20 20

Transactions on
Data Privacy
Foundations and Technologies


Articles in Press

Accepted articles here

Latest Issues

Year 2021

Volume 14 Issue 2
Volume 14 Issue 1

Year 2020

Volume 13 Issue 3
Volume 13 Issue 2
Volume 13 Issue 1

Year 2019

Volume 12 Issue 3
Volume 12 Issue 2
Volume 12 Issue 1

Year 2018

Volume 11 Issue 3
Volume 11 Issue 2
Volume 11 Issue 1

Year 2017

Volume 10 Issue 3
Volume 10 Issue 2
Volume 10 Issue 1

Year 2016

Volume 9 Issue 3
Volume 9 Issue 2
Volume 9 Issue 1

Year 2015

Volume 8 Issue 3
Volume 8 Issue 2
Volume 8 Issue 1

Year 2014

Volume 7 Issue 3
Volume 7 Issue 2
Volume 7 Issue 1

Year 2013

Volume 6 Issue 3
Volume 6 Issue 2
Volume 6 Issue 1

Year 2012

Volume 5 Issue 3
Volume 5 Issue 2
Volume 5 Issue 1

Year 2011

Volume 4 Issue 3
Volume 4 Issue 2
Volume 4 Issue 1

Year 2010

Volume 3 Issue 3
Volume 3 Issue 2
Volume 3 Issue 1

Year 2009

Volume 2 Issue 3
Volume 2 Issue 2
Volume 2 Issue 1

Year 2008

Volume 1 Issue 3
Volume 1 Issue 2
Volume 1 Issue 1

Volume 9 Issue 1

Differential Privacy Models for Location-Based Services

Ehab ElSalamouny(a),(b), Sebastien Gambs(c),(*)

Transactions on Data Privacy 9:1 (2016) 15 - 48

Abstract, PDF

(a) INRIA, France.

(b) Faculty of Computers and Informatics, Suez Canal University, Egypt.

(c) Université du Québec à Montréeal (UQAM), Canada.

e-mail:ehab.m.s @gmail.com; gambs.sebastien @uqam.ca


In this paper, we consider the adaptation of differential privacy to the context of location-based services (LBSs), which personalize the information provided to a user based on his current position. Assuming that the LBS provider is queried with a perturbed version of the position of the user instead of his exact one, we rely on differential privacy to quantify the level of indistinguishability (i.e., privacy) provided by this perturbation with respect to the user's position. In this setting, the adaptation of differential privacy can lead to various models depending on the precise form of indistinguishability required. We discuss the set of properties that hold for these models in terms of privacy, utility and also implementation issues. More precisely, we first introduce and analyze one of these models, the (D, e)-location privacy, which is directly inspired from the standard differential privacy model. In this context, we describe a general probabilistic model for obfuscation mechanisms for the locations whose output domain is the Euclidean space E2. In this model, we characterize the satisfiability conditions of (D, e)-location privacy for a particular mechanism and also measure its utility with respect to an arbitrary loss function. Afterwards, we present and analyze symmetric mechanisms in which all locations are perturbed in a unified manner through a noise function, focusing in particular on circular noise functions. We prove that, under certain assumptions, the circular functions are rich enough to provide the same privacy and utility levels as other more complex (i.e., non-circular) noise functions, while being easier to implement. Finally, we extend our results to a generalized notion for location privacy, called l-privacy capturing both (D, e)-location privacy and also the notion of e-geo-indistinguishability recently introduced by Andrés, Bordenabe, Chatzikokolakis and Palamidessi.

* Corresponding author.

Follow us


ISSN: 1888-5063; ISSN (Digital): 2013-1631; D.L.:B-11873-2008; Web Site: http://www.tdp.cat/
Contact: Transactions on Data Privacy; Vicenç Torra; U. of Skövde; PO Box 408; 54128 Skövde; (Sweden); e-mail:tdp@tdp.cat
Note: TDP's web site does not use cookies. TDP does not keep information neither on IP addresses nor browsers. For the privacy policy access here.


Vicenç Torra, Last modified: 00 : 08 May 19 2020.