by Marc Langheinrich.

in Ubiquitous Computing (UbiComp), LNCS 2201, Springer, 2001. DOI=10.1007/3-540-45427-6_23. Also available at CiteSeer.

Summary: This article provides a solid foundation for thinking about privacy in ubiquitous computing systems.

by Ting Wang and Ling Liu

A Chapter in Machine Learning in Cyber Trust: Reliability, Security, Privacy. Editors: Jeffery Tsai and Philip Yu. Publisher: Springer-Verlag, 2008

Summary: This article presents an overview of the advances in the area of data privacy research. The authors summarize the representative algorithms and methods for implementing the proposed principles, and discuss their fundamental limitations. They also examine the research challenges and opportunities of location privacy protection, and compared the strengths and weaknesses of the proposed models, architectures, and algorithms.

by A. Bose, X. Hu, K.G. Shin, and T. Park

in Proceedings of the International Conference on Mobile Systems, Applications, and Services (MobiSys), ACM, 2008. DOI=10.1145/1378600.1378626

Summary: This article proposes a novel behavioral detection framework for mobile worms, viruses, and Trojans based on classifiers that demonstrate more than 96% accuracy. The techniques employed have low overhead for computation time and resources, and are therefore very suitable for use with mobile computers.

by Alfredo Matos, João Girão, Susana Sargento and Rui Aguiar

Global Telecommunications Conference, 2007. GLOBECOM '07. IEEE

Summary: This paper proposes a solution to preserve the application layer privacy models by applying the virtual personae concept, which corresponds to different identities of the same user, throughout the network stack.

by Jeremy Andrus, Christoffer Dall, Alexander Van’t Hof, Oren Laadan, and Jason Nieh

In Proceeding SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, Pages 173-187

Summary: The authors design, implement, and evaluate Cells, the first OS virtualization solution for mobile devices. They implement a prototype of Cells that supports multiple Android virtual phones on the same phone. Their performance results show that Cells imposes only modest runtime and memory overhead, works seamlessly across multiple hardware devices including Google Nexus 1 and Nexus S phones, and transparently runs Android applications at native speed without any modifications.

by Delphine Christin, Christian Roßkopf, Matthias Hollick

In: Accepted for publication in Pervasive and Mobile Computing (PMC), Dezember 2012.

Summary: This article proposes a privacy-aware application for citizen safety in urban environments called uSafe. uSafe is based on user-generated reports about their feeling of safety when they travel in the city. The authors present a prototype implementation and evaluate their concept with a user study involving 183 participants.

Yaniv Shaked and Avishai Wool.

in Proceedings of the International Conference on Mobile Systems, Applications, and Services (MobiSys), ACM, 2005. DOI=10.1145/1067170.1067176.

Summary: This article describes a passive attack on Bluetooth to find the PIN used during the pairing process. The authors show that a 4-digit PIN can be cracked in less 0.06 sec on a 3GHz Pentium IV computer. The research shows that the underlying SAFER algorithm, which is based on a 128-bit key, is quite secure, but its realization as a 4-digit human readable PIN makes it vulnerable.

by Monte Lunacek, Darrell Whitley, Indrakshi Ray

Genetic and Evolutionary Computation Conference (GECCO) ’06, July 8–12, 2006, Seattle, Washington, USA.

Summary: In this paper, the authors have looked at the factors that affect genetic algorithm performance on the k-anonymity problem. They implement a new crossover operator that preserves valid solutions.

by Jeffery L. Johnson

Eastern Oregon University Public Affairs Quarterly, Vol 6, No. 3, July 1992, pp. 271-88.

Summary: This paper briefly summarizes an answer to the question: "What is privacy?"

by Sebastian Clauß, TU Dresden, Germany

Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security (ETRICS'06), Pages 191-205

Summary: This paper describes a framework to quantity anonymity and linkability of a user’s actions for use within a privacy-enhancing identity management system. The author defines an appropriate attacker model and proposes an approach for computing such quantification based on observations of user’s actions.

by Avrim Blum, Katrina Ligett, Aaron Roth

STOC '08 Proceedings of the 40th annual ACM symposium on Theory of computing Pages 609-618

Summary: The authors introduce a new definition of privacy, distributional privacy (which they show is strictly stronger than differential privacy), and demonstrate a privacy-preserving polynomial time algorithm that releases information useful for all half-space queries, for a slightly relaxed definition of usefulness.

by Claudia Diaz, Stefaan Seys, Joris Claessens, and Bart Preneel

in Proceedings of PET 2002, April 14-15, 2002, San Francisco, In Hannes Federath (Ed.), Designing Privacy Enhancing Technologies, Lecture Notes in Computer Science, 2002.

