کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
397410 | 671192 | 2013 | 4 صفحه PDF | دانلود رایگان |
The widespread deployment of technologies with tracking capabilities, like GPS, GSM, RFID and on-line social networks, allows mass collection of spatio-temporal data about their users. As a consequence, several methods aimed at anonymizing spatio-temporal data before their publication have been proposed in recent years. Such methods are based on a number of underlying privacy models. Among these models, (k,δ)-anonymity(k,δ)-anonymity claims to extend the widely used k -anonymity concept by exploiting the spatial uncertainty δ≥0δ≥0 in the trajectory recording process. In this paper, we prove that, for any δ>0δ>0 (that is, whenever there is actual uncertainty), (k,δ)-anonymity(k,δ)-anonymity does not offer trajectory k-anonymity, that is, it does not hide an original trajectory in a set of k indistinguishable anonymized trajectories. Hence, the methods based on (k,δ)-anonymity(k,δ)-anonymity, like Never Walk Alone (NWA) and Wait For Me (W4M) can offer trajectory k -anonymity only when δ=0δ=0 (no uncertainty). Thus, the idea of exploiting the recording uncertainty δδ to achieve trajectory k -anonymity with information loss inversely proportional to δδ turns out to be flawed.
► (k,δ)-Anonymity(k,δ)-Anonymity claims to provide trajectory k -anonymity.
► It exploits the spatial uncertainty δ of location recording.
► It aims to achieve information loss inversely proportional to δδ.
► We prove that, for any δ>0δ>0, (k,δ)-anonymity(k,δ)-anonymity does not offer trajectory k-anonymity.
Journal: Information Systems - Volume 38, Issue 4, June 2013, Pages 491–494