Results 1 - 10
of
231
The new casper: Query processing for location services without compromising privacy
- IN PROC. OF THE 32ND INTERNATIONAL CONFERENCE ON VERY LARGE DATA BASES, VLDB
, 2006
"... In this paper, we present a new privacy-aware query processing framework Capser * in which mobile and stationary users can obtain snapshot and/or continuous location-based services without revealing their private location information. In particular, we propose a privacy-aware query processor embedde ..."
Abstract
-
Cited by 234 (7 self)
- Add to MetaCart
In this paper, we present a new privacy-aware query processing framework Capser * in which mobile and stationary users can obtain snapshot and/or continuous location-based services without revealing their private location information. In particular, we propose a privacy-aware query processor embedded inside a location-based database server to deal with snapshot and continuous queries based on the knowledge of the user’s cloaked location rather than the exact location. Our proposed privacy-aware query processor is completely independent of how we compute the user’s cloaked location. In other words, any existing location anonymization algorithms that blur the user’s private location into cloaked rectilinear areas can be employed to protect the user’s location privacy. We first propose a privacy-aware query processor that not only supports three new privacy-aware query types, but it also achieves a trade-off between query processing cost and answer optimality. Then, to improve system scalability of processing continuous privacy-aware queries, we propose a shared execution paradigm that shares query processing among a large number of continuous queries. The proposed scalable paradigm can be tuned through two parameters to trade off between system scalability and answer optimality. Experimental results show that our query processor achieves high quality snapshot and continuous location-based services while
Extracting a mobility model from real user traces
- In Proceedings of IEEE INFOCOM
, 2006
"... Abstract — Understanding user mobility is critical for simulations of mobile devices in a wireless network, but current mobility models often do not reflect real user movements. In this paper, we provide a foundation for such work by exploring mobility characteristics in traces of mobile users. We p ..."
Abstract
-
Cited by 167 (1 self)
- Add to MetaCart
(Show Context)
Abstract — Understanding user mobility is critical for simulations of mobile devices in a wireless network, but current mobility models often do not reflect real user movements. In this paper, we provide a foundation for such work by exploring mobility characteristics in traces of mobile users. We present a method to estimate the physical location of users from a large trace of mobile devices associating with access points in a wireless network. Using this method, we extracted tracks of always-on Wi-Fi devices from a 13-month trace. We discovered that the speed and pause time each follow a log-normal distribution and that the direction of movements closely reflects the direction of roads and walkways. Based on the extracted mobility characteristics, we developed a mobility model, focusing on movements among popular regions. Our validation shows that synthetic tracks match real tracks with a median relative error of 17%. I.
A formal model of obfuscation and negotiation for location privacy
- In Pervasive
, 2005
"... Abstract. Obfuscation concerns the practice of deliberately degrading the quality of information in some way, so as to protect the privacy of the individual to whom that information refers. In this paper, we argue that obfuscation is an important technique for protecting an individual’s location pri ..."
Abstract
-
Cited by 127 (7 self)
- Add to MetaCart
(Show Context)
Abstract. Obfuscation concerns the practice of deliberately degrading the quality of information in some way, so as to protect the privacy of the individual to whom that information refers. In this paper, we argue that obfuscation is an important technique for protecting an individual’s location privacy within a pervasive computing environment. The paper sets out a formal framework within which obfuscated location-based services are defined. This framework provides a computationally efficient mechanism for balancing an individual’s need for high-quality information services against that individual’s need for location privacy. Negotiation is used to ensure that a location-based service provider receives only the information it needs to know in order to provide a service of satisfactory quality. The results of this work have implications for numerous applications of mobile and location-aware systems, as they provide a new theoretical foundation for addressing the privacy concerns that are acknowledged to be retarding the widespread acceptance and use of location-based services. 1
A Peer-to-Peer Spatial Cloaking Algorithm for Anonymous Location-based Services
- In: ACM GIS. (2006
, 2006
"... This paper tackles a major privacy threat in current location-based services where users have to report their exact locations to the database server in order to obtain their desired services. For example, a mobile user asking about her nearest restaurant has to report her exact location. With untrus ..."
