Location privacy in MobiShare

Abstract

This work focuses on providing privacy in MobiShare, which is a location-based service that assists users in searching and sharing files. A user’s mobility profile is summarization of its raw mobility data in terms of GPS coordinates and timestamps. Mobility profile is denoted in terms of places visited by the user, with their arrival and departure times for every day. MobiShare takes users’ raw mobility data to compute mobility profiles. It stores phone number of the users, phone number of their social contacts, and the meta data of the files to be shared. In the current architecture of MobiShare, the cloud learns about locations, social contacts, and files of the users. For preserving privacy of the users, we redefine architecture of MobiShare. The new architecture neither takes users’ raw mobility data nor their mobility profiles. All the locations are stored on the phone itself. This is equivalent to personal data vault, fully in control of the user. The sharing of mobility profiles among the users is done in a privacy preserving way via the cloud. In other words, the cloud never learns about users’ locations. We propose two models: Partial Privacy Preserving Model and Full Privacy Preserving Model. In the first model, contacts learn about actual location information of the user. In the second model, the user share his/her mobility profile without even disclosing it to the contact. We borrow Paillier homomorphic encryption technique [8, 13] so that a user can share the mobility profile for the purpose of finding rendezvous point without disclosing the actual profile. This encryption is done once for a user and there is no need to repeat this for different contacts. We report the overhead of introducing these Privacy Preserving Models on Android phone. The cloud never learns the phone number of the users, who are not participating in using MobiShare. This provide social privacy. In future work, we will work on preserving privacy of what files users are sharing.