User-defined privacy location-sharing system in mobile online social networks

https://doi.org/10.1016/j.jnca.2016.11.024Get rights and content

Abstract

With the fusion of social networks and location-based services, location sharing is one of the most important services in mobile online social networks (mOSNs). In location-sharing services, users have to provide their location information to service provider. However, location information is sensitive to users, which may cause a privacy-preserving issue needs to be solved. In the existing research, location-sharing services, such as friends’ query, does not consider the attacks from friends. In fact, a user may not trust all of his/her friends, so just a part of his/her friends will be allowed to obtain the user's location information. In addition, users’ location privacy and social network privacy should be guaranteed. In order to solve the above problems, we propose a new architecture and a new scheme called User-Defined Privacy Location-Sharing (UDPLS) system for mOSNs. In our scheme, the query time is almost irrelevant to the number of friends. We also evaluate the performance and validate the correctness of our proposed algorithm through extensive simulations.

Introduction

Location-based services employ GPS, WLAN, Cellular network technologies to obtain location information of the mobile terminal, and to provide location-based services to the mobile terminal through the wireless network (Virrantaus et al., 2001). Due to the development of Internet technology, the well-known dominant mOSNs such as Facebook, YouTube, Twitter have been growing rapidly in both of size and popularity. In these traditional online social networks, users can conveniently exchange information, and share blog, video, images, etc.

When mOSNs and location-based services are integrated together, many location-based services such as near friends’ query, “check-in”, and simple location sharing can be provided by mOSNs. For example, users can get some preferential service through “check-in” services. In addition, users can query their friends and strangers which close to the current position and obtain their location information. After Facebook integrated with location-based services, they attract a large number of users from starting operations, and the number of users is still growing rapidly (Li and Chen, 2010).

Location-based service (LBS) is one of the most important components in mOSNs, which provides services to users based on the geographical position of the mobile device. With mobility and ever-present Internet connectivity of the world, a great amount of users take the advantage of LBS to query information based on their location. In LBS, users can query the near hospitals, supermarkets, bars and so on, which provides users much convenience.

As LBSs and mOSNs grow in popularity, many new services are spawned, such as friends and travel routes recommendation. However, there are also some challenges need to be solved. Location information is one of the most sensitive privacies to users, and thus it is very valuable. For example, if mOSNs collect users’ much location information, they may provide it to third parties since the commercial purpose, which will leak users’ location privacy. In addition, much sensitive information can be inferred from location information, when more sophisticated analysis is employed. For example, attackers may deduce that the user's physical health from the data of in hospital. Also, attackers may infer that a user is a drunkard, if the user frequently query the nearest bars.

It is important that keep personal location information from being obtained by malicious attackers. Location privacy includes published time of location information, the spatial location and location service request content. Especially, spatial location is most concerned issue of location privacy in mOSNs. Users’ geographical location information mainly relate to the spatial location, which is one of the main concern of this paper.

In mOSNs, the query from friend or stranger in the user-specified range is a typical application of location sharing services. Location-based social networking systems with location sharing services rely on a central server that can obtain all users’ detail movement profile, which raises privacy concerns (Barkhuus et al., 2008, Toch and Cranshaw, 2010, Consolvo et al., 2005). If users’ location privacy is not well protected, users are likely to reject to use the location sharing services (Barkhuus and Dey, 2003). Therefore, the development of location sharing services will face many challenges.

Recently, in mONSs, several methods (Wei et al., 2012, Li et al., 2013, Li et al., 2015, Liu et al., 2013, Liu et al., 2013, Liu et al., 2016) have been proposed to protect users’ location privacy in friends’ and strangers’ queries in the user-specified distance. In the research of (Wei et al., 2012, Li et al., 2013, Liu et al., 2013, Liu et al., 2013, Liu et al., 2016), user's location privacy is protected by adding dummy identities. The location service provider can’t obtain complete information of users’ identities and location. In Ref. Li et al. (2015), a architecture with multiple location servers is proposed. The user's friend set in each friend's query submitted to the location servers is divided into multiple subsets by the social network server randomly. Query results are sent to social servers through encryption and digital signatures, so social networking server cannot obtain location information of the user. However, theses solutions do not consider the attacks from friends. The user may not trust all of his/all friends, and thus may not want to share location with all of his/her friends.

Based on the reviews mentioned above, in this work, we propose a new solution to achieve user-defined location privacy and social network privacy. This solution allows user to choose whether to provide accurate position in friends’ query or share location with a part of his/her friends.

