research-article

Anonysense: privacy-aware people-centric sensing

Authors:
Cory Cornelius

Dartmouth College, Hanover, NH, USA

Dartmouth College, Hanover, NH, USA
View Profile

,
Apu Kapadia

Dartmouth College, Hanover, NH, USA

Dartmouth College, Hanover, NH, USA
View Profile

,
David Kotz

Dartmouth College, Hanover, NH, USA

Dartmouth College, Hanover, NH, USA
View Profile

,
Dan Peebles

Dartmouth College, Hanover, NH, USA

Dartmouth College, Hanover, NH, USA
View Profile

,
Minho Shin

Dartmouth College, Hanover, NH, USA

Dartmouth College, Hanover, NH, USA
View Profile

,
Nikos Triandopoulos

University of Aarhus, Århus, Denmark

University of Aarhus, Århus, Denmark
View Profile

MobiSys '08: Proceedings of the 6th international conference on Mobile systems, applications, and servicesJune 2008Pages 211–224https://doi.org/10.1145/1378600.1378624

Published:17 June 2008Publication History

MobiSys '08: Proceedings of the 6th international conference on Mobile systems, applications, and services

Pages 211–224

ABSTRACT

Personal mobile devices are increasingly equipped with the capability to sense the physical world (through cameras, microphones, and accelerometers, for example) and the, network world (with Wi-Fi and Bluetooth interfaces). Such devices offer many new opportunities for cooperative sensing applications. For example, users' mobile phones may contribute data to community-oriented information services, from city-wide pollution monitoring to enterprise-wide detection of unauthorized Wi-Fi access points. This people-centric mobile-sensing model introduces a new security challenge in the design of mobile systems: protecting the privacy of participants while allowing their devices to reliably contribute high-quality data to these large-scale applications.

We describe AnonySense, a privacy-aware architecture for realizing pervasive applications based on collaborative, opportunistic sensing by personal mobile devices. AnonySense allows applications to submit sensing tasks that will be distributed across anonymous participating mobile devices, later receiving verified, yet anonymized, sensor data reports back from the field, thus providing the first secure implementation of this participatory sensing model. We describe our trust model, and the security properties that drove the design of the AnonySense system. We evaluate our prototype implementation through experiments that indicate the feasibility of this approach, and through two applications: a Wi-Fi rogue access point detector and a lost-object finder.

