Abstract
Opportunistic sensing allows applications to “task” mobile devices to measure context in a target region. For example, one could leverage sensor-equipped vehicles to measure traffic or pollution levels on a particular street, or users’ mobile phones to locate (Bluetooth-enabled) objects in their neighborhood. In most proposed applications, context reports include the time and location of the event, putting the privacy of users at increased risk—even if a report has been anonymized, the accompanying time and location can reveal sufficient information to deanonymize the user whose device sent the report.
We propose AnonySense, a general-purpose architecture for leveraging users’ mobile devices for measuring context, while maintaining the privacy of the users.AnonySense features multiple layers of privacy protection—a framework for nodes to receive tasks anonymously, a novel blurring mechanism based on tessellation and clustering to protect users’ privacy against the system while reporting context, and k-anonymous report aggregation to improve the users’ privacy against applications receiving the context. We outline the architecture and security properties of AnonySense, and focus on evaluating our tessellation and clustering algorithm against real mobility traces.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abdelzaher, T., Anokwa, Y., Boda, P., Burke, J., Estrin, D., Guibas, L., Kansal, A., Madden, S., Reich, J.: Mobiscopes for human spaces. IEEE Pervasive Computing 6(2), 20–29 (2007)
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS 2004: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)
Calandriello, G., Papadimitratos, P., Hubaux, J.-P., Lioy, A.: Efficient and robust pseudonymous authentication in VANET. In: VANET 2007: Proceedings of the Fourth ACM International Workshop on Vehicular Ad Hoc Networks, pp. 19–28. ACM Press, New York (2007)
Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to win the clonewars: efficient periodic n-times anonymous authentication. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), pp. 201–210. ACM Press, New York (2006)
Campbell, A., Eisenman, S., Lane, N., Miluzzo, E., Peterson, R.: People-centric urban sensing. In: The Second Annual International Wireless Internet Conference (WICON), pp. 2–5. IEEE Computer Society Press, Los Alamitos (2006)
CENS Urban Sensing project (2007), http://research.cens.ucla.edu/projects/2006/Systems/UrbanSensing/
Chaum, D., Ryan, P.Y.A., Schneider, S.A.: A practical voter-verifiable election scheme. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)
Chow, C.-Y., Mokbel, M.F., Liu, X.: A peer-to-peer spatial cloaking algorithm for anonymous location-based service. In: GIS 2006: Proceedings of the 14th Annual ACM International Symposium on Advances in Geographic Information Systems, pp. 171–178. ACM Press, New York (2006)
Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multiauthority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)
Duckham, M., Kulik, L.: A Formal Model of Obfuscation and Negotiation for Location Privacy. In: Gellersen, H.-W., Want, R., Schmidt, A. (eds.) PERVASIVE 2005. LNCS, vol. 3468, Springer, Heidelberg (2005)
Frank, C., Bolliger, P., Roduner, C., Kellerer, W.: Objects calling home: Locating objects using mobile phones. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, Springer, Heidelberg (2007)
Gedik, B., Liu, L.: Location privacy in mobile systems: A personalized anonymization model. In: ICDCS 2005: Proceedings of the 25th IEEE International Conference on Distributed Computing Systems, pp. 620–629. IEEE Computer Society Press, Los Alamitos (2005)
Ghinita, G., Kalnis, P., Skiadopoulos, S.: Prive: anonymous location-based queries in distributed mobile systems. In: WWW 2007: Proceedings of the 16th International Conference on World Wide Web, pp. 371–380. ACM Press, New York (2007)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: ACM Symposium on Theory of Computing, pp. 218–229 (1987)
Gruteser, M., Grunwald, D.: Anonymous usage of location-based services through spatial and temporal cloaking. In: MobiSys 2003: Proceedings of the 1st International Conference on Mobile Systems, Applications and Services, pp. 31–42. ACM Press, New York (2003)
