Research On Location Privacy Preservation In The Open User Environment

The rapid developments of mobile applications and services have significantly im-proved people's everyday life.In particular,with the popularity of location-based services,people can enjoy accurate information retrieval,convenient transportation services,and intelligent service recommendation,but some concerns arise in this process.One of the most important and direct concerns for location-based services is location privacy.Multiple governments have set out or introduced various bills for protecting geographic location data,and extensive research has been conducted for this problem in both the academic communities and the industry.However,the emerging location-based services bring new challenges for location privacy,and one of the most important reasons is the open user environment,which has the following characteristics:the variety of users,the individualization of the privacy requirements,the diversity of the user behaviors,and the complex logic of services,and thus the existing location privacy protection solutions may not apply to these scenarios.Therefore,in order to tackle the challenges in the open user environ-ment,it is critical to design schemes which can achieve both the location privacy and utility at the same time.In addition,the proposed location privacy protection solutions are expected to have the following properties:the privacy assumption is measurable;resistent to the selfish behaviors;high-frequent queries are supported;and the decrease of utility is acceptable.In this thesis,we will attend the problem of the location privacy protection in the open user environment based on two typical applications:ridesharing and location-based information retrieval.For the issues regarding users' selfish behav-iors,personalized privacy requirements,and high-frequent queries,we leverage the differential privacy and the mechanism design tools to study the location privacy protection in the open user environment.Specifically,the contributions of this thesis can be summarized as follows:(1)For complex scheduling problem in the ridesharing services,we have proposed a jointly-differentially private scheduling protocol.Benefiting from the requirements of transportation and environment improvements,ridesharing services get more and more popular in the recent years.With its incredibly success,there are some privacy concerns for the users in the ridesharing services.We have proposed a scheduling protocol which can preserve users' location privacy while minimizing the total additional mileage in the system.In addition,we have also investigated how to improve the privacy and efficiency of the proposed protocol to make it more practical.(2)To manage the selfish behaviors of users in the existing anonymization solutions,we revisit the problem of stimulating the users who do not care about their location privacy to participate in the anonymity set and provide k-anonymity location privacy protection for privacy-sensitive users.We first study the cases where the users are homogenous,i.e.,all the privacy-sensitive users have the same requirement of privacy.Then,we extend the study to a more general cases,where the users are heterogeneous,i.e.,different privacy-sensitive users require different privacy level.For these two cases,we design two incentive mechanisms based on single round sealed-price double auction,and rigorously prove the truthfulness of the proposed mechanisms.In addition,the proposed can achieve better satisfaction ratio compared with the existing solutions.(3)For the problem that it is hard to measure the privacy consumption of the existing location perturbation schemes,we have proposed a geo-indistinguishable location perturbation mechanism,where the geo-indistinguishability is a quantitative and provable privacy model.Intuitively,by perturbing the location,it guarantees that any two locations will produce the perturbed locations according to the similar distributions if these two locations are within a given area such that the adversaries cannot infer the true location of the user.Although the geo-indistinguishability has advantages in various aspects,there is a crucial threat against the existing solutions:the privacy consumption increases linearly with the query times,which brings high risk of privacy leakage when the users query frequently.We have proposed an improved mechanism,which can significantly reduce the privacy cost in a special case,and an enhanced mechanism is also proposed for a more general case.(4)The existing location-based services may leverage the edge computing to enable real-time services.Finally,we propose two privacy-preserving data integrity checking protocols in mobile edge computing,which can be applied to the cases where we need to check the integrity of data for a single edge and multiple edges,respectively.Based on the provable data possession concept and the private infor-mation retrieval technique,the proposed protocols can protect users' data privacy and query pattern privacy while allowing the third-party auditors to check the data integrity.The security and privacy of the protocols are rigorously proved.