International Journal of Modern Trends in Engineering and Research

www.ijmter.com e-ISSN No.:2349-9745, Date: 28-30 April, 2016

@IJMTER-2016, All rights Reserved

Privacy Preservation in Location Sharing Using PLQP

Pooja R. Jadhav1, Dhanashree D. Surve2, Aaftab Haider3, Avesh D. Shaikh4 , Prof. N.V.Sharma5

1Department of Information Technology, S.N.J.B’s KBJ COE, Chandwad, jadhavpooja2121@gmail.com 2Department of Information Technology, S.N.J.B’s KBJ COE, Chandwad, dhanashreesurve95@gmail.com

3Department of Information Technology, S.N.J.B’s KBJ COE, Chandwad, sayyadaaftab@gmail.com 4Department of Information Technology, S.N.J.B’s KBJ COE, Chandwad, avesh786shaikh@gmail.com

5Department of Information Technology, S.N.J.B’s KBJ COE, Chandwad, Sharma.nilesh101@gmail.com

Abstract -The use of Location Based Services is increased due to the growth of social network and increase in the users of Smartphone’s. Many applications provide different kinds of services based on user’s location. At that time the user needs to share his/her location with other people or applications. Sharing the location in secured way is still a challenging task. To achieve this, Privacy Preservation Location Query Protocol (PLQP) is used in this work. This protocol allows to set a query for different users for sharing location information. Also, the location information gets encrypted and shared in secured way. Keywords- Privacy-preserving Location Query protocol, Attribute based Encryption, Homo-morphic function.

I. INTRODUCTION The main aim of Location Based Services is “To assist with the exact information, at right place in real time with personalized setup and location sensitiveness”. In this area we deal with different kinds of devices like desktop as well as smart phones. Location-based services or LBS refer to a set of applications that exploit the knowledge of the geographical position of a mobile device in order to provide services based on that information. Location- based services (LBS) provide the mobile clients personalized services according to their current location. It also offers mobile services, where geographic location enables the services to the users. Examples of such services include Tracking and Monitoring, Information and Navigation. With the rapid development of mobile technologies, these services are made available in handheld devices such as PDAs, smart phones, cell phones and laptops. These services use technologies like GSM/GPRS. Through LBS, a mobile user can enjoy numerous benefits by linking entities of his/her interest during movement. Location based services have made remarkable change in communication but this services are not more secured. To secure the location information of user certain Models/Applications are developed but still the users are not comfortable about their privacy over network. For protecting the location information of users that may be misused by another person, we need a safer way for sharing the location data. Securing the location information is one of the major challenges. Location data security is the security by which we can avoid the misuse of location data. There are some strategies to secure the location data while it being shared like: Sharing the location data with only trusted people. Other way is Providing access control policies like enable or disable of location data and providing privacy control by encrypting the location information.

II. LITERATURE REVIEW

[1] “Efficient algorithms for k-anonymous Location privacy in participatory sensing” In this paper author focused on protecting the data privacy. It is an important concern, where users can contribute valuable information and retrieve information regarding the surroundings. It

International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 3, Issue 4, [April 2016] Special Issue of ICRTET’2016

@IJMTER-2016, All rights Reserved 230

emphasizes on preventing disclosure of personal data. Author proposed a mechanism based on locality sensitive hashing to partition user locations into groups each containing at least k users. But its disadvantages is frequent updating is required and this dynamic behaviour introduces huge overhead to keep the date K- Anonymous. [2] “Anonymization of location data does not work: A large-scale measurement study” In this paper, Author proposed anonymization of location data. Large scale data set of more than 30 billion call records made by 25 million cell phone users across many states and attempt to determine to what extent anonymized location data can reveal private user information. It has main advantage of relieng on large-scale data to demonstrate the effect of reducing granularity on levels of privacy protection. Solution is publishing or sharing anonymized location data will lead to privacy risks, the data needs must be in either the time domain or the space domain. The main disadvantage is unordered locations. And also had impact on distance. [3] “Protecting privacy against location based personal identification” This paper presents a new model for protecting privacy against location based personal identification involving use of location-based services. The main advantage is that location service acts as quasi identifier. Their values can be linked with other information to reidentify the respondents to whom the information refers. This paper considers the privacy issues involved in accessing location-based services, i.e., services that, based on the user current position, can provide location-aware information. The main problem is that positioning information related to particular location or trace of particular location can lead to personal identification. Hence leading to actual real person or pseudonym. [4] “Protection of location privacyusing dummies for location-based services” Author made use of Dummy-Q using LBS, which is a user based technique which operates on user side and doesn t require any trusted third party. The main motivation is to confuse the opponent by issuing multiple fraudulent queries along with actual query issued by user. What exactly dummy location means is that the user protects their location privacy by reporting set of fake locations. It has another advantage of dummy for location based act only on response from actual user. Advantage is difficulty in distinguishing between true positioned data. [5] “Mix zones: User privacy in location-aware services” Mix zone method is developed to enhance user privacy in location-based services. This paper summarises the mix zone model. The model assumes appearance of trusted middleware system which found in between the underlying location systems and untrusted third-party applications. Applications register in a geographic space with the third-party which is referred as an application zone. Example spaces include hospital grounds, university buildings or a super-market complex. Users register interest in a particular set of location-aware applications and the middleware limits the location information received by applications to location sightings of registered users located inside the application zone. Each user has one or more unregistered geographical regions where no application can trace user movements; we call such areas mix zones, because once a user enters such a zone, user identity is mixed with all other users in the mix zone, as will become clearer shortly. The mix zone model prevents tracking of user movements, but still permits the operation of many location-aware applications. Since third-party applications are untrusted they may collude, therefore all third- party application providers are treated as one combined global hostile observer.

III. PROPOSED SYSTEM

The main goal behind to develop the system is to exert access control on sharing of location information. Here, we are using access control policy as a query based service with the help of PLQP. Architecture mainly consist of two kinds of users, Querier and Publisher. Querier is the one person who wants to know the location of other user (publisher) who is nearby to him. Publisher has a set of predefined queries. E.g. whether the querier belongs to my college? etc. stored in query

International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 3, Issue 4, [April 2016] Special Issue of ICRTET’2016

@IJMTER-2016, All rights Reserved 231

module. It checks whether both queries are matched or not. Then the query goes to database server which stores the identities of both the users. From this identities query is evaluated. If the query is satisfied then GPS module searches for the location information of Publisher. Finally, the module displays the location information as a point on map with location co-ordinates. Now, the publisher is ready to publish his location. The another case is regarding a group of users. Publisher can set the group based control on accessing his location information. He makes the group of known persons e.g. friends, Family members etc. The location information of Publisher is directly accessible to that group members.

Figure 3.1. System Architecture of location Sharing System

3.1 System Modules

3.1.1. Condition Based Access Control: This module allows users to specify a condition instead of a group and exert access control over the users who satisfy this condition. This is more scalable since users can simply add a new condition for new privacy setting instead of hand-picking hundreds of users to form a new group. Also, this is more user friendly because users themselves do not clearly know which of their friends should or should not access the information most of time.

3.1.2. Multi-leveled Access Control: It supports semi-functional encryption. That is, the protocol enables users to control to what extent (or level) others can learn his location. The lowest level corresponds to nothing, and the highest level corresponds to one’s exact location. Levels between them correspond to indirect information about one’s location.

3.1.3. Privacy-Preserving Protocol: Location information is encrypted and queries are processed upon ciphertexts. Therefore, a location publisher’s friends learn nothing but the result of the location query, which is under the location publisher’s control. In addition, since every location is encrypted, even the server who stores location information does not learn anything from the ciphertext.

