| In recent years, mobile devices and smartphones enabled with GPS and Internet access have become extremely common. People use these devices as they would a personal computer for easy access to information. Location Based Services (LBS) provide customized information based on a user's geographic location that has been retrieved from a dedicated spatial database such as Google Places, Yahoo's Local Search Web Services and Yelp.com. This information can include nearby hotels and restaurants, gas stations, banks or other Points of Interest (POIs). Since most search engines and databases are known to store previous queries in order to improve future search results and other data analysis on previous search queries, many researchers have expressed concerns and proposed solutions to protect a user's location privacy. Research has shown that a significant amount of information, such as medical conditions, political or religious affiliations and more can be inferred based on a person's previous location tracks. Many methods proposed by researchers rely on the use of trusted third parties such as Anonymizing Servers, other nearby mobile devices, or the LBS itself. CAP (Context-Aware Privacy), introduced in 2008 by A. Pingley et. al., is a system that was designed to protect a user's location without having to rely on a trusted third party or interfere with the operation of the LBS. A desktop prototype was made, yet it was never implemented on a mobile device or smartphone until now. Preliminary tests of CAP with lower privacy settings proved to be effective, although when the privacy settings were increased, the results seemed to deteriorate. Closer examinations of the algorithm indicate that it is effective when compressing contextual map data for use by a mobile device, as well as effective perturbation of the user's location. The POI results returned from the LBS tell a different story. While the POI results at low privacy levels seemed to be accurate (i.e. the POIs returned from the LBS are in fact the POIs that are closest to the user), when the privacy settings were increased, the results would degrade (i.e. the POIs returned were, as expected, further away from the user's actual location). This is effective in the sense that the user's actual location is not able to be divulged to an adversary, but is not very effective in terms of usability and convenience for the user. In this thesis, we review CAP and several other proposed methods of location privacy intended for use with mobile devices. We have implemented CAP on a smartphone in its proposed method and evaluate its results, followed by modifications in order to gain more accurate POI results from publicly available LBS. |
