A Profile Anonymization Model for Privacy in a Personalized Location Based Service Environment

Abstract

Location based services (LBS) aim at delivering point of need information. Personalization and customization of such services, based on the profiles of mobile users, would significantly increase the value of these services. Since profiles may include sensitive information of mobile users and moreover can help identify a person, customization is allowed only when the security and privacy policies dictated by them are respected. While LBS are often presumed as untrusted entities, the location services that capture and maintain mobile users' location to enable communication are considered trusted, and therefore can capture and manage the profile information. In this paper, we address the problem of privacy preservation via anonymization. Prior research in this area attempts to ensure k-anonymity by generalizing the location. However, a person may still be identified based on his/her profile if the profiles of all k people are not the same. We extend the notion of k-anonymity by proposing a profile based k-anonymization model that guarantees anonymity even when profiles of mobile users are known to untrusted entities. Specifically, our proposed approaches generalize both location and profiles to the extent specified by the user. We support three types of queries - mobile users requesting stationary resources, stationary users requesting mobile resources, and mobile users requesting mobile resources. We propose a novel unified index structure, called the (P <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TPR</sup> - tree), which organizes both the locations of mobile users as well as their profiles using a single index, and as a result, offers significant performance gain during anonymization as well as query processing.