7/29/2019 Mobile privacy protection
1/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 1
1.INTRODUCTION1.1.MOTIVATION
With advances in wireless communication and mobile positioning technologies,
location-based services (LBSs) have been gaining increasingly popularity in recent
years. This is evident from a recent report from ABI Research, which forecasts that
LBS revenue is expected to reach an annual global total of $13.3 billion by 2013. But
on the other hand, the privacy threat of revealing a mobile users personal information
through his/her location has become a key issue to be concerned. A lot of research has
been conducted concerning how to enjoy location-based services while protecting the
location privacy of mobile users. For example, using his/her PDA phone, Alice wants
to find out thenearest hospital with specialty in ophthalmology while hiding her
exact location (e.g., being in a clinic or at home) and the sensitive information that it
is her (Alice) who made this query. A straightforward method is to replace her
identity with a pseudonym before sending the query to the service provider. But this is
not enough. Location information included in the query can be used as a quasi-
identifier to re identify the user. Suppose the query was issued from Alices home; it
can then be linked to Alice with some background knowledge (e.g., telephone
directory).
1.2. PROBLEM DEFINITION
The location privacy is under threat when an adversary can obtain unauthorized
access to raw location data and sensitive information due to location disclosing. To
address the location privacy issue, location k-anonymity and cloaking granularity are
two commonly used privacy metrics.
It demands that location data may only be processed when it is made
anonymous or with the consent of the user for the duration necessary for the
provision of a service.
The location privacy can be better protected with a larger cloaking region,
which however may degrade the quality of service.
7/29/2019 Mobile privacy protection
2/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 2
1.3. OBJECTIVE OF PROJECT
The main idea is to incrementally maintain maximal cliques needed for location
cloaking in an undirected graph that takes into consideration the effect of continuous
location updates. Thus, a qualified clique can be quickly identified and used to
generate the cloaked region when a new request arrives. The efficiency and
effectiveness of the proposed ICliqueCloak algorithm are validated by a series of
carefully designed experiments.
1.4.ORGANIZATION OF DOCUMENTATIONIn this paper, we adopt a Location-based personal recognition against defend
seclusion to study attacks in mobile networks. This allows us to implementing the
ICliqueCloak algorithm this algorithm mostly used for both location data generated
from a well-known road network and location updating process can be done in quick
method.
Implementing the ICliqueCloak algorithm involves four main steps. First, upon
the arrival of a new request u, the existing requests that are in us MMB and vice
versa are detected and modeled in an undirected graph. Then, a cloaking set that
satisfies location k-anonymity, if any, is found from the undirected graph, and the
MBR of the cloaking set is considered a candidate cloaked region. Next, the candidate
cloaked region is checked whether it needs to be adjusted in order to prevent from
location-dependent attacks. Finally, the graph will be updated accordingly if the
cloaking is successful or some request(s) are found expired.
To find a candidate cloaking set in the graph upon the arrival of a new
request, the cloaking algorithm proposed in exhaustively searches the graph for
cliques covering the new request. In the following, we present a new more efficient
cloaking algorithm based on incremental maintenance of maximal cliques.
Phase Task Description
Phase 1 Analysis Analyze the information given in the IEEE paper.
7/29/2019 Mobile privacy protection
3/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 3
Phase 2 Literature survey Collect raw data and elaborate on literature surveys.
Phase 3 DesignAssign the module and design the process flow
control.
Phase 4 ImplementationImplement the code for all the modules and integrate
all the modules.
Phase 5 TestingTest the code and overall process weather the
process works properly.
Phase 6 DocumentationPrepare the document for this project with
conclusion and future enhancement.
Table 1: Organization of documentation.
Although various algorithms exist for protecting location privacy in mobile services,
but this ICliqueCloak algorithm fix the privacy levels at a similar range, but increase
both the lower and upper bound, which implies that the privacy requirement of every
request becomes more constrained.
7/29/2019 Mobile privacy protection
4/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 4
2. LITERATURE SURVEY2.1. INTRODUCTION
Anonymous Usage of Location-Based Services Through Spatial andTemporal Cloaking:-
Advances in sensing and tracking technology enable location-based
applications but they also create significant privacy risks.Anonymity can provide
a high degree ofprivacy, save service users from dealing with service providers
privacy policies, and reduce the service providers requirements for safeguarding
private information.
However, guaranteeing anonymous usage of location-based services
requires that the precise location information transmitted by a user cannot be
easily used to re-identify the subject. This paper presents middleware architecture
and algorithms that can be used by a centralized location broker service. The
adaptive algorithms adjust the resolution of location information along spatial or
temporal dimensions to meet specified anonymity constraints based on the
entities who maybe using location services within a given area.
Using a model based on automotive traffic counts and cartographic
material, we estimate the realistically expected spatial resolution for different
anonymity constraints. The median resolution generated by our algorithms is 125
meters. Thus, anonymous location-based requests for urban areas would have the
same accuracy currently needed for E-911 services; this would provide sufficient
resolution for way finding, automated bus routing services and similar location-
dependent services.
On the Anonymity of Periodic Location Samples:-
As Global Positioning System (GPS) receivers become a common
feature in cell phones, personal digital assistants, and automobiles, there is a
growing interest in tracking larger user populations, rather than individual users.
Unfortunately, anonymous location samples do not fully solve the privacy
problem. An adversary could link multiple samples (i.e., follow the footsteps) to
accumulate path information and eventually identify a user. This paper reports on
our ongoing work to analyze privacy risks in such applications. We observe that
7/29/2019 Mobile privacy protection
5/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 5
linking anonymous location samples is related to the data association problem in
tracking systems. We then propose to use such tracking algorithms to
characterize the level of privacy and to derive disclosure control algorithms.