The remainder of this paper is organized as follows. Section 2 reviews the related work. Section 3 gives the preliminaries and problem statements. Section 4 presents descriptions on motivation, system model and the specific implementation. Section 5 gives detailed descriptions on security analysis of our UPLS scheme. The simulation results are given in Section 6. Section 7 presents the research contributions and discussion. Section 8 concludes the paper.

Section snippets

Related work

In this section, we survey the privacy-preserving techniques for location-based services and location sharing services.

The basic concepts and definitions

In this subsection, we explain the main concepts and definitions used in this work. Key notations used in this section are summarized in Table 1.

Total users: It refers to all of users within user-specified distance, where any user meets condition: dis((x, y),(xi, yi))l. The number of total users is called the total number of users.

Effective users: Any user in total users meeting the condition of dis((x, y), (xi, yi))difi is called effective user.

Access control: Access control mentioned in

Motivation and system model

In this section, we give descriptions on the motivation and a new system model to solve our researched problem.

Security analysis

As we mentioned in previous sections, LS and SNS are both assumed to be “honest-but-curious”, and cannot collude. We need to prevent the LS to obtain the user's social network, but also to prevent the SNS to obtain the user's location information. Furthermore, the user's friends and strangers who did not meet the conditions for access control cannot obtain the user's location information. Therefore, security analysis is necessary for the following aspects.

Simulation results and analysis

For evaluating the effectiveness of our proposed UDPLS framework, we have conducted extensive simulations. In this section, we first describe the simulation environment, and then give the simulation results and analysis.

Research contributions and discussion

We propose a new solution to achieve user-defined location privacy and social network privacy. Social network server is prevented from obtaining users’ location information, and location server cannot get users’ social network information in our proposed solution. Moreover, users’ location information cannot be accessed by people who does not match their access control. Our main research contributions are described as follows.

  • 1.

    We design an efficient algorithm to preserve user's location privacy

Conclusion

In this paper we study the problem of protecting users’ privacy in location sharing services, such as nearby friends query and strangers query. We propose a new framework and a new query algorithm (UDPLS) to protect user's location privacy on social network server and user's social network privacy on location privacy. Users can share location with specified-friends instead of all of his friends. It is noteworthy that query time of our framework almost has no business with the number of fiends

Acknowledgement

This research was partially supported by the National Grand Fundamental Research 973 Program of China under Grant (No. 2013CB329103), National Natural Science Foundation of China (61571098), China Postdoctoral Science Foundation (2015M570778), Guangdong Science and Technology Foundation (2013A040600001, 2013B090200004, 2014B090901007, 2015A040404001, 2013B040300001).

References (30)

  • J. Li et al.

    Location-sharing systems with enhanced privacy in mobile online social networks

    IEEE Syst. J.

    (2015)
  • Virrantaus, K., Markkula, J., Garmash, A., et al., 2001. Developing GIS-supported location-based services. In:...
  • N. Li et al.

    Sharing location in online social networks

    IEEE Netw.

    (2010)
  • Barkhuus, L., Brown, B., Bell, M., et al., 2008. From awareness to repartee: Sharing location within social groups. In:...
  • Toch, E., Cranshaw, J.. et al., 2010. Empirical models of privacy in location sharing. In: Proceedings of the 12th ACM...
  • Consolvo, S., Smith, I., Matthews, T.. et al., 2005. Location disclosure to social relations: Why, when, & what people...
  • Barkhuus, L., Dey, A.K., 2003. Location-based services for mobile telephony: A study of users' privacy concerns. In:...
  • W. Wei et al.

    Mobishare: flexible privacy-preserving location sharing in mobile online social networks

    IEEE INFOCOM

    (2012)
  • J. Li et al.

    Mobishare+: security improved system for location sharing in mobile online social networks

    J. Internet Serv. Inf. Secur.

    (2013)
  • Liu, Z., Li, J., Chen, X.. et al., 2013. New privacy-preserving location sharing system for mobile online social...
  • Z. Liu et al.

    N-Mobishare: new privacy preserving location-sharing system for mobile online social networks

    Int. J. Comput. Math.

    (2016)
  • A. Hossain et al.

    Privacy-aware cloaking technique in location-based services

    IEEE Int. Conf. Mob. Serv. (MS)

    (2012)
  • Zheng, J., Tan, X., Zou, C.. et al., 2014. A cloaking-based approach to protect location privacy in location-based...
  • B. Ying et al.

    Protecting location privacy with clustering anonymization in vehicular networks

    IEEE INFOCOM Workshops

    (2014)
  • Mokbel, M.F., Chow, C.Y., Aref, W.G., 2006. The new Casper: query processing for location services without compromising...
  • Cited by (0)

    View full text