References

T. Abdelzaher, Y. Anokwa, P. Boda, J. Burke, D. Estrin, L. Guibas, A. Kansal, S. Madden, and J. Reich. Mobiscopes for human spaces. IEEE Pervasive Computing, 6(2):20-29, 2007. Google ScholarDigital Library
D. Boneh, X. Boyen, and H. Shacham. Short group signatures. In Proceedings of Crypto '04, volume 3152 of LNCS, pages 41--55. Springer-Verlag, 2004.Google Scholar
Continua alliance. http://www.continuaalliance.org/use_cases/. Use cases available on the web.Google Scholar
G. Calandriello, P. Papadimitratos, J.-P. Hubaux, and A. Lioy. Efficient and robust pseudonymous authentication in VANET. In VANET '07: Proceedings of the Fourth ACM International Workshop on Vehicular Ad Hoc Networks, pages 19--28. ACM Press, 2007. Google ScholarDigital Library
J. Camenisch and E. V. Herreweghen. Design and implementation of the phidemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS), pages 21--30. ACM Press, 2002. Google ScholarDigital Library
Camping. http://code.whytheluckystiff.net/camping/. Available on the web.Google Scholar
A. Campbell, S. Eisenman, N. Lane, E. Miluzzo, and R. Peterson. People-centric urban sensing. In The Second Annual International Wireless Internet Conference (WICON), pages 2--5. IEEE Computer Society Press, August 2006. Google ScholarDigital Library
CENS Urban Sensing project, 2007. http://research.cens.ucla.edu/projects/2006/Systems/Urban_Sensing/.Google Scholar
D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 4(2), Feb. 1981. Google ScholarDigital Library
D. M. Dias, W. Kish, R. Mukherjee, and R. Tewari. A scalable and highly available web server. In COMPCON '96: Proceedings of the 41st IEEE International Computer Conference, page 85, Washington, DC, USA, 1996. IEEE Computer Society. Google ScholarDigital Library
R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium, August 2004. Google ScholarDigital Library
S. B. Eisenman, E. Miluzzo, N. D. Lane, R. A. Peterson, G.-S. Ahn, and A. T. Campbell. The BikeNet mobile sensing system for cyclist experience mapping. In Proceedings of the 5th ACM Conference On Embedded Networked Sensor Systems (SenSys), pages 87--101, Nov. 2007. Google ScholarDigital Library
C. Frank, P. Bolliger, C. Roduner, and W. Kellerer. Objects calling home: Locating objects using mobile phones. In Proceedings of the 5th International Conference on Pervasive Computing (Pervasive), pages 351--368, May 2007. Google ScholarDigital Library
B. Gedik and L. Liu. Location privacy in mobile systems: A personalized anonymization model. In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS), pages 620--629. IEEE Computer Society, 2005. Google ScholarDigital Library
M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the First International Conference on Mobile Systems, Applications and Services (MobiSys), pages 31--42. ACM Press, 2003. Google ScholarDigital Library
M. Gruteser and D. Grunwald. Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis. Mobile Networks and Applications, 10(3):315--325, 2005. Google ScholarDigital Library
B. Hoh, M. Gruteser, H. Xiong, and A. Alrabady. Preserving privacy in GPS traces via uncertainty-aware path cloaking. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pages 161--171. ACM, 2007. Google ScholarDigital Library
B. Hull, V. Bychkovsky, Y. Zhang, K. Chen, M. Goraczko, A. K. Miu, E. Shih, H. Balakrishnan, and S. Madden. CarTel: A Distributed Mobile Sensor Computing System. In Proceedings of the 4th ACM Conference on Embedded Networked Sensor Systems (SenSys), pages 125--138, Nov. 2006. Google ScholarDigital Library
G. Iachello, I. Smith, S. Consolvo, M. Chen, and G. D. Abowd. Developing privacy guidelines for social location disclosure applications and services. In Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS), pages 65--76, July 2005. Google ScholarDigital Library
T. Jiang, H. J. Wang, and Y.-C. Hu. Preserving location privacy in wireless LANs. In Proceedings of the 5th International Conference on Mobile Systems, Applications and Services (MobiSys), pages 246--257. ACM Press, 2007. Google ScholarDigital Library
P. Johnson, A. Kapadia, D. Kotz, and N. Triandopoulos. People-Centric Urban Sensing: Security Challenges for the New Paradigm. Technical Report TR2007-586, Dartmouth College, Computer Science, Hanover, NH, February 2007.Google Scholar
A. Kapadia, T. Henderson, J. J. Fielding, and D. Kotz. Virtual walls: Protecting digital privacy in pervasive environments. In Proceedings of the Fifth International Conference on Pervasive Computing (Pervasive), volume 4480 of LNCS, pages 162--179. Springer-Verlag, May 2007. Google ScholarDigital Library
A. Kapadia, N. Triandopoulos, C. Cornelius, D. Peebles, and D. Kotz. AnonySense: Opportunistic and privacy-preserving context collection. In Proceedings of the Sixth International Conference on Pervasive Computing (Pervasive), May 2008. Google ScholarDigital Library
J. Krumm. Inference attacks on location tracks. In Proceedings of the Fifth International Conference on Pervasive Computing (Pervasive), volume 4480 of LNCS, pages 127--143. Springer-Verlag, May 2007. Google ScholarDigital Library
Mobile Phone Work Group, Trusted Computing Group. https://www.trustedcomputinggroup.org/groups/mobile.Google Scholar
U. Möller, L. Cottrell, P. Palfrader, and L. Sassaman. Mixmaster Protocol - Version 2. IETF Internet Draft, July 2003.Google Scholar
Mongrel. http://mongrel.rubyforge.org/. Available on the web.Google Scholar
E. Nakashima. Cellphone tracking powers on request: Secret warrants granted without probable cause. Washington Post, page A01, 23 November 2007.Google Scholar
Open street map. http://www.openstreetmap.org/. Available on the web.Google Scholar
J. Pang, B. Greenstein, R. Gummadi, S. Seshan, and D. Wetherall. 802.11 user fingerprinting. In Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking (MobiCom), pages 99--110. ACM Press, Sept. 2007. Google ScholarDigital Library
O. Riva and C. Borcea. The Urbanet revolution: Sensor power to the people! IEEE Pervasive Computing, 6(2):41--49, 2007. Google ScholarDigital Library
Microsoft Research SenseWeb project, 2007. http://research.microsoft.com/nec/senseweb/.Google Scholar
T. Simonite. Cellphones team up to become smart CCTV swarm. New Scientist, 31 October 2007.Google Scholar
Skyhook wireless, 2007. http://www.skyhookwireless.com/.Google Scholar
L. Sweeney. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness, and Knowledge-Based Systems, 10(5):557--570, October 2002. Google ScholarDigital Library
K. P. Tang, J. Fogarty, P. Keyani, and J. I. Hong. Putting people in their place: An anonymous and privacy-sensitive approach to collecting sensed data in location-based applications. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI), pages 93--102, 2006. Google ScholarDigital Library
TCG Mobile Trusted Module Specification, Revision 1. https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-trusted-module-1.0.pdf.Google Scholar
Trusted Computing Group (TCG), May 2005. https://www.trustedcomputinggroup.org/home.Google Scholar
P. P. Tsang, M. H. Au, A. Kapadia, and S. W. Smith. Blacklistable anonymous credentials: Blocking misbehaving users without TTPs. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pages 72--81, 2007. Google ScholarDigital Library
Urban atmospheres project, 2007. http://www.urban-atmospheres.net.Google Scholar
W. Wang, V. Srinivasan, and M. Motani. Adaptive contact probing mechanisms for delay tolerant applications. In Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking (MobiCom), pages 230--241. ACM, Sept. 2007. Google ScholarDigital Library

Index Terms

Anonysense: privacy-aware people-centric sensing

Recommendations

AnonySense: A system for anonymous opportunistic sensing

We describe AnonySense, a privacy-aware system for realizing pervasive applications based on collaborative, opportunistic sensing by personal mobile devices. AnonySense allows applications to submit sensing tasks to be distributed across participating ...
Read More
Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection

The massive amount of sensitive survey data about individuals that agencies collect and share through the Internet is causing a great deal of privacy concerns. These concerns may discourage individuals from revealing their sensitive information. ...
Read More
Doxing: a conceptual analysis

Doxing is the intentional public release onto the Internet of personal information about an individual by a third party, often with the intent to humiliate, threaten, intimidate, or punish the identified individual. In this paper I present a conceptual ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
MobiSys '08: Proceedings of the 6th international conference on Mobile systems, applications, and services
June 2008
304 pages
ISBN:9781605581392
DOI:10.1145/1378600
General Chairs:
Dirk Grunwald
University of Colorado, USA
,
Richard Han
University of Colorado, USA
,
Program Chairs:
Eyal de Lara
University of Toronto, Canada
,
Carla Ellis
Duke University, USA
Copyright © 2008 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 17 June 2008
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
anonymity
mobile sensing
opportunistic sensing
privacy
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate274of1,679submissions,16%
Upcoming Conference
MOBISYS '24

Sponsor:

sigmobile

The 22nd Annual International Conference on Mobile Systems, Applications and Services

June 3 - 7, 2024

Minato-ku, Tokyo , Japan
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 289
  Total Citations
  View Citations
- 1,960
  Total Downloads
- Downloads (Last 12 months)30
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Anonysense: privacy-aware people-centric sensing

MobiSys '08: Proceedings of the 6th international conference on Mobile systems, applications, and services

ABSTRACT

References

Cited By

Index Terms

Recommendations

AnonySense: A system for anonymous opportunistic sensing

Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection

Doxing: a conceptual analysis

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Anonysense: privacy-aware people-centric sensing

MobiSys '08: Proceedings of the 6th international conference on Mobile systems, applications, and services

ABSTRACT

References

Cited By

Index Terms

Recommendations

AnonySense: A system for anonymous opportunistic sensing

Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection

Doxing: a conceptual analysis

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media