Privacy Preservation in the Publication of Trajectories:-
We study the problem of protecting privacy in the publication of location
sequences. Consider a database of trajectories, corresponding to movements of
people, captured by their transactions when they use credit or RFID debit cards.
We show that, if such trajectories are published exactly (by only hiding the
identities of persons that followed them), there is a high risk of privacy breach by
adversaries who hold partial information about them (e.g., shop owners). In
particular, we show that one can use partial trajectory knowledge as a quasi-
identifier for the remaining locations in the sequence. We device a data
suppression technique, which prevents this type of breach, while keeping the
posted data as accurate as possible.
2.2. SOFTWARE ENVIRONMENT:-
Java Technology
Java technology is both a programming language and a platform.
The Java Programming Language
The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:
1. Simple
2. Architecture neutral
3. Object oriented
4. Portable
5. Distributed
6. High performance
7. Interpreted
8. Multithreaded
9. Robust
10.Dynamic
11.Secure
7/29/2019 Mobile privacy protection
6/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 6
With most programming languages, you either compile or interpret a program
so that you can run it on your computer. The Java programming language is unusual
in that a program is both compiled and interpreted. With the compiler, first you
translate a program into an intermediate language called Java byte codesthe
platform-independent codes interpreted by the interpreter on the Java platform. The
interpreter parses and runs each Java byte code instruction on the computer.
Compilation happens just once; interpretation occurs each time the program is
executed. The following figure illustrates how this works.
Figure 1: Working of java
Java byte codes as the machine code instructions for the Java Virtual Machine
(Java VM). Every Java interpreter, whether its a development tool or a Web browser
that can run applets, is an implementation of the Java VM. Java byte codes help makewrite once, run anywhere possible. You can compile your program into byte codes
on any platform that has a Java compiler. The byte codes can then be run on any
implementation of the Java VM. That means that as long as a computer has a Java
VM, the same program written in the Java programming language can run on
Windows 2000, a Solaris workstation, or on an iMac.
7/29/2019 Mobile privacy protection
7/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 7
The Java Platform
Aplatformis the hardware or software environment in which a program runs. Weve
already mentioned some of the most popular platforms like Windows 2000, Linux,
Solaris, and MacOS. Most platforms can be described as a combination of the
operating system and hardware. The Java platform differs from most other platforms
in that its a software-only platform that runs on top of other hardware-based
platforms.
The Java platform has two components:
TheJava Virtual Machine (Java VM)
TheJava Application Programming Interface (Java API)
Its the base for the Java platform and is ported onto various hardware -based
platforms. The Java API is a large collection of ready-made software components that
provide many useful capabilities, such as graphical user interface (GUI) widgets. The
Java API is grouped into libraries of related classes and interfaces; these libraries are
known as packages. The next section, What Can Java Technology Do? Highlights
what functionality some of the packages in the Java API provide.
The following figure depicts a program thats running on the Java platform.As the figure shows, the Java API and the virtual machine insulate the program from
the hardware.
Figure 2: The Java Platform
Native code is code that after you compile it, the compiled code runs on a
specific hardware platform. As a platform-independent environment, the Java
platform can be a bit slower than native code. However, smart compilers, well-tuned
7/29/2019 Mobile privacy protection
8/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 8
interpreters, and just-in-time byte code compilers can bring performance close to that
of native code without threatening portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming
language are applets and applications. If youve surfed the Web, youre probably
already familiar with applets. An applet is a program that adheres to certain
conventions that allow it to run within a Java-enabled browser.
However, the Java programming language is not just for writing cute,
entertaining applets for the Web. The general-purpose, high-level Java programming
language is also a powerful software platform. Using the generous API, you can write
many types of programs.
An application is a standalone program that runs directly on the Java platform.
A special kind of application known as a server serves and supports clients on a
network. Examples of servers are Web servers, proxy servers, mail servers, and print
servers. Another specialized program is a servlet. A servlet can almost be thought of
as an applet that runs on the server side. Java Servlets are a popular choice for
building interactive web applications, replacing the use of CGI scripts. Servlets are
similar to applets in that they are runtime extensions of applications. Instead of
working in browsers, though, servlets run within Java Web servers, configuring or
tailoring the server.
How does the API support all these kinds of programs? It does so with packages
of software components that provides a wide range of functionality. Every full
implementation of the Java platform gives you the following features:
1. The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
2. Applets: The set of conventions used by applets.
3. Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data
gram Protocol) sockets, and IP (Internet Protocol) addresses.
4. Internationalization: Help for writing programs that can be localized for
users worldwide. Programs can automatically adapt to specific locales and be
displayed in the appropriate language.
7/29/2019 Mobile privacy protection
9/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 9
5. Security: Both low level and high level, including electronic signatures,
public and private key management, access control, and certificates.
6. Software components: Known as JavaBeans TM, can plug into existing
component architectures.
7. Object serialization: Allows lightweight persistence and communication via
Remote Method Invocation (RMI).
8. Java Database Connectivity (JDBCTM
): Provides uniform access to a wide
range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility, servers,
collaboration, telephony, speech, animation, and more. The following figure depicts
what is included in the Java 2 SDK.
Figure 3: Java 2 Sdk
How Will Java Technology Change My Life?
We cant promise you fame, fortune, or even a job if you learn the Java programming
language. Still, it is likely to make your programs better and requires less effort than
other languages. We believe that Java technology will help you do the following:
1. Get started quickly:
Although the Java programming language is a powerful object-oriented
language, its easy to learn, especially for programmers already familiar with
C or C++.
