Databases Reference
In-Depth Information
released, otherwise. Finally, Ho and Gruteser [19] propose a path confusion
algorithm. This algorithm introduces a level of uncertainty by creating cross
paths between at least two users. In this case, the attacker observing different
paths is not able to recognize which path has followed one specific user.
Policy-based techniques
Another class of location privacy techniques relies on the definition of
privacy
policies
. Privacy policies define restrictions that regulate the release of the
location of a user to third parties. Hauser and Kabatnik [22] address the
location privacy problem in a privacy-aware architecture for a global location
service, which allows users to define rules that will be evaluated to regulate
access to location information. The IETF Geopriv working group addresses
privacy and security issues related to the disclosure of location information
over the Internet [23]. The main goal of the Geopriv working group is to define
an environment (i.e., architecture, protocols, and policies) supporting both
location information and policy data. Others works [24, 25] used the Platform
for Privacy Preferences (P3P) [26] to encode users privacy preferences.
In summary, policy-based techniques allow a flexible definition of poli-
cies that fit the user needs of privacy by restricting the ability to manage
locations and disclosing information. However, although policies-based solu-
tions are suitable for privacy protection, users are often not willing to directly
manage complex policies and, hence, may refuse participation in pervasive
environments.
Obfuscation-based techniques
Obfuscation-based techniques are aimed at protecting location privacy by de-
grading the accuracy of the location information still maintaining an explicit
association with the real user identity.
Duckham and Kulik [7] define a framework that provides a mechanism for
balancing individual needs for high-quality information services and location
privacy. The proposed solution is based on the concept of
imprecision
,which
indicates the lack of specificity of location information. The authors suggest
to degrade location information quality and to provide obfuscation features
by adding
n
points with same probability of being the real user position. The
algorithm assumes a graph-based representation of the environment. Also, the
authors propose a validation and evaluation of their methods through a set of
simulations [27]. The results show that obfuscation can provide at the same
time a high service quality and a high privacy level.
Other proposals relies on a trusted middleware, which lies between loca-
tion providers and location-based applications, responsible for enforcing users
privacy preferences before releasing location information. Openwave [28], for
example, includes a location gateway that obtains users location information
