Vers une plateforme holistique de protection de la vie privée dans les services géodépendants

Abstract

Les services géodépendants (LBS : Location-Based Services) sont présents dans la plupart de nos activités quotidiennes, ils représentent l’ensemble des services en ligne qui fournissent des informations basées sur la géolocalisation des individus. On peut les retrouver dans plusieurs domaines tels que les soins médicaux, le divertissement, le transport, et de nombreuses autres activités. En outre, avec leur présence dans presque toutes les tâches quotidiennes, leur utilité ne peut être négligée, ainsi que leur impact sur la façon dont les données des individus sont traitées n’est plus la même. De plus, avec la croissance du nombre de propriétaires de dispositifs mobiles, il est devenu plus facile de localiser un individu, rendant ainsi presque inévitables les problèmes liés à la confidentialité. Par conséquent, des solutions plus sévères sont fortement nécessaires afin de gérer les problèmes de confidentialité et de conserver l’utilité de LBS. Nous présentons dans cette thèse une recherche qui porte sur la protection de la vie privée des utilisateurs dans un LBS tout en gardant un maximum d’utilité des services. Autre que l’état de l’art et les fondements théoriques, ce travail est divisé en trois parties principales, chacune d’elles décrit un ensemble des composants connexes de la plateforme proposée, nommée Deloc.

En conclusion, nous proposons une plateforme collaborative de protection de la confidentialité des utilisateurs LBS, qui est à la fois efficace, performante, et qui surtout n’affecte pas l’utilité estimée de l’utilisation d’un LBS donné.

Location-Based Services (LBS) are present in most of our daily activities, and they repre sent all online services used to provide information based on the location of individuals. These services can be found in several fields such as healthcare, entertainment, transportation, and many other daily activities. Besides, along with their presence in almost all daily tasks, their utility cannot be ignored, and as a result, their impact on how individuals’ data are processed is no longer the same. With smartphone ownership growth, it has become easier to locate an individual, and privacy issues have become almost inescapable. Hence, more severe solutions are strongly required to handle privacy issues while keeping the utility of LBS. We present in this thesis a research work about protecting the privacy of users in an LBS while keeping maximum utility of the service. In addition to the state of the art and the theoretical background, this work is divided into three main parts when each one describes a set of related components of the proposed framework, called Deloc. We present in this thesis a research into about privacy protection in LBSs while maintaining the maximum utility of these services. In addition to the state of the art and the theoretical background, this work is divided into three main parts, where each one describes a set of related components of the proposed framework named Deloc. • Delegation concept. We propose in this part the main concept behind this re search. The goal is to propose a collaborative mechanism where each user participates in the protection of other users without the need for transforming his geographical coordinates, nor losing the utility of the service. We also evaluate the concept on data issued from real-world users in a finely simulated environment with tuneable parameters, and we demonstrate its high guarantees of privacy, efficiency, and utility facing most of the current LBS applications. • Quantification of risks and trust. This part is based on the fact that the dependence of delegation concept on the LBS users may imply privacy issues. This part of the paper discusses two models of quantification and measurement of risks and trust in the context of LBS. First, we propose a model based on the theory of mutual information that is used to assess the risks associated with the use of the delegation concept. Then we discuss a model based on Markov chains that helps to estimate the level of trust for each of the collaborators. We also discuss the applicability of both models and their theoretical and empirical validation. • Privacy Metric for Collaborative Systems. The lack of a metric designed for collaborative systems is the main motivation behind this part. We discuss our proposal for a privacy metric based on the theory of fuzzy sets. We propose three models that each one of them deals with a subset of Delocprivacy requirements. The attacker, the privacy, and the utility model are the three models used to define the privacy metric named d-fuzziness. We also discuss the validation of the metric, and its measurement efficiency in the case of collaborative mechanisms, especially Deloc. In conclusion, we propose a collaborative location privacy-preserving framework, which is at the same time efficient, powerful, and which does not affect the estimated utility of using LBSs.