2. Write less code:
7/29/2019 Mobile privacy protection
10/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 10
Comparisons of program metrics (class counts, method counts, and so
on) suggest that a program written in the Java programming language can be
four times smaller than the same program in C++.
3. Write better code:
The Java programming language encourages good coding practices,
and its garbage collection helps you avoid memory leaks. Its object
orientation, its JavaBeans component architecture, and its wide-ranging, easily
extendible API let you reuse other peoples tested code and introduce fewer
bugs.
4. Develop programs more quickly:
Our development time may be as much as twice as fast versus writing
the same program in C++. Why? You write fewer lines of code and it is a
simpler programming language than C++.
5. Avoid platform dependencies with 100% Pure Java:
We can keep your program portable by avoiding the use of libraries
written in other languages. The 100% Pure Java
Product Certification Programhas a repository of historical process manuals, white papers, brochures, and
similar materials online.
6. Write once, run anywhere:
Because 100% Pure Java programs are compiled into machine-
independent byte codes, they run consistently on any Java platform.
2.3. EXISTING SYSTEM:First, the underlying problems are different. The clique-based cloaking
algorithm is focused on the data identification method and the updating of the method
is not done and the person who is access the base station that information will be
update and there is no authentication and also some access method gives the full detail
of user easily. There are so many third party applications available in market using
those application we can access easily the base station. Most of the existing privacy-
aware algorithms which comply with location k-anonymity model, are concerned with
7/29/2019 Mobile privacy protection
11/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 11
snapshot user locations only. The prior solutions in only considered the cloaking
granularity as the privacy metric
Disadvantages:
1. With location k-anonymity model, are concerned with snapshotuser locations
only.
2. Not considered the effect of continuous location updates
3. It may result in serious privacy breaches when different one-shot queries are
frequently issued by a mobile user
2.4. PROPOSED SYSTEM:
We are implementing the ICliqueCloak algorithm these algorithm mostly
used for both location data generated from a well-known road network and location
updating process can be done in quick method. We are developing the graph model to
formulate the updating problem. Each location-based query request is represented by
a node in the graph. We also develop some method to overcome these problem .the
prior solutions in only considered the cloaking granularity as the privacy metric. The
clocking granularity method is also used for updating the user location over some
location depend attack.
Advantages:
1. we fix the privacy levels at a similar range, but increase both the lower and
upper bound, which implies that the privacy requirement of every request
becomes more constrained.
2. user locations are cloaked on the fly along with new requests
7/29/2019 Mobile privacy protection
12/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 12
3. ANALYSIS
3.1. INTRODUCTION:
The existing work in terms of attack models. The techniques for preventing
snapshot location attacks, location-dependent attacks, query tracking attacks, and
trajectory attacks.
When exact snapshot locations are disclosed, two kinds of attacks may happen:
location linking attacks and query sampling attacks. Location linking attacks refer to
the scenario where the location information included in a user query is used as a
quasi-identifier to reidentify the user. For example, if a location exclusively belongs
to some owner, the corresponding query can thus be linked to the location owner. The
location k-anonymity model was proposed to prevent this kind of attacks [19]. The
basic idea is to extend an exact user location to a cloaked region that covers at least k
users.
Preventing Query tracking attacks: For a continuous query, the query results
would be continuously returned for a designated time period (called query lifetime).
For example, consider a sample query finding the nearest gas station in the next five
minutes. The query lifetime is 5 minutes. Query tracking attacks become possible ifa user is cloaked with different users at different time instances during the query
lifetime.
The main focus of this project is Preventing Location Dependent Attacks, To
prevent location-dependent attacks, proposed two simple solutions, namely patching
and delaying. The first solution, called patching, enlarges the current cloaked region
to cover the last one so that the overlapped area with the MMB is at least as large as
the last cloaked region. The drawback is that the size of the cloaked region would
increase significantly as time evolves. The second solution, called delaying, suspends
the request by _t time until the MMB grows large enough to fully contain the current
cloaked region.
Another related work which is employed entropy as entropy does not care whether
user locations are actually different, the exact user location would be disclosed if all k
users are at the same location.
7/29/2019 Mobile privacy protection
13/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 13
3.2. SOFTWARE REQUIREMENT SPECIFICATION:
3.2.1. User Requirements:
// User requirements goes here--------------------------------------/////////////////////////////
3.2.2. Software Requirements:
JDBC is an API for database connectivity between the Java platform and a
wide range data sources. It is independent of OS that is specific to JRE. It is an API
with set of classes and interfaces present in package java.sql. JDBC is in a SQL-level
API that allows you to embed SQL statements as arguments to methods in JDBC
interfaces. To enable you to do this in a database-independent fashion, JDBC requires
database vendors (such as those mentioned earlier in this chapter) to furnish a runtime
implementation of its interfaces.
These implementations route SQL calls to the database in the proprietary
fashion it recognizes. As the programmer, though, you do not ever have to worry
about how it is routing SQL statements.
The faade provided by JDBC gives you complete freedom from any issues
related to particular database issues; you can run the same code no matter what
database is present. Windows XP Home Edition, designed for home users, and
Windows XP Professional, designed for business and power-users. XP Professional
contains advanced features that the average home user would not use.
However, these features are not necessarily missing from XP Home. They are
simply disabled, but are there and can become functional. These releases were made
available at retail outlets that sell computer software, and were preinstalled oncomputers sold by major computer manufacturers.
Really aimed at people who create tools for Java development and
for frameworks like Java Server Pages (JSP) the compiler API opens up
programmatic access to javac for in-process compilation of dynamically generated
Java code. Finally you don't have to save your code as a Java files and invoke javac to
generate a class file, a clumsy procedure at best.
