Download - A Unified Framework for Location Privacy
![Page 1: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/1.jpg)
A Unified Framework for Location Privacy
Reza……..ShokriJulien.....FreudigerJean-Pierre....Hubaux
http://lca.epfl.ch/privacy
![Page 2: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/2.jpg)
2
Exposing Location Information
![Page 3: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/3.jpg)
3
Location Privacy
“… a special type of information privacy which concerns the claim of individuals to determine for themselves when, how, and to what extent location information about them is communicated to others.”
Duckham, M. and L. Kulik, Location privacy and location-aware computing, 2006.
![Page 4: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/4.jpg)
4
Research on Location PrivacyAchievements So Far
• Attracted researchers from various disciplines– Database, Network Anonymity, Ubiquitous
Computing, Cryptography• Variety of protection mechanisms proposed
– Highly influenced by methods that are not tailored for location privacy (e.g., K-anonymity)
• Different terminologies and models make the proposed methods difficult to compare
![Page 5: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/5.jpg)
5
A Unified Framework
• Organizing and classifying location privacy fundamental components
• Providing a generic model and terminology
• Modeling and understanding existing efforts• Identifying missing elements• Designing new schemes
![Page 6: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/6.jpg)
6
Components of the Framework
• Basic elements– Spatial Model– Events and Traces
• Threat Model
• Protection Mechanisms
• Measurement
![Page 7: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/7.jpg)
7
Basic Elements
![Page 8: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/8.jpg)
8
Spatial ModelLayer I - location instances e.g., <latitude, longitude>
Layer II - location sites e.g., hospital A at 45th St.
Layer III - location types e.g., bar, hospital
![Page 9: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/9.jpg)
9
Events and TracesEvents
<who, when, where>
- Who: identifier- When: time-stamp- Where: location-stamp
Trace- Set of events
![Page 10: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/10.jpg)
10
Threat Model
![Page 11: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/11.jpg)
11
Threat Model
LBS Operator
Eavesdroppers
Adversary is an observer of users’ events
![Page 12: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/12.jpg)
12
Adversary Statistical InformationStatistical information about users’ actual events.
e.g., users’ spatiotemporal distribution and mobility pattern
![Page 13: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/13.jpg)
13
Adversary Knowledge
• Real-time location information– A set of events (observed by the adversary)
• Statistical information– Users’ population– Users’ mobility pattern– Users’ spatiotemporal distribution– …
![Page 14: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/14.jpg)
14
?
AttacksTargeting individuals or communities
Tracking Identification
Bob’s Home
Bob’s Workplace
![Page 15: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/15.jpg)
15
Consequences Presence Disclosure
– Layer I: Finding mobility traces/patterns
– Layer II: Disclosing visits to some places
– Layer III: Profiling the type of visited locations• Personal activities => My Hobbies/Interests
• Professional activities => Where I Work
• Social activities => My Social Network
![Page 16: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/16.jpg)
16
Absence Disclosure
Consequences
![Page 17: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/17.jpg)
17
Protection
![Page 18: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/18.jpg)
18
Location Privacy Preservation
Actual Events
Obs
erva
tion
Observable Events
Modifying the set of events before they are
observable to the adversary
![Page 19: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/19.jpg)
19
Location Privacy Preservation
Actual Events
Use
rs
Appl
icati
ons
Priv
acy
Tool
s
MethodsEntities
Observable Events
![Page 20: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/20.jpg)
20
Location Privacy Preservation
Actual Events
Hiding Events
Use
rs
Appl
icati
ons
Priv
acy
Tool
s
MethodsEntities
Observable Events
![Page 21: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/21.jpg)
21
Location Privacy Preservation
Actual Events
Hiding Events
Adding Dummy EventsU
sers
Appl
icati
ons
Priv
acy
Tool
s
MethodsEntities
Observable Events
![Page 22: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/22.jpg)
22
Location Privacy Preservation
Actual Events
Obfuscation
Hiding Events
Adding Dummy EventsU
sers
Appl
icati
ons
Priv
acy
Tool
s
MethodsEntities
Observable Events
![Page 23: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/23.jpg)
23
Location Privacy Preservation
Actual Events
Obfuscation
Hiding Events
Adding Dummy EventsU
sers
Appl
icati
ons
Priv
acy
Tool
s
MethodsEntities
Observable EventsAnonymization
![Page 24: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/24.jpg)
24
Measurement
![Page 25: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/25.jpg)
25
Location Privacy Measurement
• Notions of location privacy in two different scales:
• Microscopic Location Privacy– How far is the adversary’s estimation of a user’s location
by having a single event observed from the user?
• Macroscopic Location Privacy– How far is the adversary’s estimation of a user’s location
by observing a set of events from the users?
![Page 26: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/26.jpg)
26
Microscopic Location Privacy with respect to a single observed event
<ID: abc, Location-stamp: Midtown Center Manhattan, Time-stamp: 1pm>
who is abc? Alice, Bob, …?
where is abc?
?
![Page 27: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/27.jpg)
27
Macroscopic Location Privacy with respect to a set of observed events
what are the trajectories?
whom the trajectories belong to?
Bob’s House
Alice’s House
Eve’s House
![Page 28: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/28.jpg)
28
Location Privacy Metrics
• Uncertainty-based Metrics
• K-anonymity, l-diversity, …
• Clustering-based Metrics
• Distortion-based Metrics
![Page 29: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/29.jpg)
29
Distortion-based Metric
Darkness: the probability that a user is there. The darker, the more probable.
User’s actual locationHypothesized locations for the user
Obfuscated Area
Location Privacy=
Distortion in the user’s reconstructed location
by the adversary
Sumi (pi*di)
![Page 30: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/30.jpg)
30
Location Privacy Measurement
• Existing schemes only focus on measuring location privacy in 1st layer of the spatial model
• What about other layers?
![Page 31: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/31.jpg)
31
Location Privacy Measurement
Diversity matters
Layer II – Location Sites
Distance (to user’s location) matters
Suggestion: Distortion-based Metric
![Page 32: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/32.jpg)
32
Location Privacy Measurement
bar
bar
bar
casino
Layer III – Location Types
Suggestion: Uncertainty-based or Distortion-based Metric
![Page 33: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/33.jpg)
33
Conclusion
![Page 34: A Unified Framework for Location Privacy](https://reader035.vdocument.in/reader035/viewer/2022062221/568143d2550346895db05e67/html5/thumbnails/34.jpg)
34
Conclusion
• Proposed a unified framework for location privacy– Helps to design, understand and compare location
privacy schemes
• Embedded existing schemes in our framework