Private queries in location based services: Anonymizers are not necessary

Gabriel Ghinita; Panos Kalnis; Ali Khoshgozaran; Cyrus Shahabi; Kian Lee Tan

doi:10.1145/1376616.1376631

Private queries in location based services: Anonymizers are not necessary

Gabriel Ghinita^*, Panos Kalnis, Ali Khoshgozaran, Cyrus Shahabi, Kian Lee Tan

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

572 Scopus citations

Abstract

Mobile devices equipped with positioning capabilities (e.g., GPS) can ask location-dependent queries to Location Based Services (LBS). To protect privacy, the user location must not be disclosed. Existing solutions utilize a trusted anonymizer between the users and the LBS. This approach has several drawbacks: (i) All users must trust the third party anonymizer, which is a single point of attack, (ii) A large number of cooperating, trustworthy users is needed. (iii) Privacy is guaranteed only for a single snapshot of user locations; users are not protected against correlation attacks (e.g., history of user movement). We propose a novel framework to support private location-dependent queries, based on the theoretical work on Private Information Retrieval (PIR). Our framework does not require a trusted third party, since privacy is achieved via cryptographic techniques. Compared to existing work, our approach achieves stronger privacy for snapshots of user locations; moreover, it is the first to provide provable privacy guarantees against correlation attacks. We use our framework to implement approximate and exact algorithms for nearest-neighbor search. We optimize query execution by employing data mining techniques, which identify redundant computations. Contrary to common belief, the experimental results suggest that PIR approaches incur reasonable overhead and are applicable in practice.

Original language	English (US)
Title of host publication	SIGMOD 2008
Subtitle of host publication	Proceedings of the ACM SIGMOD International Conference on Management of Data 2008
Pages	121-132
Number of pages	12
DOIs	https://doi.org/10.1145/1376616.1376631
State	Published - 2008
Externally published	Yes
Event	2008 ACM SIGMOD International Conference on Management of Data 2008, SIGMOD'08 - Vancouver, BC, Canada Duration: Jun 9 2008 → Jun 12 2008

Other

Other	2008 ACM SIGMOD International Conference on Management of Data 2008, SIGMOD'08
Country	Canada
City	Vancouver, BC
Period	06/9/08 → 06/12/08

Keywords

Location anonymity
Private information retrieval
Query privacy

ASJC Scopus subject areas

Software
Information Systems

Access to Document

10.1145/1376616.1376631

Fingerprint Dive into the research topics of 'Private queries in location based services: Anonymizers are not necessary'. Together they form a unique fingerprint.

Cite this

@inproceedings{17cb3a0f8f5f4b6fb725d212b1ce2982,

title = "Private queries in location based services: Anonymizers are not necessary",

abstract = "Mobile devices equipped with positioning capabilities (e.g., GPS) can ask location-dependent queries to Location Based Services (LBS). To protect privacy, the user location must not be disclosed. Existing solutions utilize a trusted anonymizer between the users and the LBS. This approach has several drawbacks: (i) All users must trust the third party anonymizer, which is a single point of attack, (ii) A large number of cooperating, trustworthy users is needed. (iii) Privacy is guaranteed only for a single snapshot of user locations; users are not protected against correlation attacks (e.g., history of user movement). We propose a novel framework to support private location-dependent queries, based on the theoretical work on Private Information Retrieval (PIR). Our framework does not require a trusted third party, since privacy is achieved via cryptographic techniques. Compared to existing work, our approach achieves stronger privacy for snapshots of user locations; moreover, it is the first to provide provable privacy guarantees against correlation attacks. We use our framework to implement approximate and exact algorithms for nearest-neighbor search. We optimize query execution by employing data mining techniques, which identify redundant computations. Contrary to common belief, the experimental results suggest that PIR approaches incur reasonable overhead and are applicable in practice.",

keywords = "Location anonymity, Private information retrieval, Query privacy",

author = "Gabriel Ghinita and Panos Kalnis and Ali Khoshgozaran and Cyrus Shahabi and Tan, {Kian Lee}",

year = "2008",

doi = "10.1145/1376616.1376631",

language = "English (US)",

isbn = "9781605581026",

pages = "121--132",

booktitle = "SIGMOD 2008",

note = "2008 ACM SIGMOD International Conference on Management of Data 2008, SIGMOD'08 ; Conference date: 09-06-2008 Through 12-06-2008",

