AnonySense: Opportunistic and Privacy-Preserving Context Collection

  • Apu Kapadia
  • Nikos Triandopoulos
  • Cory Cornelius
  • Daniel Peebles
  • David Kotz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5013)


Opportunistic sensing allows applications to “task” mobile devices to measure context in a target region. For example, one could leverage sensor-equipped vehicles to measure traffic or pollution levels on a particular street, or users’ mobile phones to locate (Bluetooth-enabled) objects in their neighborhood. In most proposed applications, context reports include the time and location of the event, putting the privacy of users at increased risk—even if a report has been anonymized, the accompanying time and location can reveal sufficient information to deanonymize the user whose device sent the report.

We propose AnonySense, a general-purpose architecture for leveraging users’ mobile devices for measuring context, while maintaining the privacy of the users.AnonySense features multiple layers of privacy protection—a framework for nodes to receive tasks anonymously, a novel blurring mechanism based on tessellation and clustering to protect users’ privacy against the system while reporting context, and k-anonymous report aggregation to improve the users’ privacy against applications receiving the context. We outline the architecture and security properties of AnonySense, and focus on evaluating our tessellation and clustering algorithm against real mobility traces.


Mobile Node Access Point Voronoi Diagram Location Privacy Trusted Platform Module 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abdelzaher, T., Anokwa, Y., Boda, P., Burke, J., Estrin, D., Guibas, L., Kansal, A., Madden, S., Reich, J.: Mobiscopes for human spaces. IEEE Pervasive Computing 6(2), 20–29 (2007)CrossRefGoogle Scholar
  2. 2.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS 2004: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)Google Scholar
  3. 3.
    Calandriello, G., Papadimitratos, P., Hubaux, J.-P., Lioy, A.: Efficient and robust pseudonymous authentication in VANET. In: VANET 2007: Proceedings of the Fourth ACM International Workshop on Vehicular Ad Hoc Networks, pp. 19–28. ACM Press, New York (2007)CrossRefGoogle Scholar
  4. 4.
    Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to win the clonewars: efficient periodic n-times anonymous authentication. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), pp. 201–210. ACM Press, New York (2006)Google Scholar
  5. 5.
    Campbell, A., Eisenman, S., Lane, N., Miluzzo, E., Peterson, R.: People-centric urban sensing. In: The Second Annual International Wireless Internet Conference (WICON), pp. 2–5. IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  6. 6.
  7. 7.
    Chaum, D., Ryan, P.Y.A., Schneider, S.A.: A practical voter-verifiable election scheme. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Chow, C.-Y., Mokbel, M.F., Liu, X.: A peer-to-peer spatial cloaking algorithm for anonymous location-based service. In: GIS 2006: Proceedings of the 14th Annual ACM International Symposium on Advances in Geographic Information Systems, pp. 171–178. ACM Press, New York (2006)Google Scholar
  9. 9.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multiauthority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  10. 10.
    Duckham, M., Kulik, L.: A Formal Model of Obfuscation and Negotiation for Location Privacy. In: Gellersen, H.-W., Want, R., Schmidt, A. (eds.) PERVASIVE 2005. LNCS, vol. 3468, Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Frank, C., Bolliger, P., Roduner, C., Kellerer, W.: Objects calling home: Locating objects using mobile phones. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Gedik, B., Liu, L.: Location privacy in mobile systems: A personalized anonymization model. In: ICDCS 2005: Proceedings of the 25th IEEE International Conference on Distributed Computing Systems, pp. 620–629. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  13. 13.
    Ghinita, G., Kalnis, P., Skiadopoulos, S.: Prive: anonymous location-based queries in distributed mobile systems. In: WWW 2007: Proceedings of the 16th International Conference on World Wide Web, pp. 371–380. ACM Press, New York (2007)Google Scholar
  14. 14.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: ACM Symposium on Theory of Computing, pp. 218–229 (1987)Google Scholar
  15. 15.
    Gruteser, M., Grunwald, D.: Anonymous usage of location-based services through spatial and temporal cloaking. In: MobiSys 2003: Proceedings of the 1st International Conference on Mobile Systems, Applications and Services, pp. 31–42. ACM Press, New York (2003)Google Scholar