Gruteser, M., Grunwald, D.: Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis. Mobile Networks and Applications 10(3), 315–325 (2005)
Hoh, B., Gruteser, M.: Protecting location privacy through path confusion. In: SECURECOMM 2005: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, pp. 194–205. IEEE Computer Society Press, Los Alamitos (2005)
Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: Proceedings of MobiSys 2004, Boston, MA, USA, June 2004, pp. 177–189 (2004)
Hull, B., Bychkovsky, V., Zhang, Y., Chen, K., Goraczko, M., Miu, A.K., Shih, E., Balakrishnan, H., Madden, S.: CarTel: A Distributed Mobile Sensor Computing System. In: 4th ACM Conference on Embedded Networked Sensor Systems (SenSys) (November 2006)
Iachello, G., Smith, I., Consolvo, S., Chen, M., Abowd, G.D.: Developing privacy guidelines for social location disclosure applications and services. In: Proceedings of the 2005 Symposium on Usable Privacy and Security (July 2005)
Jiang, T., Wang, H.J., Hu, Y.-C.: Preserving location privacy in wireless LANs. In: MobiSys 2007: Proceedings of the 5th International Conference on Mobile Systems, Applications and Services, pp. 246–257. ACM Press, New York (2007)
Johnson, P., Kapadia, A., Kotz, D., Triandopoulos, N.: People-Centric Urban Sensing: Security Challenges for the New Paradigm. Technical Report TR2007-586, Dartmouth College, Computer Science, Hanover, NH (February 2007)
Kalnis, P., Ghinita, G., Mouratidis, K., Papadias, D.: Preserving anonymity in location based services. Technical Report TRB/06, National University of Singapore, Department of Computer Science (2006)
Kapadia, A., Henderson, T., Fielding, J.J., Kotz, D.: Virtual walls: Protecting digital privacy in pervasive environments. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, pp. 162–179. Springer, Heidelberg (2007)
Kotz, D., Henderson, T., Abyzov, I.: CRAWDAD trace dartmouth/ campus/movement/aplocations (v. 2004-11-09) (November 2004), Downloaded from http://crawdad.cs.dartmouth.edu/dartmouth/campus/movement/aplocations
Krumm, J.: Inference attacks on location tracks. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, pp. 127–143. Springer, Heidelberg (2007)
Mobile Phone Work Group, Trusted Computing Group, www.trustedcomputinggroup.org/groups/mobile
Mokbel, M.F., Chow, C.-Y.: Challenges in preserving location privacy in peer-to-peer environments. In: Seventh International Conference on Web-Age Information Management Workshops, p. 1 (2006)
Mokbel, M.F., Chow, C.-Y., Aref, W.G.: The new Casper: query processing for location services without compromising privacy. In: VLDB 2006: Proceedings of the 32nd International Conference on Very Large Data Bases, pp. 763–774. VLDB Endowment (2006)
Myles, G., Friday, A., Davies, N.: Preserving privacy in environments with location-based applications. IEEE Pervasive Computing 2(1), 56–64 (2003)
Pang, J., Greenstein, B., Gummadi, R., Seshan, S., Wetherall, D.: 802.11 user fingerprinting. In: MobiCom 2007: Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, pp. 99–110. ACM Press, New York (2007)
Riva, O., Borcea, C.: The Urbanet revolution: Sensor power to the people! IEEE Pervasive Computing 6(2), 41–49 (2007)
Microsoft Research SenseWeb project (2007), http://research.microsoft.com/nec/senseweb/
Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness, and Knowledge-Based Systems (2002)
Tang, K.P., Fogarty, J., Keyani, P., Hong, J.I.: Putting people in their place: An anonymous and privacy-sensitive approach to collecting sensed data in location-based applications. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI), pp. 93–102 (2006)
Trusted Computing Group (TCG) (May 2005), https://www.trustedcomputinggroup.org/home
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kapadia, A., Triandopoulos, N., Cornelius, C., Peebles, D., Kotz, D. (2008). AnonySense: Opportunistic and Privacy-Preserving Context Collection. In: Indulska, J., Patterson, D.J., Rodden, T., Ott, M. (eds) Pervasive Computing. Pervasive 2008. Lecture Notes in Computer Science, vol 5013. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79576-6_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-79576-6_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79575-9
Online ISBN: 978-3-540-79576-6
eBook Packages: Computer ScienceComputer Science (R0)