The research presented in this paper develops a novel approach for a risk-based authentication system that takes into account mobile user movement patterns. Inspired by the concept of Shannon's information theory, we introduce a variant version of spatial entropy vectors embedded with time information as a mathematical modeling tool to evaluate regular movement patterns, and spatial entropy vectors derived from user movements range and paces. To support the approach, several algorithms have been designed and implemented. A prototype iPhone application was developed as a proof-of-concept, user movement data has been collected over a predetermined timeframe by accumulating, merging, and saving spatial entropy vectors in a database on the application. The application simulates risk-based authentication by calculating risk factors based on the similarity between current spatial entropy vectors calculated on demand, and historical distributions of movement patterns. Data collected on the field shows that the risk factor is relatively low for similar moving patterns, while different patterns can yield a higher risk factor. Rather than modeling this process by directly storing GPS location data with complicated path-matching algorithms, the spatial entropy model developed uses sampled location data, but does not keep it, preserving user privacy. Practical applications can be used, for example, to adjust fingerprint authentication threshold in iPhone when combining with the risk factor calculated in real time.
{"title":"A spatial entropy-based approach to improve mobile risk-based authentication","authors":"J. Xiong, J. Xiong, Christophe Claramunt","doi":"10.1145/2675682.2676400","DOIUrl":"https://doi.org/10.1145/2675682.2676400","url":null,"abstract":"The research presented in this paper develops a novel approach for a risk-based authentication system that takes into account mobile user movement patterns. Inspired by the concept of Shannon's information theory, we introduce a variant version of spatial entropy vectors embedded with time information as a mathematical modeling tool to evaluate regular movement patterns, and spatial entropy vectors derived from user movements range and paces. To support the approach, several algorithms have been designed and implemented. A prototype iPhone application was developed as a proof-of-concept, user movement data has been collected over a predetermined timeframe by accumulating, merging, and saving spatial entropy vectors in a database on the application. The application simulates risk-based authentication by calculating risk factors based on the similarity between current spatial entropy vectors calculated on demand, and historical distributions of movement patterns. Data collected on the field shows that the risk factor is relatively low for similar moving patterns, while different patterns can yield a higher risk factor. Rather than modeling this process by directly storing GPS location data with complicated path-matching algorithms, the spatial entropy model developed uses sampled location data, but does not keep it, preserving user privacy. Practical applications can be used, for example, to adjust fingerprint authentication threshold in iPhone when combining with the risk factor calculated in real time.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124315520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the availability and rapid development of GPS-enabled mobile devices and the positioning technology, the Location-Based Services (LBS), aiming at providing customized services according to users' spatio-temporal location information, become increasingly popular in many domains. Users are more and more concerned about privacy issues such as the disclosure of their location in one hand. In the other hand they take advantage of the conveniences of LBS in different aspects of their daily lives. Many researches have been conducted in the location cloaking of location privacy, however, the long cloaking time and large cloaked spatial area affected the quality of service. To solve this problem, we propose a grid-based location cloaking method based on k-anonymity model, which is expected to produce better quality of service by reducing the cloaking time and cloaked spatial region.
随着具有gps功能的移动设备和定位技术的普及和快速发展,基于用户时空位置信息提供定制化服务的定位服务(location - based Services, LBS)在许多领域得到越来越广泛的应用。用户越来越关心隐私问题,比如他们的位置暴露在一只手上。另一方面,他们在日常生活的不同方面利用LBS的便利。针对位置隐私的位置隐身进行了大量研究,但隐身时间长,隐身空间面积大,影响了服务质量。为了解决这一问题,我们提出了一种基于k-匿名模型的网格位置隐身方法,该方法通过减少隐身时间和隐身空间区域来提高服务质量。
{"title":"A grid-based location privacy-preserving method for LBS users","authors":"Lei Mou, A. Lbath","doi":"10.1145/2675682.2676398","DOIUrl":"https://doi.org/10.1145/2675682.2676398","url":null,"abstract":"With the availability and rapid development of GPS-enabled mobile devices and the positioning technology, the Location-Based Services (LBS), aiming at providing customized services according to users' spatio-temporal location information, become increasingly popular in many domains. Users are more and more concerned about privacy issues such as the disclosure of their location in one hand. In the other hand they take advantage of the conveniences of LBS in different aspects of their daily lives. Many researches have been conducted in the location cloaking of location privacy, however, the long cloaking time and large cloaked spatial area affected the quality of service. To solve this problem, we propose a grid-based location cloaking method based on k-anonymity model, which is expected to produce better quality of service by reducing the cloaking time and cloaked spatial region.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116697734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Quantity Based Aggregation (QBA) is a subject that is closely related to inference in databases. The goal is to enforce k out of N disclosure control. In this paper we work on QBA problems in the context of cadastral databases, and we focus on one particular problem: how to prevent a user from accessing all parcels in a region. This work is a new version of the model presented in [2, 3] where we introduce the concept of "Dominant Zones". This concept increases the availability of the data while preserving their confidentiality. Moreover, we provide a more detailed discussion on security aspects of different choices of the model's parameters.
