Mobile Intelligence by Laurence T. Yang, Agustinus Borgy Waluyo, Jianhua Ma, Ling Tan, Bala Srinivasan

19.1 INTRODUCTION

Preserving user data privacy is one of the hottest topics in computer security. Security incidents, faulty data management practices, and unauthorized trading of users personal information have often been reported in recent years, exposing victims to ID theft and unauthorized profiling [46]. These issues are raising the bar of privacy standards, fostering innovative research, and driving new legislations. Some approaches aimed at privacy protection deal with minimizing unnecessary release of personal information or focus on preventing leakage of personal information while in transit or once it has been released to an authorized party, for example, by delayed enactment of privacy preferences [49]. Our work addresses the latter concern in the framework of location-based services. We consider privacy requirements for location-based access control (LBAC) systems that require, for the provision of an online service, to evaluate conditions depending on users physical locations [6]. In the LBAC area, privacy has been mostly addressed by developing models and techniques that let users access anonymously to online services [10, 12, 23]. Solutions providing different degrees of privacy according to user preferences or business needs are instead less explored. For instance, obfuscation techniques applied to user locations are well suited to degrade the location accuracy for privacy reasons. In this context, however, only solutions based on increasing the granularity of a ...