Journal of Computer Science and Technology

, Volume 29, Issue 6, pp 1094–1110 | Cite as

Complete Bipartite Anonymity for Location Privacy

Regular Paper


Users are vulnerable to privacy risks when providing their location information to location-based services (LBS). Existing work sacrifices the quality of LBS by degrading spatial and temporal accuracy for ensuring user privacy. In this paper, we propose a novel approach, Complete Bipartite Anonymity (CBA), aiming to achieve both user privacy and quality of service. The theoretical basis of CBA is that: if the bipartite graph of k nearby users’ paths can be transformed into a complete bipartite graph, then these users achieve k-anonymity since the set of “end points connecting to a specific start point in a graph” is an equivalence class. To achieve CBA, we design a Collaborative Path Confusion (CPC) protocol which enables nearby users to discover and authenticate each other without knowing their real identities or accurate locations, predict the encounter location using users’ moving pattern information, and generate fake traces obfuscating the real ones. We evaluate CBA using a real-world dataset, and compare its privacy performance with existing path confusion approach. The results show that CBA enhances location privacy by increasing the chance for a user confusing his/her path with others by 4 to 16 times in low user density areas. We also demonstrate that CBA is secure under the trace identification attack.


location privacy k-anonymity path confusion query obfuscation complete bipartite anonymity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Supplementary material

11390_2014_1493_MOESM1_ESM.pdf (82 kb)
ESM 1(PDF 82 kb)


  1. [1]
    Gruteser M, Grunwald D. Anonymous usage of location-based services through spatial and temporal cloaking. In Proc. the 1st International Conference on Mobile Systems, Applications and Services (MobiSys 2003), May 2003, pp.31–42.Google Scholar
  2. [2]
    Gedik B, Liu L. Location privacy in mobile systems: A personalized anonymization model. In Proc. the 25th International Conference on Distributed Computing Systems (ICDCS 2005), June 2005, pp.620–629.Google Scholar
  3. [3]
    Mokbel M, Chow C, Aref W. The new Casper: Query processing for location services without compromising privacy. In Proc. the 32nd International Conference on Very Large Data Bases (VLDB 2006), Sept. 2006, pp.763–774.Google Scholar
  4. [4]
    Kalnis P, Ghinita G, Mouratidis K, Papadias D. Preventing location-based identity inference in anonymous spatial queries. IEEE Transactions on Knowledge and Data Engineering (TKDE), 2007, 19(12): 1719–1733.Google Scholar
  5. [5]
    Beresford A, Stajano F. Location privacy in pervasive computing. IEEE Pervasive Computing, 2003, 2(1): 46–55.CrossRefGoogle Scholar
  6. [6]
    Hoh B, Gruteser M. Protecting location privacy through path confusion. In Proc. the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM 2005), September 2005, pp.194–205.Google Scholar
  7. [7]
    Hoh B, Gruteser M, Xiong H, Alrabady A. Preserving privacy in GPS traces via uncertainty-aware path cloaking. In Proc. the 14th International Conference on Computer and Communications Security (CCS 2007), October 29-November 2, 2007, pp.161–171.Google Scholar
  8. [8]
    Palanisamy B, Liu L. MobiMix: Protecting location privacy with mix-zones over road networks. In Proc. the 27th International Conference on Data Engineering (ICDE 2011), April 2011, pp.494–505.Google Scholar
  9. [9]
    Zheng Y, Chen Y, Xie X, Ma W. Geolife2.0: A location-basedsocial networking service. In Proc. the 10th International Conference on Mobile Data Management: Systems, Services and Middleware (MDM 2009), May 2009, pp.357–358.Google Scholar
  10. [10]
    Dong K, Gu T, Tao X, Lu J. Complete bipartite anonymity: Confusing anonymous mobility traces for location privacy. In Proc. the 18th International Conference on Parallel and Distributed Systems (ICPADS 2012), December 2012, pp.205–212.Google Scholar
  11. [11]
    Peddinti S, Saxena N. On the limitations of query obfuscation techniques for location privacy. In Proc. the 13th International Conference on Ubiquitous Computing (UbiComp 2011), September 2011, pp.187-196.Google Scholar
  12. [12]
    Machanavajjhala A, Gehrke J, Götz M. Data publishing against realistic adversaries. Proc. the VLDB Endowment, 2009, 2(1): 790–801.Google Scholar
  13. [13]
    Goldschlag D, Reed M, Syverson P. Onion routing. Communications of the ACM, 1999, 42(2): 39–41.CrossRefGoogle Scholar
  14. [14]
    Meyerowitz J, Choudhury R. Hiding stars with firreworks: Location privacy through camouflage. In Proc. the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009), September 2009, pp.345–356.Google Scholar
  15. [15]
    Sweeney L. k-anonymity: A model for protecting privacy. International Journal of Uncertainty Fuzziness and Knowledge-Based Systems, 2002, 10(5): 557–570.CrossRefMATHMathSciNetGoogle Scholar
  16. [16]
    Sweeney L. Achieving k-anonymity privacy protection using generalization and suppression. International Journal of Uncertainty Fuzziness and Knowledge-Based Systems, 2002, 10(5): 571–588.CrossRefMATHMathSciNetGoogle Scholar
  17. [17]
    Hashem T, Kulik L. “Don't trust anyone”: Privacy protection for location-based services. Pervasive and Mobile Computing, 2011, 7(1): 44–59.Google Scholar
  18. [18]
    Shokri R, Papadimitratos P, Theodorakopoulos G, Hubaux J. Collaborative location privacy. In Proc. the 8th International Conference on Mobile Adhoc and Sensor Systems (MASS 2011), Oct. 2011, pp.500–509.Google Scholar
  19. [19]
    Christin D, Guillemet J, Reinhardt A, Hollick M, Kanhere S. Privacy-preserving collaborative path hiding for participatory sensing applications. In Proc. the 8th International Conference on Mobile Adhoc and Sensor Systems (MASS 2011), Oct. 2011, pp.341–350.Google Scholar
  20. [20]
    Kido H, Yanagisawa Y, Satoh T. An anonymous communication technique using dummies for location-based services. In Proc. the 3rd International Conference on Pervasive Services (ICPS 2005), July 2005, pp.88–97.Google Scholar
  21. [21]
    Krumm J. Realistic driving trips for location privacy. In Proc. the 7th International Conference on Pervasive Computing, March 2009, pp.25–41.Google Scholar
  22. [22]
    Shankar P, Ganapathy V, Iftode L. Privately querying location-based services with SybilQuery. In Proc. the 11th International Conference on Ubiquitous Computing (UbiComp 2009), September 30-October 3, 2009, pp.31-40.Google Scholar
  23. [23]
    Piorkowski M, Sarafijanovoc-Djukic N, Grossglauser M. A parsimonious model of mobile partitioned networks with clustering. In Proc. the 1st International Conference on Communication Systems and Networks (COMSNETS 2009), Jan. 2009, pp.1–10.Google Scholar
  24. [24]
    Bindschaedler L, Jadliwala M, Bilogrevic I, Aad I, Ginzboorg P, Niemi V, Hubaux JP. Track me if you can: On the effectiveness of context-based identifier changes in deployed mobile networks. In Proc. the 19th Network and Distributed System Security Symposium (NDSS 2012), February 2012.Google Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  1. 1.State Key Laboratory for Novel Software TechnologyNanjing UniversityNanjingChina
  2. 2.Institute of Computer SoftwareNanjing UniversityNanjingChina
  3. 3.School of Computer Science and Information TechnologyRMIT UniversityMelbourneAustralia

Personalised recommendations