基于数量的聚合(QBA)是与数据库推理密切相关的一门学科。目标是强制执行k out of N的披露控制。在本文中,我们研究地籍数据库背景下的QBA问题,我们重点关注一个特定的问题:如何防止用户访问一个地区的所有包裹。这项工作是在[2,3]中提出的模型的新版本,在[2,3]中我们引入了“主导区域”的概念。这个概念增加了数据的可用性,同时保持了数据的机密性。此外,我们对模型参数的不同选择的安全性方面进行了更详细的讨论。
{"title":"Quantity based aggregation for cadastral databases","authors":"Firas Al Khalil, A. Gabillon, P. Capolsini","doi":"10.1145/2675682.2676394","DOIUrl":"https://doi.org/10.1145/2675682.2676394","url":null,"abstract":"Quantity Based Aggregation (QBA) is a subject that is closely related to inference in databases. The goal is to enforce k out of N disclosure control. In this paper we work on QBA problems in the context of cadastral databases, and we focus on one particular problem: how to prevent a user from accessing all parcels in a region. This work is a new version of the model presented in [2, 3] where we introduce the concept of \"Dominant Zones\". This concept increases the availability of the data while preserving their confidentiality. Moreover, we provide a more detailed discussion on security aspects of different choices of the model's parameters.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114189938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We argue that current technical and legal attempts aimed at protecting Geoprivacy are insufficient. We propose a novel 2-dimensional model of privacy, which we term "civilized cyberspace". On one dimension there are engineering, social and legal tools while on the other there are different kinds of interaction with information. We argue why such a civilized cyberspace protects privacy without sacrificing personal freedom on the one hand and opportunities for businesses on the other. We also discuss its realization and propose a technology stack including a permission service for geoprocessing.
{"title":"A civilized cyberspace for geoprivacy","authors":"Paul Weiser, S. Scheider","doi":"10.1145/2675682.2676396","DOIUrl":"https://doi.org/10.1145/2675682.2676396","url":null,"abstract":"We argue that current technical and legal attempts aimed at protecting Geoprivacy are insufficient. We propose a novel 2-dimensional model of privacy, which we term \"civilized cyberspace\". On one dimension there are engineering, social and legal tools while on the other there are different kinds of interaction with information. We argue why such a civilized cyberspace protects privacy without sacrificing personal freedom on the one hand and opportunities for businesses on the other. We also discuss its realization and propose a technology stack including a permission service for geoprocessing.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117255084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ling-Jyh Chen, Chen-Ruei Hong, D. Deng, Hu-Cheng Lee, Hsin-Hung Hsieh
Location-based systems (LBS) represent an emerging genre of applications that exploit positioning technologies and facilitate a wide range of location-based services. Unlike conventional information systems, LBS data management is challenging because LBS data is high dimensional and spatio-temporal in nature, and information leakage may result in location related privacy crises. The issue has become even more complicated, as database outsourcing has become inevitable in view of the emerging popularity of LBS deployment. In this paper, we tackle the research challenge and propose a SecUre Database Outsourcing system, called SUDO. By combining the techniques of Hilbert space-filling curves, different invertible encryption algorithms, and genuine mixed data, we show that SUDO is capable of preserving location privacy for LBS against different attacks. Moreover, the proposed solution is simple, effective, and scalable; and it shows promise in supporting LBS data management with outsourced databases.
{"title":"SUDO: a secure database outsourcing solution for location-based systems","authors":"Ling-Jyh Chen, Chen-Ruei Hong, D. Deng, Hu-Cheng Lee, Hsin-Hung Hsieh","doi":"10.1145/2675682.2676397","DOIUrl":"https://doi.org/10.1145/2675682.2676397","url":null,"abstract":"Location-based systems (LBS) represent an emerging genre of applications that exploit positioning technologies and facilitate a wide range of location-based services. Unlike conventional information systems, LBS data management is challenging because LBS data is high dimensional and spatio-temporal in nature, and information leakage may result in location related privacy crises. The issue has become even more complicated, as database outsourcing has become inevitable in view of the emerging popularity of LBS deployment. In this paper, we tackle the research challenge and propose a SecUre Database Outsourcing system, called SUDO. By combining the techniques of Hilbert space-filling curves, different invertible encryption algorithms, and genuine mixed data, we show that SUDO is capable of preserving location privacy for LBS against different attacks. Moreover, the proposed solution is simple, effective, and scalable; and it shows promise in supporting LBS data management with outsourced databases.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125851636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abdullah Murad, Brian N. Hilton, T. Horan, John Tangenberg
Protecting patient geo-privacy while allowing for valid geographic analyses of the data is a major challenge [1]. As a consequence, a variety of methods have been introduced to mask patients' locational information, also called geo-masking methods [2]. This study assessed the five main geo-masking methods as cited by [3] in terms of re-identification risk and performance. These five methods are Random Direction and Fixed Radius, Random Perturbation within a Circle, Gaussian Displacement, Donut Masking, and Bimodal Gaussian Displacement. Based on the assessment, the study highlighted two major gaps in the design of these geo-masking methods. First, all five geo-masking methods used only population density in calculating the displacement distances between the original locations of points and their new locations. However, other criteria that might be as important as population density were not considered in designing these five methods. These include data sensitivity, research types, quasi-indicator availability, previously generated maps availability, end-users' types, and the possibility of temporal synergy of data. Second, the Donut Masking and the Bimodal Gaussian Displacement methods were found to be superior in terms of minimizing re-identifying risks, but they were also found to be consuming much more processing power compared to the other three geo-masking methods. To address these gaps, this study proposed a new geo-masking method, called the "Triangular Displacement". The primary design, development, and evaluation of the Triangular Displacement method were based on the Design Science Research (DSR) Process Model [4], also known as DSRM. The expected next step is to implement the resultant geo-masking method as a tool to help healthcare data guardians de-identify large sets of PHR automatically. A pilot study with a large Southern Californian healthcare provider has been outlined to examine the efficacy of the developed solution.