}

Ghinita, G, Kalnis, P, Khoshgozaran, A, Shahabi, C & Tan, KL 2008, Private queries in location based services: Anonymizers are not necessary. in SIGMOD 2008: Proceedings of the ACM SIGMOD International Conference on Management of Data 2008., 1376631, pp. 121-132, 2008 ACM SIGMOD International Conference on Management of Data 2008, SIGMOD'08, Vancouver, BC, Canada, 06/9/08. https://doi.org/10.1145/1376616.1376631

Private queries in location based services : Anonymizers are not necessary. / Ghinita, Gabriel; Kalnis, Panos; Khoshgozaran, Ali; Shahabi, Cyrus; Tan, Kian Lee.

SIGMOD 2008: Proceedings of the ACM SIGMOD International Conference on Management of Data 2008. 2008. p. 121-132 1376631.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Private queries in location based services

T2 - 2008 ACM SIGMOD International Conference on Management of Data 2008, SIGMOD'08

AU - Ghinita, Gabriel

AU - Kalnis, Panos

AU - Khoshgozaran, Ali

AU - Shahabi, Cyrus

AU - Tan, Kian Lee

PY - 2008

Y1 - 2008

N2 - Mobile devices equipped with positioning capabilities (e.g., GPS) can ask location-dependent queries to Location Based Services (LBS). To protect privacy, the user location must not be disclosed. Existing solutions utilize a trusted anonymizer between the users and the LBS. This approach has several drawbacks: (i) All users must trust the third party anonymizer, which is a single point of attack, (ii) A large number of cooperating, trustworthy users is needed. (iii) Privacy is guaranteed only for a single snapshot of user locations; users are not protected against correlation attacks (e.g., history of user movement). We propose a novel framework to support private location-dependent queries, based on the theoretical work on Private Information Retrieval (PIR). Our framework does not require a trusted third party, since privacy is achieved via cryptographic techniques. Compared to existing work, our approach achieves stronger privacy for snapshots of user locations; moreover, it is the first to provide provable privacy guarantees against correlation attacks. We use our framework to implement approximate and exact algorithms for nearest-neighbor search. We optimize query execution by employing data mining techniques, which identify redundant computations. Contrary to common belief, the experimental results suggest that PIR approaches incur reasonable overhead and are applicable in practice.

AB - Mobile devices equipped with positioning capabilities (e.g., GPS) can ask location-dependent queries to Location Based Services (LBS). To protect privacy, the user location must not be disclosed. Existing solutions utilize a trusted anonymizer between the users and the LBS. This approach has several drawbacks: (i) All users must trust the third party anonymizer, which is a single point of attack, (ii) A large number of cooperating, trustworthy users is needed. (iii) Privacy is guaranteed only for a single snapshot of user locations; users are not protected against correlation attacks (e.g., history of user movement). We propose a novel framework to support private location-dependent queries, based on the theoretical work on Private Information Retrieval (PIR). Our framework does not require a trusted third party, since privacy is achieved via cryptographic techniques. Compared to existing work, our approach achieves stronger privacy for snapshots of user locations; moreover, it is the first to provide provable privacy guarantees against correlation attacks. We use our framework to implement approximate and exact algorithms for nearest-neighbor search. We optimize query execution by employing data mining techniques, which identify redundant computations. Contrary to common belief, the experimental results suggest that PIR approaches incur reasonable overhead and are applicable in practice.

KW - Location anonymity

KW - Private information retrieval

KW - Query privacy

UR - http://www.scopus.com/inward/record.url?scp=57149129292&partnerID=8YFLogxK

U2 - 10.1145/1376616.1376631

DO - 10.1145/1376616.1376631

M3 - Conference contribution

AN - SCOPUS:57149129292

SN - 9781605581026

SP - 121

EP - 132

BT - SIGMOD 2008

Y2 - 9 June 2008 through 12 June 2008

ER -

Private queries in location based services: Anonymizers are not necessary

Abstract

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Cite this