Skip to main content

Privacy preserving and transactional advertising for mobile services


The many sensors embedded in phones nowadays provide advanced sensing capabilities that make it possible to capture real-time information about the user and his surroundings. There are already examples of apps/services that use this information to provide highly useful and contextual advertisements to the users. However, users are still reluctant to share their personal data with advertisers due to their privacy implications (if misused). In this work, we provide protocols that allow users to store their sensor data on third party (untrusted) cloud servers. The data is stored in encrypted form, hence protected from the cloud provider. The advertisements are also stored on the server. They are customized to potential users. The server selects the advertisements appropriate to the users, based on their sensor values, and forwards them to the users. We consider two cases: (i) appropriate advertisements are sent to individual users automatically; and (ii) advertisements are sent to groups of users after getting permission from the group members. In both cases, the concurrency control protocols performed by the cloud provider ensure that the data and advertisements are ‘fresh and consistent’. This is to avoid situations where served advertisements are not in sync with the user’s current context or the advertisements have already expired. The above is achieved by integrating transactional and cryptographic primitives, such as atomic uploads, optimistic concurrency control, searchable encryption and homomorphic encryption. Finally, experimental results are given to illustrate the practical feasibility and scalability of the proposed protocols.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7


  1. EU art. 29 Working Party Opinion WP 187.






  1. Biswas D, Vidyasankar K (2012) Privacy preserving profiling for mobile services. In: Proceedings of the international conference on mobile web information systems (MobiWIS), pp 569–576

  2. Weikum G, Vossen G (2011) Transactional information systems: theory, algorithms, and the practice of concurrency control and recovery. Morgan Kaufmann Publishers, Menlo Park

    Google Scholar 

  3. Vidyasankar K (2009) Serializability. Encyclopedia of database systems, pp 2626–2632. doi:10.1007/978-0-387-39940-9_344

  4. Vidyasankar K, Vossen G (2004) A multi-level model for web service composition. In: Proceedings of the IEEE international conference on web services (ICWS), pp 462–469

  5. Biswas D, Haller S, Kerschbaum F (2010) Privacy-preserving outsourced profiling. In: Proceedings of the IEEE international conference on E-commerce technology (CEC), pp 136–143

  6. Camenisch J, Kohlweiss M, Rial A, Sheedy C (2009) Blind and anonymous identity-based encryption and authorised private searches on public key encrypted data. In: Proceedings of the international conference on practice and theory in public key cryptography (PKC), pp 196–214

  7. Pallier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of the international conference on the theory and application of cryptographic techniques (EUROCRYPT), pp 223–228. doi:10.1007/3-540-48910-X_16

  8. Damgard I, Jurik M (2001) A Generalization, a simplification and some applications of Paillier’s probabilistic public-key system. In: Proceedings of the international conference on practice and theory in public key cryptography (PKC), pp 119–136

  9. Christin D, Reinhardt A, Kanhere SS, Hollick M (2011) A survey on privacy in mobile participatory sensing applications. J Syst Softw 84(11):1928–1946. doi:10.1016/j.jss.2011.06.073

    Article  Google Scholar 

  10. Afek Y, Attiya H, Dolev D, Gafni E, Merritt M, Shavit N (1993) Atomic snapshots of shared memory. J ACM 40(4):873–890

    Article  MATH  Google Scholar 

  11. Biswas D, Vidyasankar K (2005) Spheres of visibility. In: Proceedings of the IEEE European conference on web services (ECOWS), pp 2–13

  12. Kossmann D, Kraska T, Loesing S (2010) An evaluation of alternative architectures for transaction processing in the cloud. In: Proceedings of the ACM international conference on management of data (SIGMOD), pp 579–590

  13. Williams P, Sion R, Shasha D (2009) The blind stone tablet: outsourcing durability to untrusted parties. In: Proceedings of the network and distributed system security symposium (NDSS)

  14. Tan CC, Liu Q, Wu J (2011) Secure locking for untrusted clouds. In: Proceedings of the IEEE international conference on cloud computing (CLOUD), pp 131–138

  15. Toubiana V, Narayanan A, Boneh D, Nissenbaum H, Barocas S (2010) Adnostic: privacy preserving targeted advertising. In: Proceedings of the network and distributed system security symposium (NDSS)

  16. Guha S, Reznichenko A, Tang K, Haddadi H, Francis P (2009) Serving Ads from localhost for performance, privacy, and profit. In: Proceedings of the hot topics in networking (HotNets)

Download references


We would like to thank the anonymous MobiWIS 2012 and Computing journal referees for their helpful suggestions that helped to improve the work in this paper considerably. K. Vidyasankar’s work is supported in part by the Natural Sciences and Engineering Research Council of Canada Discovery Grant 3182.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Debmalya Biswas.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Biswas, D., Vidyasankar, K. Privacy preserving and transactional advertising for mobile services. Computing 96, 613–630 (2014).

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI:


  • Mobile services
  • Privacy preserving profiling
  • Distributed transactions
  • Searchable encryption
  • Homomorphic encryption

Mathematics Subject Classification

  • 68P25 Data encryption
  • 68W20 Distributed algorithms
  • 68M14 Distributed systems