Protecting location privacy against inference attacks

Kazuhiro Minami; Nikita Borisov

doi:10.1145/1866919.1866938

Protecting location privacy against inference attacks

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

GPS-enabled mobile devices are a quickly growing market and users are starting to share their location information with each other through services such as Google Latitude. Location information, however, is very privacy-sensitive, since it can be used to infer activities, preferences, relationships, and other personal information, and thus access to it must be carefully protected. The situation is complicated by the possibility of inferring a users' location information from previous (or even future) movements. We argue that such inference means that traditional access control models that make a binary decision on whether a piece of information is released or not are not sufficient, and new policies must be designed that ensure that private information is not revealed either directly or through inference. We provide a formal definition of location privacy that incorporates an adversary's ability to predict location and discuss possible implementation of access control mechanisms that satisfy this definition. To support our reasoning, we analyze a preliminary data set to evaluate the accuracy of location prediction.

Original language	English (US)
Title of host publication	Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10
Pages	123-126
Number of pages	4
DOIs	https://doi.org/10.1145/1866919.1866938
State	Published - Dec 21 2010
Event	9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10 - Chicago, IL, United States Duration: Oct 4 2010 → Oct 8 2010

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Other

Other	9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10
Country	United States
City	Chicago, IL
Period	10/4/10 → 10/8/10

Fingerprint

Keywords

access control
location privacy
the markov model

ASJC Scopus subject areas

Software
Computer Networks and Communications

Cite this

Minami, K., & Borisov, N. (2010). Protecting location privacy against inference attacks. In Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10 (pp. 123-126). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1866919.1866938

Protecting location privacy against inference attacks. / Minami, Kazuhiro; Borisov, Nikita.

Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10. 2010. p. 123-126 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Minami, K & Borisov, N 2010, Protecting location privacy against inference attacks. in Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10. Proceedings of the ACM Conference on Computer and Communications Security, pp. 123-126, 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10, Chicago, IL, United States, 10/4/10. https://doi.org/10.1145/1866919.1866938

@inproceedings{8f7002fcdbe94f96b1887e155b1a0267,

title = "Protecting location privacy against inference attacks",

abstract = "GPS-enabled mobile devices are a quickly growing market and users are starting to share their location information with each other through services such as Google Latitude. Location information, however, is very privacy-sensitive, since it can be used to infer activities, preferences, relationships, and other personal information, and thus access to it must be carefully protected. The situation is complicated by the possibility of inferring a users' location information from previous (or even future) movements. We argue that such inference means that traditional access control models that make a binary decision on whether a piece of information is released or not are not sufficient, and new policies must be designed that ensure that private information is not revealed either directly or through inference. We provide a formal definition of location privacy that incorporates an adversary's ability to predict location and discuss possible implementation of access control mechanisms that satisfy this definition. To support our reasoning, we analyze a preliminary data set to evaluate the accuracy of location prediction.",

keywords = "access control, location privacy, the markov model",

author = "Kazuhiro Minami and Nikita Borisov",

year = "2010",

month = dec

day = "21",

doi = "10.1145/1866919.1866938",

language = "English (US)",

isbn = "9781450300964",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

pages = "123--126",

booktitle = "Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10",

note = "9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10 ; Conference date: 04-10-2010 Through 08-10-2010",

}

TY - GEN

T1 - Protecting location privacy against inference attacks

AU - Minami, Kazuhiro

AU - Borisov, Nikita

PY - 2010/12/21

Y1 - 2010/12/21

N2 - GPS-enabled mobile devices are a quickly growing market and users are starting to share their location information with each other through services such as Google Latitude. Location information, however, is very privacy-sensitive, since it can be used to infer activities, preferences, relationships, and other personal information, and thus access to it must be carefully protected. The situation is complicated by the possibility of inferring a users' location information from previous (or even future) movements. We argue that such inference means that traditional access control models that make a binary decision on whether a piece of information is released or not are not sufficient, and new policies must be designed that ensure that private information is not revealed either directly or through inference. We provide a formal definition of location privacy that incorporates an adversary's ability to predict location and discuss possible implementation of access control mechanisms that satisfy this definition. To support our reasoning, we analyze a preliminary data set to evaluate the accuracy of location prediction.

AB - GPS-enabled mobile devices are a quickly growing market and users are starting to share their location information with each other through services such as Google Latitude. Location information, however, is very privacy-sensitive, since it can be used to infer activities, preferences, relationships, and other personal information, and thus access to it must be carefully protected. The situation is complicated by the possibility of inferring a users' location information from previous (or even future) movements. We argue that such inference means that traditional access control models that make a binary decision on whether a piece of information is released or not are not sufficient, and new policies must be designed that ensure that private information is not revealed either directly or through inference. We provide a formal definition of location privacy that incorporates an adversary's ability to predict location and discuss possible implementation of access control mechanisms that satisfy this definition. To support our reasoning, we analyze a preliminary data set to evaluate the accuracy of location prediction.

KW - access control

KW - location privacy

KW - the markov model

UR - http://www.scopus.com/inward/record.url?scp=78650189312&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78650189312&partnerID=8YFLogxK

U2 - 10.1145/1866919.1866938

DO - 10.1145/1866919.1866938

M3 - Conference contribution

AN - SCOPUS:78650189312

SN - 9781450300964

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 123

EP - 126

BT - Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10

T2 - 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10

Y2 - 4 October 2010 through 8 October 2010

ER -

Access to Document

10.1145/1866919.1866938