Summary: This article proposes a general measurement model to quantify the degree of anonymity provided by a system in particular attack circumstances. The authors apply their model to some existing solutions for anonymous communication. The model is shown to be very useful for evaluating the level of privacy a system and for comparing different systems.

by Souvik Ray, Zhao Zhang

In Proceeding P2P '07 Proceedings of the Seventh IEEE International Conference on Peer-to-Peer Computing, Pages 27-36

Summary: In this paper, the authors use information theory to build a model to evaluate the resilience of different Distributed Hash Table (DHT) designs against leak of privacy. Their analytical results show that for the same routing complexity, ring-based DHT (Chord) has the minimum information leak.

by Richard A. Posner

"The Right of Privacy" in the University of Georgia Law Review, May 1978

Summary: This article give a fresh perspective on the privacy question. The perspective is offered by economic analysis, and by the common law principles that have evolved under the influence of economic perceptions. In this perspective, the recent legislative emphasis on favoring individual and denigrating corporate and organizational privacy stands revealed as still another example of perverse government regulation of social and economic life.

by Lior Jacob Strahilevitz

The Law School, University of Chicago, November 2004

Summary: In this paper, the author focus on the privacy torts. The paper suggests that using insights from social network theory can help courts evaluate privacy in a more accurate and transparent matter.

by James H. Moor

ACM SIGCAS Computers and Society Volume 27 Issue 3, Sept. 1997 Pages 27 - 32

Summary: The issue of privacy is a top priority in the present information society. In this paper, the author assembles pieces of an overall theory of privacy and try to defend it. He argues that privacy is best understood in terms of a control/restricted access account.

by Cynthia Dwork

Proceeding TAMC'08 Proceedings of the 5th international conference on Theory and applications of models of computation, Pages 1-19

Summary: In this survey, the authors recall the definition of differential privacy and two basic techniques for achieving it. They then show some interesting applications of these techniques, presenting algorithms for three specific tasks and three general results on differentially private learning.

by Cynthia Dwork

International Colloquium on Automata, Languages and Programming (ICALP) 2006, p. 1–12

Summary: In this paper, the authors define differential privacy, which, intuitively, captures the increased risk to one’s privacy incurred by participating in a database.

by LATANYA SWEENEY

International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10 (5), 2002; 557-570.

Summary: This paper presents the k-anonymity protection model, explores related attacks and provides ways in which these attacks can be thwarted.

by Bugra Gedik and Ling Liu

Journal IEEE Transactions on Mobile Computing, Volume 7 Issue 1, January 2008, Pages 1-18

Summary: This paper describes a scalable architecture for protecting the location privacy from various privacy threats resulting from uncontrolled usage of location-based services (LBSs). This architecture includes the development of a personalized location k-anonymity model and a suite of location perturbation algorithms. The experiments achieve high resilience to location privacy threats without introducing any significant performance penalty.

by KHALED EL EMAM, FIDA KAMAL DANKAR

In Proceedings of JAMIA. 2008, 627-637.

Summary: In this paper, the authors focus on k-Anonymity, which is a popular approach for protecting privacy. They considers the two re-identification scenarios that k-Anonymity is intended to protect against. For one of the scenarios, they show that actual re-identification risk under the baseline k-Anonymity is much lower than the threshold risk that the data custodian assumes, and that this results in an excessive amount of information loss, especially at small sampling fractions. They also find that a hypothesis testing approach provided the best control over re-identification risk and reduces the extent of information loss compared to baseline k-anonymity.

by Ashwin Machanavajjhala, Johannes Gehrke, Daniel Kifer

Journal ACM Transactions on Knowledge Discovery from Data (TKDD), Volume 1 Issue 1, March 2007, Article No. 3

Summary: In this paper, the authors show that a k-anonymized dataset permits strong attacks due to lack of diversity in the sensitive attributes. They introduce ℓ-diversity, a framework that gives stronger privacy guarantees. Their evaluation shows that ℓ-diversity is practical and can be implemented efficiently.

