Privacy and accountability for location-based aggregate statistics
Author(s)Popa, Raluca Ada; Blumberg, Andrew J.; Balakrishnan, Hari; Li, Frank H.
MetadataShow full item record
A significant and growing class of location-based mobile applications aggregate position data from individual devices at a server and compute aggregate statistics over these position streams. Because these devices can be linked to the movement of individuals, there is significant danger that the aggregate computation will violate the location privacy of individuals. This paper develops and evaluates PrivStats, a system for computing aggregate statistics over location data that simultaneously achieves two properties: first, provable guarantees on location privacy even in the face of any side information about users known to the server, and second, privacy-preserving accountability (i.e., protection against abusive clients uploading large amounts of spurious data). PrivStats achieves these properties using a new protocol for uploading and aggregating data anonymously as well as an efficient zero-knowledge proof of knowledge protocol we developed from scratch for accountability. We implemented our system on Nexus One smartphones and commodity servers. Our experimental results demonstrate that PrivStats is a practical system: computing a common aggregate (e.g., count) over the data of 10,000 clients takes less than 0.46 s at the server and the protocol has modest latency (0.6 s) to upload data from a Nexus phone. We also validated our protocols on real driver traces from the CarTel project.
DepartmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Proceedings of the 18th ACM conference on Computer and communications security (CCS '11)
Association for Computing Machinery (ACM)
Raluca Ada Popa, Andrew J. Blumberg, Hari Balakrishnan, and Frank H. Li. 2011. Privacy and accountability for location-based aggregate statistics. In Proceedings of the 18th ACM conference on Computer and communications security (CCS '11). ACM, New York, NY, USA, 653-666. DOI=10.1145/2046707.2046781 http://doi.acm.org/10.1145/2046707.2046781
Author's final manuscript