International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882

Vo lu me 3, Issue 8, November 2014

1166

Privacy P rotection using Effective Techniques with

Rigorousinteractions in mobile applications
1

P.Ramya, 2 C.Saravanabhavan, 3 C.Yalini

PG Student, 2 Associate Professor, 3 Assistant Professor

Affiliated to Anna University , Department of Co mputer Science and Engineering,
Kongunadu College of Engineering and Technology

ABSTRACT
Locality based schemes are used for finding out the point of interest (POI)from a specific location. GPS systems are used for
finding out the latitude and longitude values of a specific location .Based on the POI generated, the service can be provided to
the client from the location server. We use the novel advanced encryption standard technique to solve the problem associated
with the location data. The user does not wants to send his location information directly to the server since doing so the server
can find the users location preferences and use that data for advertising by that user privacy gets lost. The second part is that
the server wants to protect its data from the unnecessary query created by the user. The server cannot send back other
sensitive data to the user. We propose a major enhancement upon previous solution by having two approaches. First one is
unaware transfer and the next is secret information recovery to achieve a secure solution. The solution we present is efficient
and practical in many scenarios. We implement the solution using a real cloud location server and android mobile application.
Key words: location based query, unaware transfer, secret information recovery, advancedencryption.

1. INTRODUCTION
The method used to determine the location of a
device in an access network varies between the different
types of networks. In general GPS is used in all the cases
to determine the location information. By having the
determined values of latitude and longitude generated by
the device, service provider can provide a number of
services to the user. Such that the user can get various
solutions from the service provider through location based
queries. Among many inspiringobstacles to the wide
deployment of such application, a major issue is a privacy.
For instance, users may feel hesitate to disclose their
locations to theLBS, because it may be possible for a
location server to learn who is making a certain query by
linking these locationswith a residential phone book
database, sinceusers are likely to perform many queries
from homelocation based servicesmay open doors for
challengers to threaten location privacy of mobile users
and to expose LBSs to significantvulnerabilities for abuse.
LOCATION PRIVACY TECHNIQUES
Location k-Anonymity
In the context of LBS and mobile users, kanonymous usage of location information is a location kanonymity. It is the most popular approach for detecting a
location, which depersonalizes data through worry
techniques before forwarding it to the LBS providers. It
suffers from several drawbacks. Atfirst, it assumes a

system wide static k value for all mobile clients, which

delays the service quality for those mobile clients whose
privacy requirements can be satisfied using smaller k
values. This approach fails to provide any quality of
service promises with respect to the sizes of the cloaking
boxes produced. This is because, the quadtree-based
algorithm anonymizes the messages by dividing the quad
tree cells until the number of messages in each cell falls
below k.Location agitation is known to be an effective
technique for implementing location k-anonymity.
Thenominal challenge is how to sufficiently control the
location cloaking process in terms of locationk-anonymity,
location l-diversity, and location m-invariant efficiently to
meet both location privacy andlocation service quality
requirements.
A subject is considered k-anonymous with respect
to location information if and only if the location
information sent from a mobile user to a LBS is
indistinguishable from the location information of at least
k 1 other subjects. In this paper, we describe a
personalized k-anonymity model for protecting location
privacy against various privacy threats through sharing of
location information. There is a close synergy between
location privacy and k-anonymity. largerk in location
anonymity usually implies higher securitiesfor location
privacy. Thus to ensure that a subject is k anonymous, one
can trouble the location information by replacing it with a
relatively large spatial region or range or by delaying the
message long sufficient. However, this has twodownsides.

www.ijsret.org

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Vo lu me 3, Issue 8, November 2014

First, low spatial resolution in location may lead the LBS

provider to provide more coarse grained locationdependent information to the mobile user,which may
determine the quality of service; or it may result in
sending more than required information back to the
mobileuser, which is going to be filtered out by the mobile
node, which results in communication and processing
overhead. Second, the extra delay introduced through
temporal cloaking of location information may decrease
the perceived service quality of the mobile user.their
functionality. Each messageintended to an LBS provider
contains location information of the mobile node, a
timestamp, in accumulation to service specificinformation.
Upon receiving a message from a mobile node, the secrecy
server decrypts the message and removes anyidentifiers,
such as IP addresses, and perturbs the location information
through spatio-temporal cloaking, and then forwardsthe
anonymized message.

