PDP-SAG: Personalized Privacy Protection in Moving Objects Databases by Combining Differential Privacy and Sensitive Attribute Generalization.

Moving objects databases have become an enabling technology for location-based applications. They mostly focus on the storing and processing of data about moving objects. Privacy protection is one of the most important concerns related to such databases. In recent years, some mechanisms have been proposed to answer statistical queries over moving objects databases, while satisfying differential privacy. However, none of them consider the case where a moving objects database contains non-spatiotemporal sensitive attributes other than spatiotemporal attributes. Besides, most of them do not support the personalized privacy protection requirements of different moving objects. In this paper, we address these problems by presenting PDP-SAG, a differentially private mechanism that combines the sensitive attribute generalization with personalized privacy in a unified manner. By this combination, we aim to provide different levels of differential privacy protection for moving objects that have non-spatiotemporal sensitive attributes as well. In this regard, we generalize the sensitive attribute values of trajectory data records based on their privacy descriptor and define a new personalized differentially private tree structure to keep different noisy frequencies for each trajectory according to the generalized sensitive attribute values of trajectory data records passing through that trajectory. We also propose intra-and inter-consistency constraints enforcements to make noisy frequencies consistent with each other. The extensive experiments on synthetic and real datasets verify that PDP-SAG significantly improves the utility of sensitive query answers and provides the required level of privacy protection for each moving object, in comparison to the case when no personalization and generalization are permitted.