Research On Privacy Protection In Location Based Services

Location-based services(LBS) is very important in Mobile Internet business. Mobile users can transparently inquire points of interest(POI) and share their locations anytime in LBS. However, LBS will attract serious privacy-leak problems due to the location positioned queries, which prevent the development of Mobile Internet services. Therefore, privacy-preserving technology is the key of LBS; moreover, it has significance value to study and to put into use. How to provide high quality inquiry services with the protection of privacy is the main problem we deal with in this thesis. This thesis studies this problem in from two aspects. The first is user’ privacy, including location privacy, inquiry privacy, identity privacy and semantic privacy, etc. The second is the different spatial characteristics of the different networks, such as the road network, the 3D surface and the P2P(Peer-to-Peer). The main contributions of this thesis can be concluded as follows:1. Proposes a sensitive semantics-preserving cloaking mechanism in road-networkTo solve the problem of single road segment attack and semantic inference attack in a road-network environment, a novel sensitive semantics-preserving personality cloaking mechanism is proposed. The architecture of the proposed mechanism is a two layered and non-central network topology, which transform a road-network diagram into a Voronoi-partition diagram on the center of the road intersections and the semantic places, and information entropy is used to measure semantic privacy security. Final, according to the result of the security metric, the mechanism “selectively” expands the Voronoi cells to form a cloaking region for the user which can ensure the security of the semantics. Experimental results show that such scheme has a more effective performance compared with EA without extra costs.2. Proposes a privacy-preserving proximity services algorithm under complexenvironmentTo address the problem of loss of generality on discussion privacy-preserving proximity services under Euclidean space, this thesis proposed a generic privacy-preserving proximity inquiry algorithm which can be applied on the 3D smooth surface. The algorithm utilizes simple triangulation decomposition on 3D surface, and the user’s location is generalized with a triangular area, the approximate geodesic distance is introduced to calculate more accurate neighbor, final, a commutative encryption based on hashed granule index of the location is utilized to achieve a more effective privacy-preserving proximity service. Experiments show that this algorithm has a better Quality of Service(QoS) than C-H&Hash and C-H&Seek, while also provide greater privacy protection level than privacy requirements.3. Proposes a query privacy-preserving algorithm for P2 P networksTo solve the issues of query homogeneity attacks and location inference attacks on P2 P networks, a novel algorithm combining location privacy and query privacy is proposed. The algorithm uses imprecise location-response scheme to search K-1 peers which can prevent the inference attack from few malicious peers. An entropy is used to define the diversity of the queries. A “historical-sharing mechanism” is proposed to realize the L-diversity query, and a “realtime-sharing mechanism” is propsed to improve the efficiency of the “historical-sharing mechanism”. Experimental results show that this algorithm has better performance than P2P_CK, which only takes K-anonymity into consideration. In addition, “realtime-sharing mechanism” has a high valid query rate.4. Proposes a privacy-preserving strategy based on the trusted third partIn this thesis, a privacy-preserving strategy based on trusted third parties(TTP) is proposed since comprehensive controls for privacy-preserving is lacking in the existing mechanisms. Combined with the security threats from TTP and the various demands of privacy-preserving, the strategy designs the leveled security services platform based on the security middleware and which can provide effective privacy-preserving access control strategy based on security authorization. Testing and performance analysis of the model show that the strategy can get user’s personal information and then effectively “control” it, and at the same time is transparent to mobile users.