Figure 1: system model

Cloaking Region Technique
The Cloaking Region Technique replaces the
original location where the user is located with the
cloaking region especially in rectangular shape. Thereby
cloaking region satisfies the constraints produced by the
paradigm which is also called as spatial k-anonymity. The
paradigm specifies the requirements needed for privacy.
The query generated by the user is processed by the
cloaking technique with respect to the rectangular shape
created and not with the exact location of the user.
Therefore the result obtained is the super set of an actual
query.
Privavy techniques encounter the expense of a
location data which achieved its linear nature and thereby
we limit our definitions for computational location privacy
to the geometric based algorithms.Thus we do not include
protection schemes based on laws, policies, access control,
standard encryption, and special message protocols like
mix routing. Likewise, we concentrate on computational
privacy attacks take advantage of the symmetrical nature

1167

of location data, thus omitting attacks based on manual

surveillance or hacking around standard data protection
schemes.This leaves a rich set of computational privacy
attacks and countermeasures that treat location in a
quantitative way.

2. PROTOCOL MODEL
K-anonymity in Location-Based Services
Location-based services adopt the concept of K-anonymity
using the framework .A userSends his position, query and
K to the anonymizer, which removes the id of the user and
transforms his location through cloaking. The generated
K-ASR is forwarded to the LBS which processes itand
returns a set of candidates, containing the actual results
and false hits. The first cloaking3 technique, called
Interval Cloak is based on quad trees. A quad tree
recursively partitions the space into quadrants until the
points in each quadrant fit in a page/node.The anonymizer
maintains a quadtree with the locations of all
users.Different systems are the subjected for many
different computational schemes for protecting privacy,
such as using a pseudonym instead of an actual name.
When location systems track users automatically on an
ongoing basis, they generate an massive amount of
potentially sensitive information. Privacy of location
information is about controlling access to this information.
We do not necessarily wants to stop all access because
some applications can use this information to provide
useful services to the user but we want to be in control.
Some goals are clearly mutually exclusive and cannot be
simultaneously satisfied.
In particular to protect the privacy of our location
information while taking advantage of location-aware
services, we wish to hide our true identity from the
applications receiving our location; at a very high level,
this can be taken as a statement of our security policy.
Once it receives a query from a user U, it traverses
the quadtree (top-down) until it finds the quadrant that
contains Uand fewerthan K-1 users. Later, it proceeds with
the selection of the parent of that quadrant as the K-ASR
and forwards it to the LBS.
An anonymous LBS
Physical layer security is that the level of security
provided strongly depends on the amount of information
thatthe legitimate users know about the eavesdroppers.
Private Information Retrieval (PIR)
Private information retrieval(PIR) allows the user
to get the data from the database where both the data
present in a database and the queries generated by the user
to be protected such that the queries are encrypted into

www.ijsret.org

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Vo lu me 3, Issue 8, November 2014

unknown form in order to avoid the hackers from stealing

the data. Formally, the data can be viewed as a string with
n bits such that the data be x and i be the index of the data
which is coupled with the data. The index value I is not
maintained in the database. This PIR need a bits of
information. The main advantage of this scheme is that it
reduces the communication complexity by assuming that
the data is being replicated at multiple sites. The replicated
data must not communicate with each other.In this scheme
only the plain text gets stored in the database not the index
value.So there is no need of any mining to be acquired in
the database. Hence it is single round protocol not a multi
round protocol
Mix Zones
A mix network is a store-and-forward.
Networkthat offers anonymous communication facilities.
The network contains normal message-routing nodes
alongside special mix nodes. Even hostile observers who
can monitor all the links in the network cannot trace a
message from its source to its destination without the
collusion of the mix nodes.

1168

servers security in the oblivious transfer phase. Our

Algorithm is the same as the oblivious transfer protocol
except from the one-out-of-n oblivious transfer protocol.
Clients Security
Fundamentally, the information that is most
valuable to the user is his/her location. This location is
mapped to a cell Pi,j. In both phases of our protocol, the
oblivious transfer based protocol and the private
information retrieval based protocol, the server must not
be able to distinguish two queries of the client from each
other. We will now describe both cases separately.
In the oblivious transfer phase, each coordinate of the
location is encrypted by the ElGamal encryption scheme,It
has been shown that ElGamal encryption scheme is
semantically secure . This means that given the encryption
of one of two plaintexts m1 and m2 chosen by a
challenger, the challenger cannot determinewhich
plaintext is encrypted, with probability significantly
greater than 1/2 (the success rate of random guessing). In
view of it, the server cannot distinguish any two queries of
the client from each other in this phase. In the private
information retrieval phase, the security of the client is
built on the private informationretrieval protocol, which is
based on the phi-hiding assumption .

3. CONCLUSION

Figure 2
Advantages
We overcome the data misleading between
location server and users.
We provide better security algorithm to protect
users information during transformation.
Realtime using cloud and android mobile.
Limitations
LS (Location Server) supplying misleading data to
the client.
This misleads about integration of all the model
Servers Security
Intuitively, the servers security requires that the
client can retrieve one record only in each query to the
server, and the server must not disclose other records to
the client in theresponse. Our protocol achieves the

In this paper we have presented a location based

query solution that employs two protocols that enables a
user to privately determine and acquire location data. The
first thing is for a user to privately determine his/her
location using oblivious transfer on a public grid. The next
involves a private information retrieval interaction
thatretrieves the record with high communication
efficiency. We analysed the performance of our protocol
and found it to be both computationally and
communicationally more efficient than the solution.
REFERENCES
1)P. Paillier, Public-key cryptosystems based on
composite degree residuosity classes, in Proc.
EUROCRYPT, vol. 1592, Prague, Czech Republic, 1999,
pp. 223238.
2) R. Paulet, M. GolamKaosar, X. Yi, and E.
Bertino,Privacy preserving and content-protecting
location based queries, inProc. ICDE, Washington, DC,
USA, 2012, pp. 4453.
3) B. Palanisamy and L. Liu, MobiMix: Protecting
location privacy with mix-zones over road networks, in
Proc. ICDE, Hannover, Germany, 2011, pp. 494505.
4)S.PohligandM. Hellman, An improved algorithm for
computing logarithms over GF(p) and its cryptographic

www.ijsret.org

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Vo lu me 3, Issue 8, November 2014

significance (corresp.), IEEE Trans. Inform. Theory, vol.

24, no. 1, pp. 106110, Jan. 1978.
5)L.Sweeney,k-Anonymity: A model for protecting
privacy, Int. J. Uncertain. Fuzziness Knowl.Based Syst.,
vol. 10, no. 5,pp. 557570, Oct. 2002.
6) T. Xu and Y. Cai, Feeling-based location privacy
protection for location-based services,
7) C. Bettini, X.Wang, and S. Jajodia,Protecting privacy
against location based identification, in Proc. 2nd VDLB
Int.Conf. SDM, W. Jonker and M. Petkovic, Eds.,
Trondheim, Norway, 2005, pp. 185199, LNCS 3674.
8) X. Chen and J. Pang, Measuring query privacy in
location-based services, in Proc.2nd ACM CODASPY,
San Antonio, TX, USA, 2012, pp. 4960.
9) B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan,
Private information retrieval, J. ACM, vol. 45, no. 6, pp.
965981, 1998.
10) M. Damiani, E. Bertino, and C. Silvestri, The
PROBE framework for the personalized cloaking of
private locations, Trans. DataPrivacy, vol. 3, no. 2, pp.
123148, 2010.
11) M. Duckham and L. Kulik, A formal model of
obfuscation and negotiation for location privacy, in Proc.
3rd Int. Conf. PervasiveComput., H. Gellersen, R. Want,
and A. Schmidt, Eds., 2005, pp. 243251, LNCS 3468.

www.ijsret.org

1169