{"title":"Protecting patient geo-privacy via a triangular displacement geo-masking method","authors":"Abdullah Murad, Brian N. Hilton, T. Horan, John Tangenberg","doi":"10.1145/2675682.2676399","DOIUrl":"https://doi.org/10.1145/2675682.2676399","url":null,"abstract":"Protecting patient geo-privacy while allowing for valid geographic analyses of the data is a major challenge [1]. As a consequence, a variety of methods have been introduced to mask patients' locational information, also called geo-masking methods [2]. This study assessed the five main geo-masking methods as cited by [3] in terms of re-identification risk and performance. These five methods are Random Direction and Fixed Radius, Random Perturbation within a Circle, Gaussian Displacement, Donut Masking, and Bimodal Gaussian Displacement. Based on the assessment, the study highlighted two major gaps in the design of these geo-masking methods. First, all five geo-masking methods used only population density in calculating the displacement distances between the original locations of points and their new locations. However, other criteria that might be as important as population density were not considered in designing these five methods. These include data sensitivity, research types, quasi-indicator availability, previously generated maps availability, end-users' types, and the possibility of temporal synergy of data. Second, the Donut Masking and the Bimodal Gaussian Displacement methods were found to be superior in terms of minimizing re-identifying risks, but they were also found to be consuming much more processing power compared to the other three geo-masking methods. To address these gaps, this study proposed a new geo-masking method, called the \"Triangular Displacement\". The primary design, development, and evaluation of the Triangular Displacement method were based on the Design Science Research (DSR) Process Model [4], also known as DSRM. The expected next step is to implement the resultant geo-masking method as a tool to help healthcare data guardians de-identify large sets of PHR automatically. A pilot study with a large Southern Californian healthcare provider has been outlined to examine the efficacy of the developed solution.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114653240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Location-Based Social Networks (LBSNs), such as Foursquare, Yelp and Facebook Place, have attracted many people, including business owners who use LBSNs to promote their businesses. A physical location is called a venue or a place of interest in an LBSN. Associated with each venue are several attributes, such as its latitude and longitude values, and the discounts/coupons users can use. LBSN users usually tend to trust venues, which is becoming a key focus of various attacks [7, 10]. By manipulating attributes related to venues, however, an attacker can deceive users, compromise their privacy and destroy the reputation of the venues in an LBSN. In this paper, we call the attacks targeting venues as venue attacks. We first investigate and characterize such attacks in Foursquare, Yelp and Facebook Place. We then study what makes such attacks successful and discuss potential defense approaches against these attacks. To the best of our knowledge, we are the first to characterize various venue attacks in LBSNs.
{"title":"Venue attacks in location-based social networks","authors":"Lei Jin, Hassan Takabi","doi":"10.1145/2675682.2676395","DOIUrl":"https://doi.org/10.1145/2675682.2676395","url":null,"abstract":"Location-Based Social Networks (LBSNs), such as Foursquare, Yelp and Facebook Place, have attracted many people, including business owners who use LBSNs to promote their businesses. A physical location is called a venue or a place of interest in an LBSN. Associated with each venue are several attributes, such as its latitude and longitude values, and the discounts/coupons users can use. LBSN users usually tend to trust venues, which is becoming a key focus of various attacks [7, 10]. By manipulating attributes related to venues, however, an attacker can deceive users, compromise their privacy and destroy the reputation of the venues in an LBSN. In this paper, we call the attacks targeting venues as venue attacks. We first investigate and characterize such attacks in Foursquare, Yelp and Facebook Place. We then study what makes such attacks successful and discuss potential defense approaches against these attacks. To the best of our knowledge, we are the first to characterize various venue attacks in LBSNs.","PeriodicalId":337858,"journal":{"name":"GeoPrivacy '14","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128297812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: