PrivacyGrid − is a framework for supporting anonymous location-based queries in mobile information
delivery systems. In PrivacyGrid, mobile users explicitly define their preferred location privacy requirements in terms of location hiding measures (e.g., location k-anonymity and location l- diversity) and location service quality measures (e.g., maximum spatial resolution and maximum temporal resolution). The framework supports dynamic bottom-up and top-down grid cloaking algorithms that achieve high anonymization success rate and efficiency in terms of both time complexity and maintenance cost. This project incorporates a visualization tool for the PrivacyGrid framework to visualize the spatial cloaking process of PrivacyGrid. The tool also visualizes the mobility of the users along the road segments of the geographical maps. The tool would be handy to understand and demonstrate the working of the location perturbation process to naïve mobile users.
Increasing use of mobile devices and rapid advancements in sensing and location devices suggest that location-based services (LBSs) would be a popular feature in the next generation mobile devices . As
LBSs are largely dependent on the location data of the mobile users, it poses new challenges to the location privacy of the users. Location privacy is defined as the ability to prevent unauthorized parties from learning one’s current or past location. Location Privacy in general refers to the ability of a person to hide his location information from others. In the context of using a mobile device, location privacy refers to the ability of the mobile users to hide their location information while using the device. An
LBS-enabled mobile device would support location based queries that heavily depend on the location data for retrieving precise results. For instance, an LBS-query to find the nearest hospital from an user’s current location would require the location information of the user. As there could be a large number of untrusted location-based service providers in the system, users may not feel comfortable to share their location information with these service providers. Thus, location privacy is a big concern while using these location based services.
As the location based services are gaining increasing popularity, soon mobile users need to be aware of location privacy threats and the various location privacy metrics such as k-anonymity and l-diversity.
As an effort to help naïve users appreciate the location privacy metrics and the location perturbation process in a mobile environment, we in this project, develop a visualization tool that explains the mobility of the users on the road segments and their location cloaking regions pertaining to their anonymity requirements as they move across the road segments. Such a visualization would help users understand the location cloaking process and help them set their appropriate location privacy requirements.

Concretely, we would be implementing the following features in the proposed visualization tool:
1. Implementation of a friendly GUI for taking the simulation inputs such as: the anonymity level k, mean spatial tolerance, grid cell sizes, the traffic density and speed on the road segments for each class of roads, skew factor for skewed distribution of traffic etc...
2. Visualization of the geographic map corresponding to the simulation area, embedding the grid on top of the geographic map based on the user-defined grid cell size.
3. Visualization of the movement of the mobile users on the road segments based on the user specified velocity range.
4. Representation of the cloaking regions of the perturbed location updates of the mobile users based on their spatial tolerance, k-anonymity and l-diversity levels.
5. Tracking and highlighting a specific mobile user moving along with his perturbed cloaking region.
6. Provision to closely monitor one or a few grid cells of the whole geographic region.
7. A stop and start button to stop the simulation in order to get a snapshot of the simulation.
8. A close visualization of the dynamic expansion and reduction algorithms of the PrivacyGrid framework namely the Bottom-up Dynamic Expansion and Top-down Dynamic Reduction.
9. Implementation of Zoom in and Zoom out functionalities.
Tasks
Project Proposal
Date
10 th February, 2009
Visualization of geographic maps and mobility of users and
Visualization of mobile users with cloaked location regions
2 nd March, 2009
Tracking a specific mobile user and development of user input interface
20 nd March, 2009
A close visualization of Dynamic expansion and Dynamic reduction cloaking algorithms
10 th April, 2009
Testing and adding
Miscellaneous GUI features
17 th April, 2009
21 st April, 2009
Demo and Final Report
25%
25%
25%
15%
10%
Percentage of time
We use the PrivacyGrid framework as the underlying location privacy scheme. We use the simulator from [4] to generate a trace of cars moving on a real-world road network, obtained from maps available

at the National Mapping Division of the USGS [6]. We generate requests based on the position information from the trace. We simulate the movements of the mobile nodes on the visualization with the trace information provided by the trace generator. Also, the trace generator extracts the road network based on three types of roads − expressway, arterial and collector roads and we highlight them with different colors.
The underlying location cloaking is performed by the dynamic spatial cloaking algorithms of
PrivacyGrid. For each request generated, the perturbed location of the mobile user is visually displayed.
In addition to the city-wide visualization of the location perturbation process, we also develop a singleinstance visualization of the dynamic expansion reduction process of the PrivacyGrid cloaking algorithms.
For implementing the GUI part of our application, we will be using Sun’s JFC/Swing, our choice of
Sun's JFC/Swing is motivated by its platform-independent and configurable properties. The input interface would accept all the simulation and visualization parameters.
We implement the zoom-in and zoom-out features of the tool using Sun's JFC/swing. When the client wants to zoom-in on a particular mobile node, the area surrounding the mobile node will be continuously stored in 'BufferedImage' object, this replaces the existing image object (the present image) stored at 'BufferedImage'. Thus, the original image would be of the same size as the currently zoomed image that is a sub-image of the previous image.
We incorporate mouse gestures in our application to let the user zoom-in on a mobile node by clicking on it or by dragging an area around it. We use the iGesture and Smardec's Mouse Gesture software libraries to incorporate the mouse gestures. We plan to create a mashup of our application’s user interface with JXMapViewer using swing to enable map movements in our visualization.
[1] B. Bamba, L. Liu, P. Pesti and T. Wang. Supporting Anonymous Location Queries in Mobile
Environments using PrivacyGrid. In WWW, 2008.
[2] M. Mokbel, C. Chow, and W. Aref. The New Casper: Query Processing for Location Services without Compromising Privacy. In VLDB, 2006.
[3] Mohamed F. Mokbel, Chi-Yin Chow and Walid G. Aref. "The New Casper: A Privacy-Aware
Location-Based Database Server". In Proceedings of the International Conference of Data Engineering,
IEEE ICDE 2007, Istanbul, Turkey, pp. 1499-1500, Apr. 2007.
[4] B. Gedik and L. Liu. Location Privacy in Mobile Systems: A Personalized Anonymization Model.
In ICDCS, 2005.

[5]G. Ghinita, P. Kalnis, and S. Skiadopoulos. PRIVE: Anonymous Location-Based Queries in
Distributed Mobile Systems. In WWW, 2007.
[6] U.S. Geological Survey. http://www.usgs.gov.