by Rinku Dewri

7th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2011, London, UK, September 7-9, 2011

Summary: This article provides a classification of attacker knowledge, and explore what implication does a certain form of knowledge has on location privacy. The authors argue that the use of cloaking regions can adversely impact the preservation of privacy in the presence of approximate location knowledge, and demonstrate how perturbation based mechanisms can instead be useful.

by Ben Greenstein, Ramakrishna Gummadi, Jeffrey Pang, Mike Y. Chen, Tadayoshi Kohno, Srinivasan Seshan, and David Wetherall

In Proceeding HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems, Article No. 10

Summary: This paper argues that wireless networks pose new threats to privacy and that there is incentive, not just for users, but also for providers and manufacturers to address these threats. The authors identify several research challenges to doing so and offer some direction towards a solution.

by Yih­Chun Hu, Helen J. Wang

ACM SIGCOMM Asia Workshop 2005 April 12–14, 2005, Beijing, China

Summary: In this paper, the authors introduce the problems of anonymity and location privacy in wireless networks. They build a transaction-based wireless communication system that provides un-linkable transactions. They also identify a number of challenges in providing location privacy in the areas of routing, incentives for multi-hop forwarding, and user- and application-driven tuning of the privacy-performance tradeoff.

by Marco Gruteser and Baik Hoh

In Proceeding SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing, Pages 179-192

Summary: In this paper, the authors consider a class of applications that requires a large number of users to reveal periodic location samples. They observe that linking anonymous location samples is related to the data association problem in tracking systems. They then propose to use such tracking algorithms to characterise the level of privacy and to derive disclosure control algorithms.

by Jeffrey Pang, Benjamin Greenstein, Ramakrishna Gummadi, Srinivasan Seshan, and David Wetherall.

in Proceedings of the International Conference on Mobile Computing and Networking (MobiCom), ACM, 2007. DOI=10.1145/1287853.1287866.

Summary: The authors demonstrate methods for identifying individual users by observing 802.11 traffic, even if the 802.11 payloads are encrypted, by recognizing various sources of information in the 802.11 frame headers (such as the SSIDs listed in beacon requests).

by Katie Shilton, Jeff Burke, Deborah Estrin, Mark Hansen, and Mani B. Srivastava

In Proceedings of the International Workshop on Mobile Devices and Urban Sensing (MODUS), pp. 1-7. Shin et al., 2010

Summary: This paper briefly reviews related privacy literature and introduces design principles based upon participatory privacy regulation: a flexible approach to privacy that incorporates both group and individual decision-making about disclosure boundaries to negotiate trust and commitment between participants and urban sensing systems.

by Sampigethaya, K., Huang, L., Li, M., Poovendran, R., Matsuura, K. and Sezaki, K

In Embedded Security in Cars, Nov. 2005; also in IEEE Journal on Selected Areas in Communications, Special Issue on Vehicular Networks 25, 8 (Oct. 2007), 1569−1589.

Summary: In this paper, the authors study the problem of providing location privacy in VANET by allowing vehicles to prevent tracking of their broadcast communications. They propose a location privacy scheme called CARAVAN, and evaluate the privacy enhancement achieved under some existing standard constraints of VANET applications, and in the presence of a global adversary.

by K. Sampigethaya, Mingyan Li, Leping Huang, R. Poovendran

In Journal IEEE Journal on Selected Areas in Communications archive Volume 25 Issue 8, October 2007 Page 1569-1589.

Summary: This paper addresses the problem of mitigating unauthorized tracking of vehicles based on their broadcast communications, to enhance the user location privacy in VANET. The authors propose a scheme called AMOEBA, that provides location privacy by mitigating the location tracking of vehicles, and protects user privacy by providing vehicles with anonymous access to LBS applications.

by Marco Gruteser, Dirk Grunwald

In Journal Mobile Networks and Applications - Special issue: Wireless mobile wireless applications and services on WLAN hotspots, Volume 10 Issue 3, June 2005, Pages 315 - 325

Summary: In this paper, the authors consider the threat model and solutions for location privacy in wireless 802.11 networks. They enhance location privacy through frequent disposal of a client's interface identifier. They also propose MAC rekeying as a solution and analyze the situations in which it may apply.