7/29/2019 Mobile privacy protection
14/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 14
3.2.3. Hardware Requirements:
Here we use Intel Pentium IV or more because we use Windows 2007 and MySQL So these need minimum 1GB RAM minimum 60GB HDD. MySQL Workbench
requires a system that runs smoothly. The minimum hardware requirements are
1. CPU: 32-bit or 64-bit
2. Cores: Single (Single Core 3GHz or higher, Dual Core 2GHz or higher
recommended)
3. RAM: 2 GB
Pluggable-Annotations:
Java tool and framework vendors can define annotations and have core API
support for plugging in and executing the processors that do the heavy lifting. It
seamlessly integrates your custom annotations.
Desktop Deployment:
Better platform look-and-feel in Swing technology, LCD text rendering (more
clarity on LCD monitors like Vista), and snappier GUI performance overall. Java
applications can integrate better with the native platform with things like new access
to the platform's System Tray and Start menu.
At long last, Mustang unifies the Java Plug-in technology and Java Web Start
engines, which just makes sense. Installation of the Java WebStart application got a
much needed makeover.
Security:
Mustang simplified the job of security administrators by providing various
new ways to access platform-native security services, such as native Public Key
Infrastructure (PKI) and cryptographic services on Microsoft Windows for secure
authentication and communication, Java Generic Security Services (Java GSS) and
7/29/2019 Mobile privacy protection
15/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 15
Kerberos services for authentication, and access to LDAP servers for authenticating
users.
3.3. CONTEXT DIAGRAM OF THE PROJECT
Figure 6: Architecture of the Project
3.4. ALGORITHMS AND FLOWCHARTS:
Algorithm 1. Overview of ICliqueCloak
Input: a set of requests awaiting for anonymization, a new query request u
Output: a set of cloaked requests
1: Step 1: incrementally update the max-clique set for the new request u.2: Step 2: find the cloaking set CSti satisfying location k-anonymity from the max-
clique set.
3: Step 3: generate the cloaked region for CSti.
4: Step 4: update the max-clique set upon request cloaking or expiration.
Algorithm 2. Incremental updating max-clique set
Input: max-clique set MCSet, a new request u
Output: updated max-clique set MCSet
7/29/2019 Mobile privacy protection
16/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 16
1: add a new clique fug to MCSet
2: if the user of u had not issued any query before then
3: set us last cloaked region to the whole service area
4: find us neighbors
5: push all edges connecting u and its neighbors to EdgeQueue
6 :while EdgeQueue is not empty do
7: MCSet0 ;
8: pop up the first edge euw from EdgeQueue
9: find clique sets Cu t and Cw t in MCSet
10: compute C Cu t \ Cw t
11: for each c 2 C do add c [fu;wg to MCSet0
12: C MCSet0
13: for each ci 2 Cu t [ Cw t do
14: for each ck 2 C do
15: if ci 6_ ckthen add ci to MCSet0
16: for each ci 2 MCSet _ Cu t _ Cw t do
17: add ci to MCSet0
18: MCSet MCSet0
Note that Algorithm 2 involves a lot of set operations on the maximal cliques. Thus,
in the actual implementation, we represent each maximal clique by a bit vector to ease
the computation. For example, suppose that there are five nodes in the graph fA; B;C;
D;Eg. Given a maximal clique of fA;C;Dg, it is represented by a bit vector of
. The length of the bit vector is equal to the number of nodes in the graph.
Even for a large system with 10 K users, only 1.2 Kbytes are needed to store a bit
vector, which is acceptable to todays computer.
7/29/2019 Mobile privacy protection
17/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 17
4.DESIGN4.1. INTRODUCTION
Design is the process of having systems personnel check out and put
new equipment in to use, train users, install the new application, and construct any files
of data needed to it. Once installed, applications are often used for many years.
However, both the organization and the users will change, and the environment will be
different over the weeks and months. Therefore, the application will undoubtedly have
to be maintained. Design is the first step in the development phase for an engineered
product or system. Design is the place where quality is fostered in software
development.
Design is the only way that we can accurately translate a users requirements
into a finished software product or system. Software design serves as the foundation for
all software engineers and software maintenance steps that follow. Without design we
risk building an unstable design one that will fail when small changes are made, one
that may be difficult to test, and one whose quantity cannot be assessed until late in the
software engineering process.
Taking software requirements specification document of analysis phase as input to
the design phase we have drawn Unified Modeling Language (UML) diagrams. UML
depends on the Visual modeling of the system. Visual modeling is the process of taking
the information from the model and displaying it graphically using some sort of
standards set of graphical elements.
UML Diagrams are drawn using the Rational Rose Software, which is licensed by
IBM Corp. We seem to be able to understand complexity better when it is displayed to
us visually as opposed to written textually. By producing visual models of a system, we
can show how system works on several levels. We can model the interactions between
the users and the system.
7/29/2019 Mobile privacy protection
18/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 18
4.2. DATA FLOW DIAGRAM:
Figure 7: Data Flow Diagram
Uml Diagrams:
Use case diagrams
Use case diagrams describe what a system does from the standpoint of an
external observer. The emphasis is on whata system does rather than how.
Use case diagrams are closely connected to scenarios. A scenario is an
example of what happens when someone interacts with the system. Here is a
scenario for a medical clinic.
"A patient calls the clinic to make an appointment for a yearly checkup.
The receptionist finds the nearest empty time slot in the appointment book and
schedules the appointment for that time slot. "
7/29/2019 Mobile privacy protection
19/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 19
A use case is a summary of scenarios for a single task or goal. An actor is
who or what initiates the events involved in that task. Actors are simply roles that
people or objects play. The picture below is a Make Appointment use case for the
medical clinic. The actor is a Patient.
