LP-Cache: Privacy-aware Cache Model for Location-based Apps

Asma Patel, Esther Palomar

2016

Abstract

The daily use of smartphones along with third-party apps, which involve location data to be continuously collected, shared and used, have become a significant privacy concern. Besides, taking advantage of the rapid growth of wireless access points, the capability of these location-based services to track users’ lives, even sometimes with their consent, creates an urgent need for the development of more user-friendly and sociallyaccepted approaches to location privacy preservation. In this paper, we introduce a novel privacy-aware model for location-based apps to overcome the shortcomings related to user privacy during the location calculation process. By making the user device play a bigger role in the process, our model prevents users from relying on service providers’ trustworthiness. The model applies a cache-based technique to determine the position of client devices by means of wireless access points and achieve data minimisation in the current process. The model also establishes new personalised permission settings for the users while sharing their location information. We outline possible implementation of the proposal, and preliminary findings of the work-inprogress evaluation on the wireless data feasibility and usability that demonstrate deployment viability.

References

  1. Aad, I. and Niemi, V. (2010). NRC data collection and the privacy by design principles. In PhoneSense.
  2. Almuhimedi, H., Schaub, F., Sadeh, N., Adjerid, I., Acquisti, A., and Others (2015). Your Location has been Shared 5,398 Times! A Field Study on Mobile App Privacy Nudging. In Procs. of ACM Conf. on Human Factors in Computing Systems, pages 787-796. ACM.
  3. Amini, S., Lindqvist, J., Hong, J., Lin, J., Toch, E., and Sadeh, N. (2011). Caché: caching location-enhanced content to improve user privacy. In Procs. of ACM Int. Conf. on Mobile Systems, Applications, and Services, pages 197-210. ACM.
  4. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.- G., and Others (2014). TaintDroid: an informationflow tracking system for realtime privacy monitoring on smartphones. TOCS, 32(2):5.
  5. European Commission (2016). Protection of personal data. http://ec.europa.eu/justice/data-protection/.
  6. Fawaz, K. and Shin, K. G. (2014). Location Privacy Protection for Smartphone Users. In Procs. of ACM SIGSAC Conf. on Computer and Communications Security, pages 239-250. ACM.
  7. Felt, A. P., Egelman, S., and Wagner, D. (2012). I've got 99 problems, but vibration ain't one: a survey of smartphone users' concerns. In Procs. of ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pages 33-44. ACM.
  8. Gibler, C., Crussell, J., Erickson, J., and Chen, H. (2012). AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale. In TRUST 2012, pages 291-307. Springer.
  9. Google Location Service (2016). https://support .google.com/gmm/answer/1646140?hl=en-GB.
  10. Hellman, E. (2013). Android programming: Pushing the limits. John Wiley & Sons. (2016). Geographic Location
  11. Jeon, J., Micinski, K. K., Vaughan, J. A., Fogel, A., and Reddy (2012). Dr. Android and Mr. Hide: fine-grained permissions in android applications. In In Procs. of ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pages 3-14. ACM.
  12. Khoshgozaran, A., Shahabi, C., and Shirani-Mehr, H. (2011). Location privacy: going beyond K-anonymity, cloaking and anonymizers. Knowledge and Information Systems, 26(3):435-465.
  13. Kim, D. H., Hightower, J., Govindan, R., and Estrin, D. (2009). Discovering semantically meaningful places from pervasive RF-beacons. In Procs. of ACM Int. Conf. on Ubiquitous Computing, pages 21-30. ACM.
  14. Lin, D., Bertino, E., Cheng, R., and Prabhakar, S. (2008). Position transformation: a location privacy protection method for moving objects. In Procs. of the SIGSPATIAL ACM GIS 2008 Int. Workshop on Security and Privacy in GIS and LBS, pages 62-71. ACM.
  15. Michael, K. and Clarke, R. (2013). Location and tracking of mobile devices: Überveillance stalks the streets. Computer Law & Security Review, 29(3):216-228.
  16. Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., and Beznosov, K. (2012). Understanding users' requirements for data protection in smartphones. In ICDE Workshop, IEEE Int. Conf. on Secure Data Management on Smartphones and Mobiles, pages 228-235. IEEE.
  17. Navizon (2016). http://www.navizon.com.
  18. NetworkInfoIi (2016). http://play.google.com/store/apps/.
  19. Niu, B., Li, Q., Zhu, X., Cao, G., and Li, H. (2015). Enhancing Privacy through Caching in Location-Based Services. In Proc. of IEEE INFOCOM.
  20. Patel, A. and Palomar, E. (2014). Privacy Preservation in Location-Based Mobile Applications: Research Directions. In Procs. of IEEE Int. Conf. on Availability, Reliability and Security (ARES), pages 227-233. IEEE.
  21. Pontes, T., Vasconcelos, M., Almeida, J., Kumaraguru, P., and Almeida, V. (2012). We know where you live: Privacy characterization of foursquare behavior. In Procs. of ACM Conf. on Ubiquitous Computing, pages 898-905. ACM.
  22. Shklovski, I., Mainwaring, S. D., Skúladóttir, H. H., and Others (2014). Leakiness and Creepiness in App Space: Perceptions of Privacy and Mobile App Use. In Procs. of ACM Conf. on Human factors in computing systems, pages 2347-2356. ACM.
  23. Skyhook (2016). http://www.skyhookwireless.com/.
  24. TOR (2016). http://www.torproject.org/.
  25. tPacketcapture (2016). http://play.google.com/.
  26. Wernke, M., Skvortsov, P., Dürr, F., and Rothermel, K. (2014). A classification of location privacy attacks and approaches. Personal and Ubiquitous Computing, 18(1):163-175.
  27. WiEye (2016). http://play.google.com/store/apps/.
  28. Wireshark (2016). https://www.wireshark.org.
  29. Zhu, X., Chi, H., Niu, B., Zhang, W., Li, Z., and Li, H. (2013). Mobicache: When k-anonymity meets cache. In GLOBECOM, pages 820-825. IEEE.
  30. Zhuang, Y., Syed, Z., Georgy, J., and El-Sheimy, N. (2015). Autonomous smartphone-based WiFi positioning system by using access points localization and crowdsourcing. Pervasive and Mobile Computing.
Download


Paper Citation


in Harvard Style

Patel A. and Palomar E. (2016). LP-Cache: Privacy-aware Cache Model for Location-based Apps . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 183-194. DOI: 10.5220/0005970101830194


in Bibtex Style

@conference{secrypt16,
author={Asma Patel and Esther Palomar},
title={LP-Cache: Privacy-aware Cache Model for Location-based Apps},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={183-194},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005970101830194},
isbn={978-989-758-196-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - LP-Cache: Privacy-aware Cache Model for Location-based Apps
SN - 978-989-758-196-0
AU - Patel A.
AU - Palomar E.
PY - 2016
SP - 183
EP - 194
DO - 10.5220/0005970101830194