Private retrieval of location-related content using [formula omitted]-anonymity and application to ICN

Abstract

Several platforms to efficiently retrieve content from Internet of Things (IoT) devices installed in various locations have been proposed for information-centric networking (ICN). However, location privacy is at stake in such platforms because consumers retrieve content by specifying the plaintext names of the locations of their interest (LOIs). Previous studies on IP have leveraged k-anonymity of location offered by a trusted proxy called an anonymizer to hide LOIs. Specifically, an anonymizer sends content requests to k locations in a location anonymity set, which comprises an LOI and the other dummy locations. This technique can be applied to ICN; however, two problems need to be solved: the adversary models are unrealistic and the requirements for a location anonymity set have been defined in ad-hoc manners. In this study, we assume a semi-honest anonymizer and define the requirements rigorously using the notions of entropy and t-closeness. Next, we design an architecture for location privacy protection and an algorithm for location anonymity set generation. Finally, we evaluate the overhead incurred by our architecture and the quality of generated location anonymity sets through experiments under a realistic scenario. Our results indicate that our architecture and algorithm offer strong location privacy with marginal overhead.