  16. 16.
    Gruteser, M., Grunwald, D.: Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis. Mobile Networks and Applications 10(3), 315–325 (2005)CrossRefGoogle Scholar
  17. 17.
    Hoh, B., Gruteser, M.: Protecting location privacy through path confusion. In: SECURECOMM 2005: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, pp. 194–205. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  18. 18.
    Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: Proceedings of MobiSys 2004, Boston, MA, USA, June 2004, pp. 177–189 (2004)Google Scholar
  19. 19.
    Hull, B., Bychkovsky, V., Zhang, Y., Chen, K., Goraczko, M., Miu, A.K., Shih, E., Balakrishnan, H., Madden, S.: CarTel: A Distributed Mobile Sensor Computing System. In: 4th ACM Conference on Embedded Networked Sensor Systems (SenSys) (November 2006)Google Scholar
  20. 20.
    Iachello, G., Smith, I., Consolvo, S., Chen, M., Abowd, G.D.: Developing privacy guidelines for social location disclosure applications and services. In: Proceedings of the 2005 Symposium on Usable Privacy and Security (July 2005)Google Scholar
  21. 21.
    Jiang, T., Wang, H.J., Hu, Y.-C.: Preserving location privacy in wireless LANs. In: MobiSys 2007: Proceedings of the 5th International Conference on Mobile Systems, Applications and Services, pp. 246–257. ACM Press, New York (2007)Google Scholar
  22. 22.
    Johnson, P., Kapadia, A., Kotz, D., Triandopoulos, N.: People-Centric Urban Sensing: Security Challenges for the New Paradigm. Technical Report TR2007-586, Dartmouth College, Computer Science, Hanover, NH (February 2007)Google Scholar
  23. 23.
    Kalnis, P., Ghinita, G., Mouratidis, K., Papadias, D.: Preserving anonymity in location based services. Technical Report TRB/06, National University of Singapore, Department of Computer Science (2006)Google Scholar
  24. 24.
    Kapadia, A., Henderson, T., Fielding, J.J., Kotz, D.: Virtual walls: Protecting digital privacy in pervasive environments. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, pp. 162–179. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Kotz, D., Henderson, T., Abyzov, I.: CRAWDAD trace dartmouth/ campus/movement/aplocations (v. 2004-11-09) (November 2004), Downloaded from
  26. 26.
    Krumm, J.: Inference attacks on location tracks. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, pp. 127–143. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  27. 27.
    Mobile Phone Work Group, Trusted Computing Group,
  28. 28.
    Mokbel, M.F., Chow, C.-Y.: Challenges in preserving location privacy in peer-to-peer environments. In: Seventh International Conference on Web-Age Information Management Workshops, p. 1 (2006)Google Scholar
  29. 29.
    Mokbel, M.F., Chow, C.-Y., Aref, W.G.: The new Casper: query processing for location services without compromising privacy. In: VLDB 2006: Proceedings of the 32nd International Conference on Very Large Data Bases, pp. 763–774. VLDB Endowment (2006)Google Scholar
  30. 30.
    Myles, G., Friday, A., Davies, N.: Preserving privacy in environments with location-based applications. IEEE Pervasive Computing 2(1), 56–64 (2003)CrossRefGoogle Scholar
  31. 31.
    Pang, J., Greenstein, B., Gummadi, R., Seshan, S., Wetherall, D.: 802.11 user fingerprinting. In: MobiCom 2007: Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, pp. 99–110. ACM Press, New York (2007)Google Scholar
  32. 32.
    Riva, O., Borcea, C.: The Urbanet revolution: Sensor power to the people! IEEE Pervasive Computing 6(2), 41–49 (2007)CrossRefGoogle Scholar
  33. 33.
    Microsoft Research SenseWeb project (2007),
  34. 34.
    Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness, and Knowledge-Based Systems (2002)Google Scholar
  35. 35.
    Tang, K.P., Fogarty, J., Keyani, P., Hong, J.I.: Putting people in their place: An anonymous and privacy-sensitive approach to collecting sensed data in location-based applications. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI), pp. 93–102 (2006)Google Scholar
  36. 36.
    Trusted Computing Group (TCG) (May 2005),

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Apu Kapadia
    • 1
  • Nikos Triandopoulos
    • 2
  • Cory Cornelius
    • 1
  • Daniel Peebles
    • 1
  • David Kotz
    • 1
  1. 1.Institute for Security Technology StudiesDartmouth CollegeHanoverUSA
  2. 2.Department of Computer ScienceUniversity of AarhusAarhus NDenmark

Personalised recommendations