Elsevier

Future Generation Computer Systems

Volume 74, September 2017, Pages 375-384
Future Generation Computer Systems

L2P2: A location-label based approach for privacy preserving in LBS

https://doi.org/10.1016/j.future.2016.08.023Get rights and content

Highlights

  • We design an efficient framework for protecting the users’ privacy.

  • We propose a location-label based approach for privacy preservation.

  • We design three protocols for improving the response time and privacy level.

  • We validate and evaluate our approach by conducting extensive simulations.

Abstract

The developments in positioning and mobile communication technology have made the location-based service (LBS) applications more and more popular. For privacy reasons and due to lack of trust in the LBS providers, k-anonymity and l-diversity techniques have been widely used to preserve privacy of users in distributed LBS architectures in Internet of Things (IoT). However, in reality, there are scenarios where the locations of users are identical or similar/near each other in IoT. In such scenarios the k locations selected by k-anonymity technique are the same and location privacy can be easily compromised or leaked. To address the issue of privacy preservation, in this paper, we introduce the location labels to distinguish locations of mobile users to sensitive and ordinary locations. We design a location-label based (LLB) algorithm for protecting location privacy of users while minimizing the response time for LBS requests. We also evaluate the performance and validate the correctness of the proposed algorithm through extensive simulations.

Introduction

Internet of Things (IoT) has become popular and pervasive in our day-to-day life. Since more devices and people can be connected to each other, substantial development can lead to the emerging smart cities and big data applications. With an increasing adoption in IoT, privacy preservation has become a major challenge  [1], [2], since locations and actions of each user in IoT services can be tracked and even monitored. Due to the developments of mobile communication and positioning technologies, applications of location-based services (LBS)  [3], [4] have been expanded rapidly and more people make use of these services. As we know, LBS application system in IoT has been involved in various fields, such as transportation, medical treatment, travel, social networking, and entertainment. Furthermore, the mobile communication technology is developing at a very high speed. For example, when the 2G era has quietly left us and the 3G networks have not yet fully popularized the mass, the new and fast 4G network has entered the lives of most people. And the life of people totally depends on the rapid development of the Internet. In the environment of a wireless communication network (e.g. WiFi, 3G, 4G), the users can easily request the LBS services with handheld terminals (e.g. Tablet or Smart Phone)  [5].

After receiving a LBS request, the LBS provider (LP) responds to the request according to the user location information and the requested content. For example, a user submits the request “where is the nearest supermarket”. Then the LP returned the address of the nearest supermarket and other relevant information to the user. The typical LBS system model  [6] is shown in Fig. 1.

Although users enjoy the conveniences of the services provided by the LBS providers in IoT, there is a potential security risk of losing their privacy  [7], [8]. For example, the privacy of location or trajectory may be leaked to other parties  [9], [10], [11]. Then they are vulnerable to be exploited by the malicious attacker, so as to damage the vital interests of the users. For example, if the malicious attackers have known users’ location privacy and other privacies, they can easily get to know more comprehensive information with some analysis. Then they can defraud the property of the users through the Internet or telecom fraud. And furthermore people increasingly focuses on their own privacy security problems. Therefore, the problem of privacy protection in LBS in Internet of things needs to be solved.

There are many solutions (e.g. encryption  [12], Anonymity  [13]) have been proposed to protect users’ personal privacy. In the existing research, the authors studied the problem of protecting users’ location privacy under the scenario of single LBS query and the users located at different locations. The k-anonymity  [14] and the pseudo-ID technique  [15] are effective techniques to protect user location privacy in single LBS query. The authors in  [16], [17], [18] also provided solutions to solve the problem of privacy preservation by using k-anonymity. In this way, before sending a query to the LP, the user merges other k1 user queries and then submits the mixed query to the LP. However, the LP can easily get the requested contents of users when the requested contents of the k users are similar to each other. Using data analysis and data mining, the LP can infer more information about users, such as common interests and hobbies. To combat this deficiency, researchers introduced the concept of l-diversity  [19] to protect the requested contents or preference privacy  [20]. In these method, all LBS queries can be classified into different categories (e.g., medical, traffic, entertainment, etc.) according to the requested contents. The privacy preserving framework for local-area mobile social networks (PLAM)  [20] adopts k-anonymity and l-diversity to protect location and preference privacy of users. As shown in Fig. 2(a), there exists 6 users (i.e., k=6) who are distributed in different locations requesting 3 services (i.e.,   l=3). Then the LBS provider cannot link a specific service/location to a user. Thus, the PLAM method can protect the location and preference privacy when the users’ locations are different. However, consider the scenario in Fig. 2(b) where the k users have the same location and send requests together to the LP. Although the PLAM can protect the preference privacy of users with l-diversity technique, the LP can know that the k users are in the same location and the location privacy is leaked. Therefore, PLAM cannot protect location privacy when the users have the same locations, especially in some locations such as supermarket, school and hospital where the probability of selecting the same location with k-anonymity technology is very high.

