Location obfuscation

Location obfuscation is a technique used in location-based services or information systems to protect the location of the users by slightly altering, substituting or generalizing their location in order to avoid reflecting their real position.

A formal definition of location obfuscation can be "the means of deliberately degrading the quality of information about an individual's location in order to protect that individual's location privacy.^[1]

Obfuscation techniques

The most common techniques to perform this change are:

Pseudonyms and the use of third party location providers^[2]
"Spatial cloaking" techniques in which a user is k-anonymous if her exact location cannot be distinguished among k-1 other users ^[3]
"Invisible cloaking", in which no locations are provided for certain zones
Adding random noise to the position ^[4]
Rounding, which uses landmarks to approximate the location ^[5]
Redefinition of possible areas of location.^[6]

One example of the application of location obfuscation can be seen in the following figure.

In this figure, a linear path is obfuscated by two versions of the random noise technique, in which a maximum random noise of 20 (red) and 40 (green) meters is added to the original path (blue), showing a very different trajectory and not revealing the real location of the user.

References

^ M. Duckham, L. Kulik and A. Birtley, "A Formal Model of Obfuscation and Negotiation for Location Privacy." In Proc. Pervasive 2005. LCNC 3468/2005, pp. 243–251, 2005
^ T. Rodden, A. Friday, H. Muller, and A. Dix, "A Lightweight Approach to Managing Privacy in Location-Based Services". Technical Report. Equator-02-058. CSTR-07-006, University of Nottingham and Lancaster University and University of Bristol. October 2002.
^ M. Gruteser and D. Grunwald, "Anonymous usage of location-based services through spatial and temporal cloaking". In Proc. MobiSys ’03, pp. 31–42, 2003.
^ M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi, "Geo-indistinguishability: differential privacy for location-based systems". In Proc. of CCS 2013, ACM, pp. 901–914, 2013.
^ Krumm, J, “Inference Attacks on Location Tracks”. In Proc. Pervasive 2007, Springer-Verlag, pp. 127–143.
^ Ardagna, Claudio; Cremonini, Marco; De Capitani di Vimercati, Sabrina; Samarati, Pierangela (1 January 2011). "An Obfuscation-Based Approach for Protecting Location Privacy". IEEE Transactions on Dependable and Secure Computing. 8 (1): 13–27. CiteSeerX 10.1.1.182.9007. doi:10.1109/TDSC.2009.25.

[ProcPerv2005-1] M. Duckham, L. Kulik and A. Birtley, "A Formal Model of Obfuscation and Negotiation for Location Privacy." In Proc. Pervasive 2005. LCNC 3468/2005, pp. 243–251, 2005

[2] T. Rodden, A. Friday, H. Muller, and A. Dix, "A Lightweight Approach to Managing Privacy in Location-Based Services". Technical Report. Equator-02-058. CSTR-07-006, University of Nottingham and Lancaster University and University of Bristol. October 2002.

[3] M. Gruteser and D. Grunwald, "Anonymous usage of location-based services through spatial and temporal cloaking". In Proc. MobiSys ’03, pp. 31–42, 2003.

[4] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi, "Geo-indistinguishability: differential privacy for location-based systems". In Proc. of CCS 2013, ACM, pp. 901–914, 2013.

[5] Krumm, J, “Inference Attacks on Location Tracks”. In Proc. Pervasive 2007, Springer-Verlag, pp. 127–143.

[6] Ardagna, Claudio; Cremonini, Marco; De Capitani di Vimercati, Sabrina; Samarati, Pierangela (1 January 2011). "An Obfuscation-Based Approach for Protecting Location Privacy". IEEE Transactions on Dependable and Secure Computing. 8 (1): 13–27. CiteSeerX 10.1.1.182.9007. doi:10.1109/TDSC.2009.25.

[1]

[2]

[3]

[4]

[5]

[6]