Privacy-Preserving Location Query Service

Search Me If You Can:

Privacy-preserving Location Query Service

ABSTRACT

Location-Based Service (LBS) becomes increasinglypopular with the dramatic growth of smartphones and socialnetwork services (SNS), and its context-rich functionalities attractconsiderable users. Many LBS providers use users’ locationinformation to offer them convenience and useful functions.However, the LBS could greatly breach personal privacy becauselocation itself contains much information. Hence, preservinglocation privacy while achieving utility from it is still an challengingquestion now. This paper tackles this non-trivial challengeby designing a suite of novel fine-grained Privacy-preservingLocation Query Protocol (PLQP). Our protocol allows differentlevels of location query on encrypted location information fordifferent users, and it is efficient enough to be applied in mobileplatforms.

Existing System

The simplest way, which most of applications adopted, isto exert group based access control on published locations:specify a group of user who can or cannot see them. Socialphoto sharing website Flickr only let users choose all users,neighbours, friends or family to allow the access to thelocations, and SNS websites Facebook and Google+ additionallysupport custom groups to specify the accessible usergroups. Mobile applications are much worse. Many mobileapplications (e.g., Circle, Who’s around and Foursquare) evendo not offer group choices to the users, instead, they onlyask users whether they want to disclose the location or not.Obviously, this is too simple to achieve what users need. Firstof all, from users’ perspective, it is hard to explicitly determinea user group such that their locations are visible only to them.It is more natural to find a condition such that friends whosatisfy it can or cannot see the location. Secondly, binaryaccess control (can or cannot) is far beyond enough to properlyconfigure the privacy setting. In the previous example of thetwo lovers Alice and Bob, Alice might want to share her dateat the restaurant with her best friends and discloses the exactlocation to them. Besides, Alice might also want other friendsto know that she is having a good time in downtown, but notdetailed location. In this case, approximate settings between‘can’ and ‘cannot’ are needed to fulfil her requirements.

Disadvantage:

As discussed above, existing privacy control settings in LBSare ‘coarse’ in the sense that: 1) users can only explicitlyspecify a group of users who can or cannot access the locationinformation; 2) access control policy supports binary choicesonly, which means users can only choose to enable or disablethe information disclosure. The existing control strategies alsosuffer from privacy leakage in terms of the server storage.

Proposed System:

In this project, we propose novel protocols such that thelocation publisher exerts a fine-grained access control on whocan access what location information. For example, a publishercould specify the following access control policies: (1) a usercan know which city I am in if s/he is in my friend list; or (2)a user can check whether the distance between him and meis less than 100 meters if s/he is my classmate; or (3) a usercan compute the exact distance between us if we both went tothe same university.

Advantages:

Functional Encryption is an encryption schemesuch that a key holder can learn a specific function of the databased on the ciphertext, but nothing else about the data. Thisis totally different from the traditional encryption scheme interms of the differentiated decryption.

Architecture:

MODULES”

1. Fine-Grained Access Control.
2. Multi-leveled Access Control.
3. Privacy-Preserving Protocol.
4. Euclidean distance.

Modules Description

1. Fine-Grained Access Control

Our protocol allows usersto specify a condition instead of a group and exert accesscontrol over the users who satisfy this condition. This ismore scalable since users can simply add a new conditionfor new privacy setting instead of hand-picking hundredsof users to form a new group. Also, this is more userfriendlybecause users themselves do not clearly knowwhich of their friends should or should not access theinformation most of time.

1. Multi-leveled Access Control

The protocol also supportssemi-functional encryption. That is, the protocol enablesusers to control to what extent (or level) others can learnhis location. The lowest level corresponds to nothing,and the highest level corresponds to one’s exact location.Levels between them correspond to indirect informationabout one’s location.

1. Privacy-Preserving Protocol

In our protocol, every locationinformation is encrypted and queries are processedupon ciphertexts. Therefore, a location publisher’s friendslearn nothing but the result of the location query, which isunder the location publisher’s control. In addition, sinceevery location is encrypted, even the server who storeslocation information does not learn anything from theciphertext.

1. Euclidean distance

For simplicity, we assume the ground surface is a plane,and every user’s location is mapped to an Euclidean space with integer coordinates (with meter as unit). That is, everyone’slocation can be expressed as a tuple of coordinatesrepresenting a point in a grid partition of the space. This doesnot affect the generality since there exists a bijection betweenspherical locations and Euclidean locations. By approximatingthe coordinates in the Euclidean space to the nearest grid point,we can show that it results in errors of the Euclidean distancebetween two locations at most √2 meters when the space ispartitioned using grid of side-length 1 meter.

The Euclidean distance between two users with locationsx1 = (d1, d2) and x2 = (d3, d2) isdouble xDiff = d1-d3;

double xSqr = Math.pow(xDiff, 2);

double yDiff = d2-d4;

double ySqr = Math.pow(yDiff, 2);

double output = Math.sqrt(xSqr + ySqr).

System Configuration:-

H/W System Configuration:-

Processor - Pentium –III

Speed - 1.1 Ghz

RAM - 256 MB (min)

Hard Disk - 20 GB

Floppy Drive - 1.44 MB

Key Board - Standard Windows Keyboard

Mouse - Two or Three Button Mouse

Monitor - SVGA

S/W System Configuration:-

Operating System :Windows95/98/2000/XP

Application Server : Tomcat5.0/6.X

Front End : HTML, Java, Jsp

 Scripts : JavaScript.

Server side Script : Java Server Pages.

Database : Mysql

Database Connectivity : JDBC.

CONCLUSION

In this project, we proposed a fine-grained Privacy-preservingLocation Query Protocol (PLQP), which successfully solvesthe privacy issues in existing LBS applications and providesvarious location based queries. The PLQP uses our noveldistance computation and comparison protocol to implementsemi-functional encryption, which supports multi-levelled accesscontrol, and used CP-ABE as subsidiary encryptionscheme to make access control be more fine-grained. Also,during the whole protocol, unless intended by the locationpublisher, the location information is kept secret to anyoneelse. We also conducted experiment evaluation to show thatthe performance of our protocol is applicable in a real mobilenetwork.