Furthermore, in real applications, users may send requests continuously for a period of time and the users’ locations may be nearby with each other or even identical. Because of the correlation of various positions in continuous queries, it is more difficult to protect users’ privacies, especially the trajectory privacy. Thus, protecting the users’ privacies (e.g. location privacy, trajectory privacy, preference privacy) while the users’ locations are the same both in continuous and single request is an important issue left to address.

In this paper, we study the problem of privacy protection for users within the same locations both in single request and continuous request. We introduce the location label into our proposed algorithm for efficiently protecting the location privacy, preference privacy and trajectory privacy of users. The location label based algorithm is not only suitable for single request, but also applicable for continuous request. The main contributions of this paper are as follows.

  • We introduce the location label to classify all locations into sensitive locations and ordinary locations. Due to the dense population at sensitive locations, the locations selected by k-anonymity are much more identical than that of the scenario of ordinary locations.

  • Considering the locations of k users are nearby with each other or identical, we propose a location label based (LLB) algorithm for privacy preservation under the scenario where the locations of k users are nearby, similar or identical. For a single request, our proposed algorithm can protect the location privacy and preference privacy of users; and for a continuous request, it can be used to protect the trajectory privacy of users.

  • We propose three protocols including the request aggregation protocol, the pseudo-ID exchange protocol and the improved PLAM protocol in our proposed algorithm, which help in reducing the response time of the LBS system.

  • We evaluate the performance of our proposed LLB algorithm by conducting extensive simulations.

The remainder of this paper is organized as follows. Section  2 discusses the related work about the privacy preserving in the LBS system. Section  3 describes the basic concepts and definition used in our approach. Section  4 presents the motivation and system model. Section  5 introduces our location-label based framework and gives the detailed description of the LLB algorithm. The simulation results are given in Section  6. Section  7 concludes this paper.

Section snippets

Related work

There are several studies on location privacy preservation, which focus on the possibility of losing location privacy during the location process. These location techniques in a LBS system are able to derive users’ locations through anchor points  [21]. Since location algorithm takes anchor points as input and outputs users’ location, then the locations of anchors and users may be leaked to others. Thus in order to efficiently protect user location information during location process, the

Preliminaries

In this section, we give the basic concepts and definitions.

(1) Sensitive and ordinary locations: All locations can be statically classified into two categories: sensitive locations and ordinary locations. Sensitive locations (e.g., hospital, school or supermarket) have dense population and the ordinary locations (such as the locations on general roads) have sparse population.

Usually, there are some commonalities between sensitive locations: (i) the sensitive location is usually in a region

Motivation and system model

In this section, we give the detailed descriptions on the motivation, the researched problem and the system model designed for the studied problem.

Algorithm design

In this section, we first propose three protocols including request aggregation protocol, pseudo-ID exchange protocol and the improved Privacy-preserving framework for Local-Area Mobile social networks (PLAM) protocol. We then design the location label based (LLB) algorithm.

Simulation and results

For evaluating the effectiveness of our proposed location label based algorithm, we have conducted extensive simulations. In this section, we first describe the simulation environment, and then give the simulation results and analysis.

Conclusion and future work

In this paper we study the problem of privacy preservation for LBS users have same location in IoT. To protect the location privacy, preference privacy and trajectory privacy of users in a distributed structure of IoT LBS system, we proposed a location label based algorithm that includes three key protocols: the user requests aggregation protocol, the pseudo-ID exchange protocol and the improved PLAM protocol. We conduct extensive simulation experiments to evaluate the performance of our

Acknowledgments

This work was partially supported by the National Grand Fundamental Research 973 Program of China under Grant No. 2013CB329103, Natural Science Foundation of China ​Grant No. 61571098, China Postdoctoral Science Foundation (No. 2015M570778), Guangdong Science and Technology Project(2012B090400031, 2012B090500003, 2012B091000163).

Gang Sun is an associate professor at University of Electronic Science and Technology of China (UESTC). He received his Ph.D. degree in Communication and Information Engineering in 2012 from University of Electronic Science and Technology of China. His research interests are in the area of network security, datacenter networking and cloud computing.