Abstract
-
Cited by 105 (10 self)
- Add to MetaCart
(Show Context)
This paper tackles a major privacy threat in current location-based services where users have to report their exact locations to the database server in order to obtain their desired services. For example, a mobile user asking about her nearest restaurant has to report her exact location. With untrusted service providers, reporting private location information may lead to several privacy threats. In this paper, we present a peer-to-peer (P2P) spatial cloaking algorithm in which mobile and stationary users can entertain location-based services without revealing their exact location information. The main idea is that before requesting any location-based service, the mobile user will form a group from her peers via single-hop communication and/or multihop routing. Then, the spatial cloaked area is computed as the region that covers the entire group of peers. Two modes of operations are supported within the proposed P2P spatial cloaking algorithm, namely, the on-demand mode and the proactive mode. Experimental results show that the P2P spatial cloaking algorithm operated in the on-demand mode has lower communication cost and better quality of services than the proactive mode, but the on-demand incurs longer response time.
Social Matching: A Framework and Research Agenda • 433
, 2000
"... Social matching systems bring people together in both physical and online spaces. They have the potential to increase social interaction and foster collaboration. However, social matching systems lack a clear intellectual foundation: the nature of the design space, the key research challenges, and t ..."
Abstract
-
Cited by 99 (4 self)
- Add to MetaCart
Social matching systems bring people together in both physical and online spaces. They have the potential to increase social interaction and foster collaboration. However, social matching systems lack a clear intellectual foundation: the nature of the design space, the key research challenges, and the roster of appropriate methods are all ill-defined. This article begins to remedy the situation. It clarifies the scope of social matching systems by distinguishing them from other recommender systems and related systems and techniques. It identifies a set of issues that characterize the design space of social matching systems and shows how existing systems explore different points within the design space. It also reviews selected social science results that can provide input into system design. Most important, the article presents a research agenda organized around a set of claims. The claims embody our understanding of what issues are most important to investigate, our beliefs about what is most likely to be true, and our suggestions of specific research directions to pursue.
Understanding and capturing people’s privacy policies in a mobile social networking application
- Personal and Ubiquitous Computing
"... Abstract A number of mobile applications have emerged that allow users to locate one another. However, people have expressed concerns about the privacy implications associated with this class of software, suggesting that broad adoption may only happen to the extent that these concerns are adequately ..."
Abstract
-
Cited by 98 (29 self)
- Add to MetaCart
(Show Context)
Abstract A number of mobile applications have emerged that allow users to locate one another. However, people have expressed concerns about the privacy implications associated with this class of software, suggesting that broad adoption may only happen to the extent that these concerns are adequately addressed. In this article, we report on our work on PEOPLEFINDER, an application that enables cell phone and laptop users to selectively share their locations with others (e.g. friends, family, and colleagues). The objective of our work has been to better understand people’s attitudes and behaviors towards privacy as they interact with such an application, and to explore technologies that empower users to more effectively and efficiently specify their privacy preferences (or “policies”). These technologies include user interfaces for specifying rules and auditing disclosures, as well as machine learning techniques to see if the system can help people manage their policies better. We present evaluations of these technologies in the context of one laboratory study and three field studies. 1.
Engineering privacy
- IEEE Transactions on Software Engineering
, 2009
"... Abstract—In this paper, we integrate insights from diverse islands of research on electronic privacy to offer a holistic view of privacy engineering and a systematic structure for the discipline’s topics. First, we discuss privacy requirements grounded in both historic and contemporary perspectives ..."