by Ben Greenstein, Damon McCoy, Jeffrey Pang, Tadayoshi Kohno, Srinivasan Seshan, David Wetherall

In Proceeding MobiSys '08 Proceedings of the 6th international conference on Mobile systems, applications, and services, Pages 40-53

Summary: In this paper, the authors present the design and evaluation of SlyFi , an identifier-free 802.11 link layer that obfuscates all transmitted bits to increase privacy. Their evaluation shows that SlyFi can discover and associate with networks faster than 802.11 using WPA-PSK.

by Tao Jiang, Helen J. Wang, Yih-Chun Hu

In Proceeding MobiSys '07 Proceedings of the 5th international conference on Mobile systems, applications and services, Pages 246-257

Summary: This article analyze the problem of location privacy in wireless networks and present a protocol for improving location privacy. The basic approach is to obfuscate several types of privacy-compromising information revealed by a mobile node, including sender identity, time of transmission, and signal strength.

by Toby Xu, Ying Cai

In Proceeding CCS '09 Proceedings of the 16th ACM conference on Computer and communications security, Pages 348-357

Summary: This article proposes a feeling-based model. With this model, the authors present a novel technique that allows a user’s location information to be reported as accurate as possible while providing her sufficient location privacy protection. They also implement an experimental system for location privacy-aware uses of location-based services.

by E. Schoch, F. Kargl, T. Leinmuller, S. Schlott, and P. Papadimitratos

In Proceedings of the European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS), October 2006.

Summary: In this paper, the authors focus on the effects of pseudonym changes on the performance of geographic routing that is intended to be used in VANETs. They also introduce a callback mechanism which informs the routing about failed transmissions. The results of this paper provide advice on how to achieve the balance between privacy protection on the one and performance on the other hand.

by Joo-Han Song, Vincent W. Wong, Victor C. Leung

In Journal Mobile Networks and Applications archive Volume 15 Issue 1, February 2010, Pages 160-171.

Summary: This paper proposes a vehicle density-based location privacy (DLP) scheme which can provide location privacy by utilizing the neighboring vehicle density as a threshold to change the pseudonyms.

by Jetzabel Serna, Jesus Luna and Manel Medina

In Information Assurance and Security, 2008. ISIAS '08. Fourth International Conference.

Summary: This paper presents existing privacy and trust issues, finding that so far these approaches consider that privacy mostly rely on the use of pseudonyms. The authors also propose the use of a privacy solution based on two mechanisms: a Mandatory Access Control and a novel Geolocation-based Trust Propagation.

by Chi-Yin Chow, Mohamed F. Mokbel, Xuan Liu

ACMGIS’ 06, November 1011, 2006, Arlington, Virginia, USA

Summary: In this article, the authors present a peer-to-peer (P2P) spatial cloaking algorithm in which mobile and stationary users can entertain location-based services without revealing their exact location information. Experimental results show that this algorithm operated in the on-demand mode has lower communication cost and better quality of services than the proactive mode, but the on-demand incurs longer response time.

by Maria Luisa Damiani, Claudio Silvestri, Elisa Bertino

In Proceeding GIS '10 Proceedings of the 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems, Pages 522-523

Summary: This article presents SAWL (Semantics-aware Location cloaking), a tool supporting the comparison of semantic location cloaking methods over real and synthetic spatial scenarios.

by Chengyang Zhang and Yan Huang

In Journal Geoinformatica, Volume 13 Issue 2, June 2009, Pages 159 - 182

Summary: This paper proposes a new hybrid framework called HiSC that balances the load between the anonymizing server and mobile clients based on privacy requirements and client distribution. The authors also design a simple yet effective RRS (random range shifting) algorithm to prevent possible privacy leakage that would exist in the original peer-to-peer approach.

by Joseph Meyerowitz, Romit Roy Choudhury

Proceeding MobiCom '09 Proceedings of the 15th annual international conference on Mobile computing and networking, Pages 345-356

Summary: The authors develop and demonstrate CacheCloak, a system that enables real-time anonymization of location data. In CacheCloak, a trusted anonymizing server generates mobility predictions from historical data and submits intersecting predicted paths simultaneously to the LBS. By predicting the user’s future locations, they can camouflage the user’s location with preemptive data requests. CacheCloak can achieve real-time location privacy without loss of location accuracy or availability.

