Research On Location Privacy For Users Of LBS

In recent years, location based services (LBS) have gained tremendouspopularity in today’s networked society, such as centralized location broker service[6], road hazard detection and prediction, navigation, resource scheduling andallocation[18], and various locations tracking apps for mobile devices. Actually,privacy and confidentiality of users’ locations have been a problem for successfulapplications. The popular spatial k-anonymity can ensure each reported locationbeing an enlarged spatial region which contains at least k undistinguished users. Soattackers can’t map a specific query to its object with probability higher than1/k.Although k-anonymity model can guaranteethe queryprivacy of LBS’s users, itfails to guarantee the privacy of user’s location attribute (LA), user’s relationshipwith the position he located in unavoidably. For example, if a K-spatial cloakingregion which focuses on the vicinity of a certain hospital, location related identity ofits user would be exposed as a patient or a doctor, even though the query’s source(who issues the query) can’t be determined with probability higher than1/k in onesnapshot. We term this situation as user’s location attribute leakage. Actually user’slocation attributes can be served as quasi attributes to re-identify the user’s identityby the record linkage technologies. User’s location attribute leakage is due to thespatial cloaking region fails to protect his or her location attributes, where the regionmay lack a key property, which is location diversity. A region is said to be locationdiversity if it covers parts of two or more PSs (public sites)’ vicinity. The opposite islocation homogeneity, which is the cloaking region is the vicinity of one PS only.The main reason of this disadvantage is that the traditional k-anonymity is lackof diversity, i.e., the anonymity set (k users) is monotonous in terms of the totalnumber of the type of its users’ LA. To conquer this disadvantage, an enhancedprivacy scheme,(N,k)-Diverse anonymity is proposed to prevent the user’s locationattribute from being leakage and diversify traditional spatial k-anonymity as well. Toachieve a diverse anonymity region, two steps are considered:(i) Generate a diversespatial cloaking region;(ii) Make the region to be a k-anonymity region. With thismethodology, an N location diversity cloaking algorithm (N-LDC) is proposed torealize (i); the node increment cloaking (NIC) algorithm and the region incrementcloaking (RIC) algorithm are proposed to realize (ii). To defend central public site (CPS) attacks, a secure N-LDC is proposed to enhance the robustness of (N, k)-Diverse anonymity. Finally, the efficiency is verified in guaranteeing the user’sprivacy in terms of time, space and robustness to privacy attacks.