Abstract
-
Cited by 92 (4 self)
- Add to MetaCart
(Show Context)
Abstract—In this paper, we integrate insights from diverse islands of research on electronic privacy to offer a holistic view of privacy engineering and a systematic structure for the discipline’s topics. First, we discuss privacy requirements grounded in both historic and contemporary perspectives on privacy. We use a three-layer model of user privacy concerns to relate them to system operations (data transfer, storage, and processing) and examine their effects on user behavior. In the second part of this paper, we develop guidelines for building privacy-friendly systems. We distinguish two approaches: “privacy-by-policy ” and “privacy-by-architecture. ” The privacy-by-policy approach focuses on the implementation of the notice and choice principles of fair information practices, while the privacy-by-architecture approach minimizes the collection of identifiable personal data and emphasizes anonymization and client-side data storage and processing. We discuss both approaches with a view to their technical overlaps and boundaries as well as to economic feasibility. This paper aims to introduce engineers and computer scientists to the privacy research domain and provide concrete guidance on how to design privacy-friendly systems. Index Terms—Privacy, security, privacy-enhancing technologies, anonymity, identification. Ç 1
Topiary: a tool for prototyping location-enhanced applications
- In Proc. UIST 2004. ACM Press
, 2004
"... accepted for inclusion in Human-Computer Interaction Institute by an authorized administrator of Research Showcase @ CMU. For more information, please contact ..."
Abstract
-
Cited by 81 (6 self)
- Add to MetaCart
(Show Context)
accepted for inclusion in Human-Computer Interaction Institute by an authorized administrator of Research Showcase @ CMU. For more information, please contact
Over-exposed?: privacy patterns and considerations in online and mobile photo sharing
- In CHI ’07: Proc. of the SIGCHI Conf. on Human Factors in Computing Systems
, 2007
"... As sharing personal media online becomes easier and widely spread, new privacy concerns emerge – especially when the persistent nature of the media and associated context reveals details about the physical and social context in which the media items were created. In a first-of-its-kind study, we use ..."
Abstract
-
Cited by 71 (6 self)
- Add to MetaCart
(Show Context)
As sharing personal media online becomes easier and widely spread, new privacy concerns emerge – especially when the persistent nature of the media and associated context reveals details about the physical and social context in which the media items were created. In a first-of-its-kind study, we use context-aware camerephone devices to examine privacy decisions in mobile and online photo sharing. Through data analysis on a corpus of privacy decisions and associated context data from a real-world system, we identify relationships between location of photo capture and photo privacy settings. Our data analysis leads to further questions which we investigate through a set of interviews with 15 users. The interviews reveal common themes in privacy considerations: security, social disclosure, identity and convenience. Finally, we highlight several implications and opportunities for design of media sharing applications, including using past privacy patterns to prevent oversights and errors. Author Keywords Privacy, online content, photo sharing, social software, location-aware, context-aware, photos. ACM Classification Keywords H.1.2 User/Machine Systems: Human factors.
Recruitment Framework for Participatory Sensing Data Collections
"... Abstract. Mobile phones have evolved from devices that are just used for voice and text communication to platforms that are able to capture and transmit a range of data types (image, audio, and location). The adoption of these increasingly capable devices by society has enabled a potentially pervasi ..."
Abstract
-
Cited by 67 (2 self)
- Add to MetaCart
(Show Context)
Abstract. Mobile phones have evolved from devices that are just used for voice and text communication to platforms that are able to capture and transmit a range of data types (image, audio, and location). The adoption of these increasingly capable devices by society has enabled a potentially pervasive sensing paradigm- participatory sensing. A coordinated participatory sensing system engages individuals carrying mobile phones to explore phenomena of interest using in situ data collection. For participatory sensing to succeed, several technical challenges need to be solved. In this paper, we discuss one particular issue: developing a recruitment framework to enable organizers to identify well-suited participants for data collections based on geographic and temporal availability as well as participation habits. This recruitment system is evaluated through a series of pilot data collections where volunteers explored sustainable processes on a university campus.
