, Ibrahim M, Verykios VS (1999) Disclosure limitation of sensitive rules. In: Proceedings of the 1999 IEEE knowledge and data engineering exchange workshop (KDEX’99), pp 45–52
Abul O, Bonchi F, Giannotti F (2010) Hiding sequential and spatiotemporal patterns. IEEE Trans Knowl Data Eng 22(12):1709–1723
Zhang H, Wu C, Chen Z, Liu Z, Zhu Y (2017) A novel on-line spatial-temporal k-anonymity method for location privacy protection from sequence rules-based inference attacks. PLOS ONE 12(8):1–32
Nergiz ME, Atzori M, Saygin Y, Güç B (2009) Towards trajectory anonymization: a generalization-based approach. Trans Data Privacy 2(1):47–75
Terrovitis M, Mamoulis N (2008) Privacy preservation in the publication of trajectories. In: The Ninth international conference on mobile data management (mdm 2008), pp 65–72
Yarovoy R, Bonchi F, Lakshmanan LV, Wang WH (2009) Anonymizing moving objects: how to hide a mob in a crowd? In: Proceedings of the 12th international conference on extending database technology: advances in database technology, EDBT ’09, New York, NY, USA, 2009. ACM, pp 72–83
Samarati P, Sweeney L (1998) Generalizing data to provide anonymity when disclosing information. In: PODS, vol 98, p 188
Gedik B, Liu L (2005) Location privacy in mobile systems: a personalized anonymization model. In: Proceedings of the 25th IEEE international conference on distributed computing systems (ICDCS’05), pp 620–629
Bettini C, Wang XS, Jajodia S (2005) Protecting privacy against location-based personal identification. In: Jonker W, Petković M (eds) Secure data management, Berlin, Heidelberg, pp 185–199
Beresford AR, Stajano F (2004) Mix zones: user privacy in location-aware services. In: IEEE Annual conference on pervasive computing and communications workshops, 2004. Proceedings of the Second, pp 127–131
Machanavajjhala A, Gehrke J, Kifer D, Venkitasubramaniam M (2006) \(l\)-diversity: privacy beyond \(k\)-anonymity. In: Proceedings of the 22nd international conference on data engineering (ICDE’06)
Xue M, Kalnis P, Pung HK (2009) Location diversity: enhanced privacy protection in location based services. In: Proceedings of the 4th international symposium on location and context awareness (LoCA)
Liu F, Hua KA, Cai Y (2009) Query l-diversity in location-based services. In: 2009 Tenth international conference on mobile data management: systems, services and middleware, pp 436–442
Leon S, Philip Yu (2012) Mobile systems privacy: mobipriv a robust system for snapshot or continuous querying location based mobile systems. Trans Data Privacy 5(333–376):04
Angmo R, Mangat V, Aggarwal N (2019) Preserving user location privacy in era of location-based services: challenges, techniques and framework. In: Rama Krishna C , Maitreyee D, Rakesh K (ed) In: Proceedings of 2nd international conference on communication, computing and networking, pp 43–52, Singapore
Kido H, Yanagisawa Y, Satoh T (2005) Protection of location privacy using dummies for location-based services. In: Proceedings of 21st international conference on data engineering workshops (ICDEW ’05)
Damiani ML, Bertino E, Silvestri C (2010) The PROBE framework for the personalized cloaking of private locations. Trans Data Privacy 3(2):123–148
Chow C, Mokbel MF, Aref WG (2009) Casper*: query processing for location services without compromising privacy. ACM Trans Database Syst, (34)4
Chow C-Y, Mokbel MF (2011) Trajectory privacy in location-based services and data publication. SIGKDD Explor 13(1):19–29
Ghinita G, Damiani ML, Silvestri C, Bertino E ( 2016) Protecting against velocity-based, proximity-based, and external event attacks in location-centric social networks. ACM Trans Spatial Algorith Syst, 2(2)
Silvestri C, Yigitoglu E, Damiani ML, Abul O (2012) SAWLnet: sensitivity aware location cloaking on road-NETworks. In: Proceedings of IEEE mobile data management (MDM 2012)
Lee B, Oh J, Yu H, Kim J (2011) Protecting location privacy using location semantics. In: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Gruteser M, Liu X (2004) Protecting privacy in continuous location tracking applications. IEEE Secur Priv 2(2):28–31
Sergio M, Claudio B, Dario F (2009) Longitude: centralized privacy-preserving computation of users’ proximity. In: Jonker W, Petković M (ed) Secure data management, Berlin, Heidelberg, pp 142–157
Ruppel P, Treu G, Kupper A, Linnhoff-Popien C (2006) Anonymous user tracking for location-based community services. In: Hazas M, Krumm J, Strang T (eds) Location and context awareness, Berlin, Heidelberg, pp 116–133
Ghinita G, Kalnis P, Khoshgozaran A, Shahabi C, Tan K-L (2008) Private queries in location based services: anonymizers are not necessary. In: SIGMOD ’08, New York, NY, USA, 2008. ACM, pp 121–132
Siksnys L, Thomsen JR, Saltenis S, Yiu ML, Andersen O (2009) A location privacy aware friend locator. In: Mamoulis N, Seidl T, Pedersen TB, Torp K, Assent I (eds) Advances in spatial and temporal databases, Berlin, Heidelberg, pp 405–410
Jung T, Li X (2012) Search me if you can: privacy-preserving location query service. In: Proceedings IEEE INFOCOM
Puttaswamy KPN, Wang S, Steinbauer T, Agrawal D, Abbadi AE, Kruegel C, Zhao BY (2014) Preserving location privacy in geosocial applications. IEEE Trans Mob Comput 13(1):159–173
Faisal A-K, Cristina B, Katrin C, Henning F (2016) Building clusters with lower-bounded sizes. In: Hong S-H (ed) In: 27th International symposium on algorithms and computation (ISAAC 2016), vol 64, pp 4:1–4:13
OpenStreetMap contributors (2017) Planet dump retrieved from https://www.openstreetmap.org
George K, Vipin K (1998) A fast and high quality multilevel scheme for partitioning irregular graphs. SIAM J Sci Comput 20(1):359–392
Acknowledgements
This work has been supported by TUBITAK under the Grant Number 118E712.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Abul, O., Bitirgen, O.B. Anonymous location sharing in urban area mobility. Knowl Inf Syst 63, 1849–1871 (2021). https://doi.org/10.1007/s10115-021-01566-4
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10115-021-01566-4