09-08-2012, 04:55 PM
A Privacy-Preserving Location Monitoring System for Wireless Sensor Networks
A Privacy-Preserving Location.pdf (Size: 2.61 MB / Downloads: 47)
INTRODUCTION
THE advance in wireless sensor technologies has resulted
in many new applications for military and/or civilian
purposes. Many cases of these applications rely on the
information of personal locations, for example, surveillance
and location systems. These location-dependent systems are
realized by using either identity sensors or counting
sensors. For identity sensors, for example, Bat [1] and
Cricket [2], each individual has to carry a signal sender/
receiver unit with a globally unique identifier. With identity
sensors, the system can pinpoint the exact location of each
monitored person. On the other hand, counting sensors, for
example, photoelectric sensors [3], [4], and thermal sensors
[5], are deployed to report the number of persons located in
their sensing areas to a server.
SYSTEM MODEL
depicts the architecture of our system, where there are
three major entities, sensor nodes, server, and system users. We
will define the problem addressed by our system, and then
describe the detail of each entity and the privacy model of
our system.
LOCATION ANONYMIZATION ALGORITHMS
In this section, we present our in-network resource and
quality-aware location anonymization algorithms, that is.
periodically executed by the sensor nodes to report their
k-anonymous aggregate locations to the server for every
reporting period.
The Resource-Aware Algorithm
Algorithm 1 outlines the resource-aware location anonymization
algorithm. Fig. 3 gives an example to illustrate the
resource-aware algorithm, where there are seven sensor
nodes,AtoG, and the required anonymity level is five, k ¼ 5.
The dotted circles represent the sensing area of the sensor
nodes, and a line between two sensor nodes indicates that
these two sensor nodes can communicate directly with each
other. In general, the algorithm has three steps.
Effect of Query Region Size
depicts the privacy protection and the quality of our
location monitoring system with respect to increasing the
query region size ratio from 0.001 to 0.256, where the query
region size ratio is the ratio of the query region area to the
system area and the query region size ratio 0.001 corresponds
to the size of a sensor node’s sensing area. The results give
evidence that our system provides low-quality location
monitoring services for the range query with a small query
region, and better quality services for larger query regions.
This is an important feature to protect personal location
privacy, because providing the accurate number of objects in
a small area could reveal individual location information;
therefore, an adversary cannot use our system output to track
the monitored objects with any fidelity.