The connection between actor and use case is a communication
association (orcommunication for short). Actors are stick figures. Use cases are
ovals. Communications are lines that link actors to use case.
Figure 8: Use case Diagram
A use case diagram is a collection of actors, use cases, and their
communications. We've put Make Appointment as part of a diagram with four
actors and four use cases. Notice that a single use case can have multiple actors.Use case diagrams are helpful in three areas.
Determining features (requirements). New use cases often generate new
requirements as the system is analyzed and the design takes shape.
Communicating with clients. Their notational simplicity makes use case
diagrams a good way for developers to communicate with clients.
Use Case Diagram:
7/29/2019 Mobile privacy protection
20/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 20
Figure 9: Use Case Diagram.
Class Diagram:
A Class diagram gives an overview of a system by showing its classes
and the relationships among them. Class diagrams are static -- they display what
interacts but not what happens when they do interact.
The class diagrams below models a customer order from a retail catalog. The
central class is the Order. Associated with it is the Customer making the purchase
and the Payment. A Payment is one of three kinds: Cash, Check, orCredit. The
order contains OrderDetails (line items), each with its associated Item.
UML class notation is a rectangle divided into three parts: class name,
attributes, and operations. Names of abstract classes, such as Payment, are in
italics. Relationships between classes are the connecting links.
Our class diagram has three kinds of relationships.
7/29/2019 Mobile privacy protection
21/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 21
Association -- a relationship between instances of the two classes. There is
an association between two classes if an instance of one class must know about the
other in order to perform its work. In a diagram, an association is a link connecting
two classes.
Aggregation -- an association in which one class belongs to a collection.
An aggregation has a diamond end pointing to the part containing the whole. In our
diagram, Order has a collection ofOrderDetails.
Generalization -- an inheritance link indicating one class is a superclass of
the other. A generalization has a triangle pointing to the superclass. Payment is a
superclass ofCash, Check, and Credit.
An association has two ends. An end may have a role name to clarify the
nature of the association. For example, an Order Detail is a line item of each
Order.
A navigability arrow on an association shows which direction the
association can be traversed or queried. An OrderDetail can be queried about its
Item, but not the other way around. The arrow also lets you know who "owns" the
association's implementation; in this case, OrderDetail has an Item. Associations
with no navigability arrows are bi-directional.
The multiplicity of an association end is the number of possible instances of
the class associated with a single instance of the other end.
Class diagram:
7/29/2019 Mobile privacy protection
22/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 22
Figure 10: Class Diagram of the project
A class diagram in the Unified Modeling Language (UML) is a type of
static structure diagram that describes the structure of a system by showing the
system's classes, their attributes, operations (or methods), and the relationships
among the classes.
Sequence diagrams
Class and object diagrams are static model views. Interaction diagrams
are dynamic. They describe how objects collaborate.
A sequence diagram is an interaction diagram that details how operations
are carried out -- what messages are sent and when. Sequence diagrams are
organized according to time. The time progresses as you go down the page. The
objects involved in the operation are listed from left to right according to when
they take part in the message sequence.
Below is a sequence diagram for registering a node.
http://en.wikipedia.org/wiki/Unified_Modeling_Languagehttp://en.wikipedia.org/wiki/Class_(computer_science)http://en.wikipedia.org/wiki/Class_(computer_science)http://en.wikipedia.org/wiki/Unified_Modeling_Language7/29/2019 Mobile privacy protection
23/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 23
Figure 11: Sequence Diagram
Activity diagrams
An activity diagram is essentially a fancy flowchart. Activity diagrams
and state chart diagrams are related. While a state chart diagram focuses attention
on an object undergoing a process (or on a process as an object), an activity
diagram focuses on the flow of activities involved in a single process. The activity
diagram shows the how those activities depend on one another.
Activity diagrams can be divided into object swimlanes that determine
which object is responsible for which activity. A single transition comes out of
each activity, connecting it to the next activity.
A transition may forkinto two or more parallel activities. The fork and the
subsequent join of the threads coming out of the fork appear in the diagram as
solid bars.
7/29/2019 Mobile privacy protection
24/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 24
Figure: Activity Diagram.
4.3. MODULE DESIGN AND ORGANIZATION
1) Location-based Services
2) K-Anonymity
3) Cloaking granularity
4) I Clique-Cloak algorithm
4.3.1. Location-based Services:
Location-based services are a general class of computer
program-level services used to include specific controls for location and time
data as control features in computer programs. As such (LBS) is an
information and has a number of uses in Social Networking today as an
entertainment service, which is accessible with mobile devices through the
mobile network and which uses information on the geographical position of
7/29/2019 Mobile privacy protection
25/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 25
the mobile device. This has become more and more important with the
expansion of the smart phone and tablet markets as well.
4.3.2. K-Anonymity:
One of the emerging concepts in micro data protection is k-
anonymity, which has been recently proposed as a property that captures the
protection of a micro data table with respect to possible re-identication of the
respondents to which the data refer. K-anonymity demands that every tuple in the
micro data table released be indistinguishably related to no fewer than k
respondents. One of the interesting aspects ofk-anonymity is its association with
protection techniques that preserve the truthfulness of the data. In this chapter we
discuss the concept of k-anonymity, from its original proposal illustrating its
enforcement via generalization and suppression. We then survey and discuss
research results on k-anonymity in particular with respect to algorithms for its
enforcement. We also discuss different ways in which generalization and
suppressions can be applied to satisfy k- anonymity and, based on them, introduce
taxonomy ofk-anonymity solutions.
