Pseudonym exchange for privacy-preserving publishing of trajectory data set

Abstract

Anonymization is a common technique for publishing a location data set in a privacy-preserving way. However, such an anonymized data set lacks trajectory information of users, which could be beneficial to many location-based analytic services. In this paper, we present a dynamic pseudonym scheme for constructing alternate possible paths of mobile users to protect their location privacy. We introduce a formal definition of location privacy for pseudonym-based location data sets and develop a polynomial-time verification algorithm for determining whether each user in a given location data set has sufficient number of possible paths to disguise the user's true movements. We also provide the correctness proof of the algorithm.