by Panos Kalnis, Gabriel Ghinita, Kyriakos Mouratidis, and Dimitris Papadias

Journal IEEE Transactions on Knowledge and Data Engineering Volume 19 Issue 12, December 2007, Pages 1719-1733

Summary: In this paper, the authors study the preservation of query anonymity in Location Based Services. The main idea is to conceal the user coordinates, by replacing them with a spatial region. They propose transformations based on the K-anonymity concept to compute exact answers for range and nearest neighbor search, without revealing the query source. The proposed techniques are applicable to real-life scenarios with numerous mobile users.

by Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady

In Proceedings of ACM CCS 2007

Summary: This paper considers the problem of guaranteed anonymity in a dataset of location traces while maintaining high data accuracy. The authors propose a novel time-to-confusion metric to characterize privacy in an anonymous set of location traces. They then develop an uncertainty-aware privacy algorithm, which can guarantee a defined maximum time-to-confusion for all vehicles.

by Zhen Xiao, Xiaofeng Meng, and Jianliang Xu

In Proceeding DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications, Pages 434-446

Summary: This article presents a quality-aware k-anonymity model for protecting location privacy while meeting user specified QoS requirements. The authors develope an eficient directed-graph based cloaking algorithm to achieve a high cloaking success rate while satisfying the privacy and QoS requirements. Moreover, they introduce the use of dummy requests to achieve a 100% cloaking success rate at the cost of communication overhead.

by Bhuvan Bamba, Ling Liu, Peter Pesti, Ting Wang

Proceeding WWW '08 Proceedings of the 17th international conference on World Wide Web, Pages 237-246

Summary: This paper presents PrivacyGrid - a framework which allows users to express their privacy requirements in terms of location hiding and QoS measures. The authors develope three dynamic grid-based spatial cloaking algorithms for location k-anonymity and location l-diversity in a mobile environment. They also discuss PrivacyGrid mechanisms for supporting anonymous location queries. Experimental evaluation shows that their algorithms provide much higher anonymization success rate and yet are highly efficient in terms of both time complexity and update cost.

by Murali Annavaram, Quinn Jacobson, John P. Shen

In Workshop on Mobile Devices and Urban Sensing, (Invited Paper) April 2008

Summary: This article develops HangOut a privacy preserving social networking application. Hangout protects user’s private information not only from other malicious users but even from system administrators. Hangout uses location and time distortions, symmetric key encryption and several client side controls to aggressively protect privacy with minimal degradation in user’s perceived service value.

by J. Freudiger, M. Raya, M. Félegyházi, P. Papadimitratos, and J.-P. Hubaux

In Proceedings of WiN-ITS, August 2007.

Summary: This paper studies the problem of providing location privacy in vehicular networks. The authors introduce the CMIX protocol to create cryptographic mix-zones at road intersections wherein vehicles can change their pseudonyms. They also study analytically how the combination of mix-zones into mix-networks brings forth location privacy in Vehicular Networks. Their results show that that the proposed mix system is effective in various scenarios.

by Marco Gruteser and Dirk Grunwald.

in Proceedings of the International Conference on Mobile Systems, Applications and Services (MobiSys), ACM, 2003. DOI=10.1145/1066116.1189037.

Summary: One of the original articles providing methods for location anonymity; it provides a solid foundation for the topic. Many new methods have since been proposed, which can be found by tracing the citations of this article forward.

by William J. Buchanan, Zbigniew Kwecka, Elias Ekonomou

Journal Mobile Networks and Applications

by Ra, Moo R. and Liu, Bin and La Porta, Tom F. and Govindan, Ramesh

Mobisys 2012

by Jeeva Susan Jacob, Preetha K.G

Heechang Shin, Atluri, V., Vaidya, J.

MDM'08

Damiani, M.L., Silvestri, C., Bertino, E.

Pervasive Computing 2011

by Mads Schaarup Andersen and Mikkel Baun Kjærgaard

by Chi-Yin Chow, Mohemad F. Mokbel

in book "Computing with Spatial Trajectories"

by Sergio Mascetti, Dario Freni, Claudio Bettini, X. Sean Wang, Sushil Jajodia

by Aris Gkoulalas-Divanis, Vassilios S. Verykios

by Hamed Haddadi, Pan Hui, Tristan Henderson, et al.