7/29/2019 Mobile privacy protection
26/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 26
4.3.3. Cloaking Granularity:
It requires the area of cloaked region to be larger than a user-specified
threshold. The cloaking granularity prevents the location disclosure but cannot defend
against attacks for user identifies in the cases where user locations are publicly known
and there is only one user in the cloaked region. We consider cloaking of the current
user location with respect to the last cloaked region concerning location-dependent
attacks. Earlier cloaked regions are not considered, as prior work has proved that the
location-disclosure safety property is transitive.
7/29/2019 Mobile privacy protection
27/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 27
4.3.4. I Clique-Cloak algorithm:
The proposed I Clique Cloak algorithm involves four main steps.
First, upon the arrival of a new request u, the existing requests that are in us MMB
and vice versa are detected and modeled in an undirected graph. Then, a cloaking set
that satisfies location k-anonymity, if any, is found from the undirected graph, and the
MBR of the cloaking set is considered a candidate cloaked region. Next, the candidate
cloaked region is checked whether it needs to be adjusted in order to prevent from
location-dependent attacks. Finally, the graph will be updated accordingly if the
cloaking is successful or some request(s) are found expired.
7/29/2019 Mobile privacy protection
28/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 28
5. IMPLEMENTATION & RESULTS
5.1. INTRODUCTION
Implementation is the stage where the theoretical design is turned in to
working system. The most crucial stage is achieving a new successful system and in
giving confidence on the new system for the users that it will work efficiently and
effectively. The system can be implemented only after through testing is done and if it
found to work according to the specification.
It involves careful planning, investigation of the current system and its
constraints on implementation, design of methods to achieve the change over and an
evaluation of change over methods a part from planning. Two major tasks of
preparing the implementation are education and training of the users and testing of the
system. System analysis and design effort required for implementation depends on the
complexity of the system being developed. The implementation phase comprises of
several activities. The required hardware and software acquisition is carried out.
5.2. EXPLANATION OF KEY FUNCTIONS
Pseudo Code for Database:
In the database, data is stored in the form of tables.SQL is a standard computer
language for accessing and manipulating databases. To access and manipulate data in
the database SQL provides several statements. Some of them are:
Sql Create:
The CREATE Statement is used to create tables, database and index in a
database.
Syntax:CREATE TABLE table_name (column1 datatype,column2 datatype,.)
Example:
To create table the CREATE statement is used like this:
Create table mobilelogin(id varchar2(200), password varchar2(200), usertype
varchar2(200));
Create table mobileauthreg(id varchar2(100), password varchar2(200),
7/29/2019 Mobile privacy protection
29/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 29
department varchar2(200), ipaddress varchar2(100), mackaddress
varchar2(100), date1 varchar2(100));
Create table mobileregistration(id varchar2(100), password varchar2(200),
name varchar2(200), address varchar2(300), dob varchar2(100), gender
varchar2(100), emailid varchar2(300), phone varchar2(200), securityq
varchar2(200),answer varchar2(200),proof varchar2(200),date1varchar2(100))
SQL INSERT INTO:
The INSERT INTO statement is used to insert data into database tables.
Syntax: INSERT INTO table name VALUES (value1, value2, )
Example:
To insert a new row into mobileregistration table use INSERT INTO statement like
this:
Insert into mobileregistration(id) values('08690');
Insert into mobilelogin values('admin','admin','admin');
Insert into mobileauthreg(id) values('07690');
SQL SELECT:
The SELECT statement is used to select data from a table. The tabular result is
stored in a result table called result-set.
Syntax: SELECT column_name(s) FROM table_name
Example:
To select the content of columns named Lastname and FirstName, from the
database table called Person, use a SELECT statement like this:
SELECT LastName, FirstName FROM Person
To select all columns from the mobilelogin table, use a * symbol instead of column
names, like this:
SELECT * FROM mobilelogin;
SQL UPDATE:
The UPDATE statement is used to modify the data in a table.
7/29/2019 Mobile privacy protection
30/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 30
Syntax:
UPDATE table_name SET column_name= new_value WHERE
column_name= somevalue
SQL DELETE:
The DELETE statement is used to delete rows in a table
Syntax: DELETE FROM table_name WHERE column_name= some_value
Example:
To delete a row from the table direction, we use DELETE statement like
this:
DELETE FROM direction where PHONE=9493915295;
SQL ALTER TABLE:
The ALTER TABL statement is used to add ordrop columns in an existing
table.
Syntax:
To add a column: ALTER TABLE table_name ADD column_name datatype
To drop a column: ALTER TABLE table_name DROP COLUMN
column_name
Server Side Pseudo Code:
Servlets are server side components which accepts, process the request and
give response for request. Web server will take the request and web container will
pass the request to respective servlet. Java Database Connectivity (JDBC) is an API
developed by Sun Microsystems that provides a standard way to access data using the
Java programming language. Using JDBC, an application can access a variety of
databases and run on any platform with a Java Virtual Machine
Steps for connecting to a database:
1. Connection Initialization
2. Establishing Connection with a data Source
7/29/2019 Mobile privacy protection
31/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 31
3. Executing Queries
4. Closing Connection
Importing Packages
import javax.swing.JButton;
Swing is the primary Java GUI widget toolkit. It is part of Oracle's Java
Foundation Classes (JFC) an API for providing a graphical user interface (GUI)
for Java programs.Swing was developed to provide a more sophisticated set of GUI
components than the earlierAbstract Window Toolkit (AWT).
Swing provides a native look and feel that emulates the look and feel of
several platforms, and also supports a pluggable look and feel that allows applications
to have a look and feel unrelated to the underlying platform. It has more powerful and
flexible components than AWT.
