Multi-lateral privacy-preserving localization in pervasive environments

Abstract

Location based services (LBSs) have raised serious privacy concerns in the society, due to the possibility of leaking a mobile user's location information in enabling location-dependent services. While existing location-privacy studies are mainly focused on preventing the leakage of user's location in accessing the LBS server, the possible privacy leakage during the localization process has been largely ignored. Such a privacy leakage stems from the fact that a localization algorithm typically takes the location of anchors (i.e., reference points for localization) as input, and generates the target's location as output. As such, the location of anchors, and consequently the target's location, could be leaked to others. An adversary could further utilize the leakage of anchor's locations to attack the localization infrastructure and undermine the accurate estimation of the target's location. To address this issue, in this paper, we study the multi-lateral privacy preserving localization problem, whereby the location of a target is calculated without the need of revealing anchors' location, and the knowledge of the localization outcome is strictly limited to the target itself. To fully protect user's privacy, our study protects not only the user's exact location information (the geo-coordinates), but also any side information that may lead to a coarse estimate of the location. Three privacy-preserving localization solutions are developed by leveraging combinations of information hiding and homomorphic encryption. These solutions provide different levels of protection for location side information and resilience to node collusion, and have the advantage of being able to trade user's privacy requirements for better computation/communication efficiency.