Abstract:
This work focuses on providing privacy in MobiShare, which is a location-based service
that assists users in searching and sharing files. A user’s mobility profile is summarization
of its raw mobility data in terms of GPS coordinates and timestamps. Mobility profile
is denoted in terms of places visited by the user, with their arrival and departure times for
every day. MobiShare takes users’ raw mobility data to compute mobility profiles. It stores
phone number of the users, phone number of their social contacts, and the meta data of
the files to be shared. In the current architecture of MobiShare, the cloud learns about
locations, social contacts, and files of the users. For preserving privacy of the users, we
redefine architecture of MobiShare. The new architecture neither takes users’ raw mobility
data nor their mobility profiles. All the locations are stored on the phone itself. This
is equivalent to personal data vault, fully in control of the user. The sharing of mobility
profiles among the users is done in a privacy preserving way via the cloud. In other words,
the cloud never learns about users’ locations.
We propose two models: Partial Privacy Preserving Model and Full Privacy Preserving
Model. In the first model, contacts learn about actual location information of the user.
In the second model, the user share his/her mobility profile without even disclosing it to the
contact. We borrow Paillier homomorphic encryption technique [8, 13] so that a user can
share the mobility profile for the purpose of finding rendezvous point without disclosing the
actual profile. This encryption is done once for a user and there is no need to repeat this
for different contacts.
We report the overhead of introducing these Privacy Preserving Models on Android
phone. The cloud never learns the phone number of the users, who are not participating in
using MobiShare. This provide social privacy. In future work, we will work on preserving
privacy of what files users are sharing.