In addition to familiar components such as buttons, check box and labels,
Swing provides several advanced components such as tabbed panel, scroll panes,
trees, tables and lists. Unlike AWT components, Swing components are not
implemented by platform-specific code. Instead they are written entirely in Java and
therefore are platform-independent. The term "lightweight" is used to describe such
an element.
import java.sql.*;
To execute database queries we need to import this package.
import java.io.*;
IO package is used to handle the Io Exceptions which may be raised while
Execution of the servlet.
To load any class File into JVM we use class.forName.
http://en.wikipedia.org/wiki/Java_(programming_language)http://en.wikipedia.org/wiki/GUIhttp://en.wikipedia.org/wiki/Widget_toolkithttp://en.wikipedia.org/wiki/Oracle_Corporationhttp://en.wikipedia.org/wiki/Java_Foundation_Classeshttp://en.wikipedia.org/wiki/Java_Foundation_Classeshttp://en.wikipedia.org/wiki/Application_programming_interfacehttp://en.wikipedia.org/wiki/Graphical_user_interfacehttp://en.wikipedia.org/wiki/Software_componenthttp://en.wikipedia.org/wiki/Abstract_Window_Toolkithttp://en.wikipedia.org/wiki/Look_and_feelhttp://en.wikipedia.org/wiki/Pluggable_look_and_feelhttp://en.wikipedia.org/wiki/Pluggable_look_and_feelhttp://en.wikipedia.org/wiki/Look_and_feelhttp://en.wikipedia.org/wiki/Abstract_Window_Toolkithttp://en.wikipedia.org/wiki/Software_componenthttp://en.wikipedia.org/wiki/Graphical_user_interfacehttp://en.wikipedia.org/wiki/Application_programming_interfacehttp://en.wikipedia.org/wiki/Java_Foundation_Classeshttp://en.wikipedia.org/wiki/Java_Foundation_Classeshttp://en.wikipedia.org/wiki/Oracle_Corporationhttp://en.wikipedia.org/wiki/Widget_toolkithttp://en.wikipedia.org/wiki/GUIhttp://en.wikipedia.org/wiki/Java_(programming_language)7/29/2019 Mobile privacy protection
32/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 32
Here class is a class and forName is a static method in java API which returns
the Class object associated with the class with the given string name.
Syntax:
class.forName (oracle.jdbc.driver.OracleDriver);
Types of JDBC Drivers
Today, there are four types of JDBC drivers in use:
Type 1: JDBC-ODBC Bridge
Type 2: partial Java driver
Type 3: pure Java driver for database middleware
Type 4: pure Java driver for direct-to-database
It is used to connect to oracle database. It converts JDBC calls into the vendor-
specific database management system (DBMS) protocol so that client applications can
communicate directly with the database server. Since type 4 JDBC drivers don't have
to translate database requests to ODBC or a native connectivity interface or to pass
the request on to another server, performance is good.
Sun.jdbc.odbc is the package in which jdbc odbc driver is present.
Opening Connection:
get Connection is the method used to establish connection.
Syntax:
Connectioncon=DriverManager.getConnection
(jdbc:oracle:thin:@newideas:1521:oracle,lbs1,location);
When driver is loaded it should register with driver manager and for getting
database connection we are using driverManager.getConnection.
Here,
Jdbc: oracle: thin -is the driver newideas is the system on which database is
running.
On a particular port number each server will listen to a particular request and
the default port number is 1521 and the port number can also be changed.
lbs1 is the user name and location is the password for accessing oracle database.
7/29/2019 Mobile privacy protection
33/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 33
Query execution:
There are three types of statements for executing queries.
i. Callable Statement:
Used to execute functions or procedures available in database.
ii. Statement:
It is used to execute SQL statements.
Syntax: Statement smt=con.createStatement ();
iii. Prepared Statement:
Used to prepare statements with place holders (?) to execute the values at run time.
Syntax:
Prepared Statement ps=Connection.prepareStatement (select * from city);
Prepared Statement ps=connection.prepareStatement (insert into emp
(empno, empname) values (?,?));
Placeholders are type of variables which hold the values retrieved from
database.
There are two methods to execute Queries.
i. executeQuery ():
It is the method which is used to execute query. Its return Type is Result Set
and it always returns a Boolean value. If the query is executed successfully then
Result Set is true else false.
Syntax:
Result Set result=prepareStatment.executeQuery ();
ii. executeupdate ():
It is method which is used for the manipulation of data present in the table.
Its return type is integer which returns two values 0 or 1.If the query is
executed successfully it returns 1 else 0.
Syntax:
Statement.executeUpdate (insert into user demo);
Closing the connection:
7/29/2019 Mobile privacy protection
34/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 34
Each server will provide its maximum capacity of connections. If we try to
open the connection other than the maximum capacity of server then it may lead to
server hang up. To overcome such problems we need to close the connection, and is
written in finally block.
5.3. METHOD OF IMPLEMENTATION
Implementation is the process of having systems personnel check out
and put new equipment in to use, train users, install the new application, and construct
any files of data needed to it. Once installed, applications are often used for many
years. However, both the organization and the users will change, and the environment
will be different over the weeks and months. Therefore, the application will
undoubtedly have to be maintained.
In this project Javas edition J2EE was used. Java expands the Universe of
objects that can move about freely in Cyberspace. In a network, two categories of objects are
transmitted between the Server and the Personal computer. They are: Passive information and
Dynamic active programs. The Dynamic, Self-executing programs cause serious problems in
the areas of Security and portability. The Java enhances the web development framework in
the technology like servlet and JSP.