3.1.4. Distance computation: For simplicity, we assume the ground surface is a plane, and every user’s location is mapped to an Euclidean space with integer coordinates (with meter as unit). That is, everyone’s location can be expressed as a tuple of coordinates representing a point in a grid partition of the space. This does not affect the generality since there exists a bijection between

International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 3, Issue 4, [April 2016] Special Issue of ICRTET’2016

@IJMTER-2016, All rights Reserved 232

spherical locations and Euclidean locations. By approximating the coordinates in the Euclidean space to the nearest grid point, we can show that it results in errors of the Euclidean distance between two locations at most √2 meters when the space is partitioned using grid of side-length 1 meter. The Euclidean distance between two users with locations x1 = (d1, d2) and x2 = (d3, d2) is Double xDiff = d1-d3; Double xSqr = Math.pow(xDiff, 2); Double yDiff = d2-d4; Double ySqr = Math.pow(yDiff, 2); Double output = Math.sqrt(xSqr + ySqr);

IV. CONCLUSION

Privacy-preserving Location Query Protocol (PLQP) successfully solves the privacy issues in existing LBS applications and provides various location based queries. It also performs distance computation and comparison and offers multilevel access control. It also offers group based control and the facility of searching the nearest users to us. The location information is kept secret until it is published by publisher. Encrypting the data also avoids the problem of retrieval of location information by unregis- tered users from server database. Providing a secure way of sharing the location information can be achieve users convenience and safety over the network.

ACKNOWLEDGEMENT

We would like to thank our project guide Mr. N. V. Sharma (Assistant Professor, Information Technology, SNJB’s Late KBJ College of Engineering, Chandwad) for his timely suggestions and valuable guidance.

REFERENCES

[1] K. Vu, R. Zheng, and J. Gao, “Efficient algorithms for k-anonymous Location privacy in participatory sensing.” in

IEEE INFOCOM, 2012. [2] H. Zang and J. Bolot, “Anonymization of location data does not work: A large-scale measurement study,” in

Proceedings of the 17th annualInternational conference on Mobile computing and networking, 2011, pp. 145–156. [3] C. Bettini, X. Wang, and S. Jajodia, “Protecting privacy against location based personal identification,” Secure Data

Management, pp. 185 199, 2005. [4] 4. H. Kido, Y. Yanagisawa, and T. Satoh, “Protection of location privacyusing dummies for location- based

services,” in 21st International Conference on Data Engineering Workshops, 2005, pp. 1248– 1248. [5] A. Beresford and F. Stajano, “Mix zones: User privacy in location-aware services,” in Proceedings of the Second

IEEE Annual, International Conference onPervasive Computing and Communications Workshops, 2004, pp. 127–131.

[6] S. Mukherjee, Z. Chen, and A. Gangopadhyay, “A privacy preserving technique for euclidean distance- based mining algorithms using fourier- related transforms,” The VLDB Journal, vol. 1, Aug 2006, pp. 293–315.

[7] B. Zhou and J. Pei, “Preserving privacy in social networks against neigh- borhood at- tacks,” in 24th International Conference on Data Engineering (ICDE’08), 2008, pp. 506– 515.

[8] A. Khoshgozaran, C. Shahabi, and H. Shirani-Mehr, “Location privacy: going beyond k-anonymity, cloak- ing and anonymizers,” in 21st International Con- ference on Data Engineering Workshops, 2009, pp. 1–8.

[9] G. Ghinita, M. Azarmi, and E. Bertino, “Privacy-aware location-aided routing in mobile ad hoc networks,” in In MDM, Jan 2010, pp. 65–74.

[10] A. Acquisti and R. Gross, “Imagined communities: Awareness,” Information Sharing, and Privacy on the Facebook, 2006, pp. 36–58.

[11] C.-Y. Chow, M. F. Mokbel, and W. G. Aref, “Casper*: Query processing for location services without compro- mising privacy,” in ACM Transactions on Database Systems, 2009, pp. 1–34.

[12]Xiang-Yang Li and Taeho Jung, ”Search Me If You Can: Privacy-preserving Location Query Service”, IEEE Transactions Mobile Computing 2013,vol.3, pp.1-8.