References (33)

  • D. Chen, P. Zhang, C. Hu, et al. PAPERS: Private and precise range search for location based services, in: IEEE...
  • G. Zhuo, Q. Jia, L. Guo, et al. Privacy-preserving verifiable proximity test for location-based services, in; IEEE...
  • X. Chen, A. Mizera, J. Pang, Activity tracking: A new attack on location privacy, in: IEEE Conference on Communications...
  • R. Jiang et al.

    Achieving high performance and privacy-preserving query over encrypted multidimensional big metering data

    Future Gener. Comput. Syst.

    (2016)
  • S. Zhang et al.

    Anonymizing popularity in online social networks with full utility

    Future Gener. Comput. Syst.

    (2016)
  • D. Yang, X. Fang, G. Xue, Truthful incentive mechanisms for k-anonymity location privacy, in: IEEE INFOCOM, 2013, pp....
  • Cited by (81)

    • A process calculus for privacy-preserving protocols in location-based service systems

      2022, Journal of Logical and Algebraic Methods in Programming
      Citation Excerpt :

      For the scope of this paper we understand location privacy as “the data protection of all personal user data in the context of an LBS.” With the goal of assessing the requirements of a modeling language, we performed a literature survey with 55 papers [1,2,4,6,8–10,12,15,17,19–22,24–30,33,34,36–39,41–45,47,49–57,59,60,62–72] in the field of location privacy preserving mechanisms that propose algorithms or protocols to protect the location privacy of users in LBS. All papers have in common that they propose ways to break the link between the user identities and the locations: by modifying the locations, the identities, or the link itself.

    • Towards Yo-Yo attack mitigation in cloud auto-scaling mechanism

      2020, Digital Communications and Networks
      Citation Excerpt :

      Moreover, when the CPU of a server is lower than 40%, the server scales down (we set its state to 0), and a predefined number of instances will be shut down to terminate unnecessary virtual machines to save the operation cost. Security problems are crucial to every communication network environment [17–20], especially in the cloud computing. Several research works have enumerated security problems in the cloud computing environment [8,17,19].

    • PEAK: Privacy-Enhanced Incentive Mechanism for Distributed -Anonymity in LBS

      2024, IEEE Transactions on Knowledge and Data Engineering
    • Blockchain-Based Multi-factor K-Anonymity Group Location Privacy Protection Scheme

      2024, Communications in Computer and Information Science
    View all citing articles on Scopus

    Gang Sun is an associate professor at University of Electronic Science and Technology of China (UESTC). He received his Ph.D. degree in Communication and Information Engineering in 2012 from University of Electronic Science and Technology of China. His research interests are in the area of network security, datacenter networking and cloud computing.

    Dan Liao is a professor at University of Electronic Science and Technology of China (UESTC). He received his B.S. degree in Electrical Engineering in 2001 from UESTC, and his Ph.D. degree in Communication and Information Engineering in 2007 from University of Electronic Science and Technology of China, respectively. His research interests are in the area of wired and wireless computer communication networks and protocols, next generation network.

    Hui Li is pursuing her Master degree in Communication and Information System at University of Electronic Science and Technology of China. Her research interests include network survivability and security.

    Hongfang Yu received her B.S. degree in Electrical Engineering in 1996 from Xidian University, her M.S. degree and Ph.D. degree in Communication and Information Engineering in 1999 and 2006 from University of Electronic Science and Technology of China, respectively. From 2009 to 2010, she was a Visiting Scholar at the Department of Computer Science and Engineering, University at Buffalo (SUNY). Her research interests include network survivability, network security and next generation Internet.

    Victor Chang is an associate professor at Xi’an Jiaotong Liverpool University, Suzhou, China, after working as a Senior Lecturer at Leeds Beckett University, UK, for 3.5 years. Within 4 years, he completed Ph.D. (CS, Southampton) in 2013 and PGCert (Higher Education, Fellow) in 2012 part-time. He won a European Award on Cloud Migration in 2011 and best papers in 2012 and 2015, and numerous awards since 2012. He is a leading expert on Big Data/Cloud/security, visiting scholar/Ph.D. examiner at several universities, an Editor-in-Chief of IJOCI & OJBD journals, Editor of FGCS, founding chair of two international workshops and founding Conference Chair of IoTBD 2016 www.iotbd.org and COMPLEXIS 2016 www.complexis.org.

    View full text