90 likes | 228 Vues
Future Internet Enablers Case Study: Location Privacy. Thales - June 2012. Presentation outline. Table of Content WP4 Objectives (Reminder) Location Privacy Concerns Pseudonyms are not sufficient Domain Specific Privacy Enabler Location Monitoring Component
E N D
Future Internet EnablersCase Study: Location Privacy Thales - June 2012
Presentation outline Table of Content • WP4 Objectives (Reminder) • Location Privacy Concerns • Pseudonyms are not sufficient • Domain Specific Privacy Enabler • Location Monitoring Component • Data Publishing Anonymization Techniques
WP4 Objectives (reminder) Specify the Instant Mobility System and derive components enablers (generic or domain specifics)
Location Privacy Concerns • Information about location, both real-time location as well as permanent locations (such as home address), garners special attention due to the consequences for both privacy and physical safety that may flow from its disclosure. • The simple transmission of a location may allow near-perfect personal tracking. • Even without identifying information, location tracking can reveal a user's home address and employer, simply by looking for the typical night and day-time locations.
Pseudonyms are not sufficient Fine granularity location may allow re-identification of “pseudonym” users.
Domain Specific Security Enabler • FI-WARE Location Monitoring component • Users real-time locations are reported to that component and to that component only. • The user allows/disallow explicitly events/alerts which can be reported by this component and to whom (certificates based). Examples of possible events include: • Planned Itinerary Delay • Proximity Alert • The component may also publish anonymized information about travelers movements.
Data Publishing Anonymization Techniques • To publish location data without compromising privacy, either of the following conditions needs to be met: • The traces are at coarse granularity levels so that the anonymity sets are large enough to preserve privacy, for example the location granularity is at city level or above • The traces are so short that it is difficult to infer the top N locations correctly. The former is a spatial-domain approach while the latter is a time-domain approach. Both can be used in conjunction when publishing location data.