中文摘要：

The widespread use of Location-Based Services(LBSs),which allows untrusted service providers to collect large quantities of information regarding users’locations,has raised serious privacy concerns.In response to these issues,a variety of LBS Privacy Protection Mechanisms(LPPMs)have been recently proposed.However,evaluating these LPPMs remains problematic because of the absence of a generic adversarial model for most existing privacy metrics.In particular,the relationships between these metrics have not been examined in depth under a common adversarial model,leading to a possible selection of the inappropriate metric,which runs the risk of wrongly evaluating LPPMs.In this paper,we address these issues by proposing a privacy quantification model,which is based on Bayes conditional privacy,to specify a general adversarial model.This model employs a general definition of conditional privacy regarding the adversary’s estimation error to compare the different LBS privacy metrics.Moreover,we present a theoretical analysis for specifying how to connect our metric with other popular LBS privacy metrics.We show that our privacy quantification model permits interpretation and comparison of various popular LBS privacy metrics under a common perspective.Our results contribute to a better understanding of how privacy properties can be measured,as well as to the better selection of the most appropriate metric for any given LBS application.

英文摘要：

The widespread use of Location-Based Services （LBSs）, which allows untrusted service providers to collect large quantities of information regarding users＇ locations, has raised serious privacy concerns. In response to these issues, a variety of LBS Privacy Protection Mechanisms （LPPMs） have been recently proposed. However, evaluating these LPPMs remains problematic because of the absence of a generic adversarial model for most existing privacy metrics. In particular, the relationships between these metrics have not been examined in depth under a common adversarial model, leading to a possible selection of the inappropriate metric, which runs the risk of wrongly evaluating LPPMs. In this paper, we address these issues by proposing a privacy quantification model, which is based on Bayes conditional privacy, to specify a general adversarial model. This model employs a general definition of conditional privacy regarding the adversary＇s estimation error to compare the different LBS privacy metrics. Moreover, we present a theoretical analysis for specifying how to connect our metric with other popular LBS privacy metrics. We show that our privacy quantification model permits interpretation and comparison of various popular LBS privacy metrics under a common perspective. Our results contribute to a better understanding of how privacy properties can be measured, as well as to the better selection of the most appropriate metric for any given LBS application.