Servlets are server side components those are worked under the web server. These
servlets. This servlet performs the server side scripting and turns out the static web pages to
interactive dynamic pages. The servlet API was developed under the collaboration of Apache
and Sun Microsystems. A servlet is a java class and doesnt have the main method, the class
must have to extend the GenericServlet class or HTTPServlet class or implements the Servlet
interface. The generic API was given in javax.servlet.* package, and the http API was given
in javax.servlet.http.* package.
The JSP is the extended technology of servlets but not replacing the servlets. Once
the servlet was compiled and executed by the Tomcats servlet container. The JSP program
was directly written in the html page but it is not possible to embed the servlet program in
html page. And the JSP program must carry with in the scriptlet tag , we can write the
snippets of java code using enclosed scriptlet tags.
Example:-
Form.html:-
7/29/2019 Mobile privacy protection
35/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 35
do.jsp:-
In the above example the request.getParameter() gets the value entered in the html text filed
by using the name of the tag. The request object is the in-built JSP object. Deploy the two
files in the tomcat application root folder named as webapps. Then run the program by
giving the url ashttp://localhost:8080/form.html.
http://localhost:8080/form.htmlhttp://localhost:8080/form.htmlhttp://localhost:8080/form.htmlhttp://localhost:8080/form.html7/29/2019 Mobile privacy protection
36/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 36
5.3.1. Output Screens
1. Home page:
7/29/2019 Mobile privacy protection
37/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 37
2. Mobile Client Registration:
7/29/2019 Mobile privacy protection
38/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 38
3. Successful Registration of Mobile Client:
7/29/2019 Mobile privacy protection
39/93
7/29/2019 Mobile privacy protection
40/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 40
5. Mobile Client Search:
7/29/2019 Mobile privacy protection
41/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 41
6. Mobile Client Search Result1:
7/29/2019 Mobile privacy protection
42/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 42
7. Mobile Client Search Result2:
7/29/2019 Mobile privacy protection
43/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 43
8. Mobile Client Search Result3:
7/29/2019 Mobile privacy protection
44/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 44
9. Mobile Client Search Result4:
7/29/2019 Mobile privacy protection
45/93
7/29/2019 Mobile privacy protection
46/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 46
11. Administrator Login:
7/29/2019 Mobile privacy protection
47/93
7/29/2019 Mobile privacy protection
48/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 48
13. Authorized users view of Administrator:
7/29/2019 Mobile privacy protection
49/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 49
14. Mobile Clients view of Administrator:
7/29/2019 Mobile privacy protection
50/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 50
15. Authorized User Registration:
7/29/2019 Mobile privacy protection
51/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 51
16. Successful Registration of Authorized User:
7/29/2019 Mobile privacy protection
52/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 52
17. Authorized User Login:
7/29/2019 Mobile privacy protection
53/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 53
18. Authorized User Search1:
7/29/2019 Mobile privacy protection
54/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 54
19. Authorized User Search1 Result:
7/29/2019 Mobile privacy protection
55/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 55
20. Authorized User Search2:
7/29/2019 Mobile privacy protection
56/93
7/29/2019 Mobile privacy protection
57/93
7/29/2019 Mobile privacy protection
58/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 58
applies tests defined in an integration test plan to those aggregates, and delivers as its
output the integrated system ready for system testing.
Acceptance Testing
Acceptance testing by the system provider is often distinguished from acceptance
testing by the customer (the user or client) prior to accepting transfer of ownership. In
such environments, acceptance testing performed by the customer is known as user
acceptance testing (UAT). This is also known as end-user testing, site (acceptance)
testing, or field (acceptance) testing.
6.2DESIGN OF TEST CASES AND SCENARIOS Unit testing tests the minimal software component and sub-component
Integration testing exposes defects in the interfaces and interaction
between integrated components (modules).
1. Functional testing tests the product according to programmable work.
2. System testing tests an integrated system to verify/validate that it meets its
requirements.
3. Acceptance testing can be conducted by the client. It allows the end-user or
customer or client to decide whether or not to accept the product. Acceptance
testing may be performed after the testing and before the implementation
phase. See also Development stage
Alpha testing is simulated or actual operational testing by potential
users/customers or an independent test team at the developers' site. Alpha testing is
often employed for off-the-shelf software as a form of internal acceptance testing,
before the software goes to beta testing.
Beta testing comes after alpha testing. Versions of the software, known as
beta versions, are released to a limited audience outside of the company. The software
is released to groups of people so that further testing can ensure the product has few
faults or bugs. Sometimes, beta versions are made available to the open public to
increase the feedback field to a maximal number of future users.
7/29/2019 Mobile privacy protection
59/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 59
It should be noted that although both Alpha and Beta are referred to as testing it is in
fact use emersion. The rigors that are applied are often unsystematic and many of the
basic tenets of testing process are not used. The Alpha and Beta period provides
insight into environmental and utilization conditions that can impact the software.
After modifying software, either for a change in functionality or to fix defects,
a regression test re-runs previously passing tests on the modified software to ensure
that the modifications haven't unintentionally caused a regression of previous
functionality. Regression testing can be performed at any or all of the above test
levels. These regression tests are often automated.
A test case is a software testing document, which consists of event, action,input, output, expected result and actual result. Clinically defined (IEEE 829-1998) a
test case is an input and an expected result. This can be as pragmatic as 'for condition
x your derived result is y', whereas other test cases described in more detail the input
scenario and what results might be expected.
It can occasionally be a series of steps (but often steps are contained in a
separate test procedure that can be exercised against multiple test cases, as a matter of
economy) but with one expected result or expected outcome. The optional fields are a
test case ID, test step or order of execution number, related requirement(s), depth, test
category, author, and check boxes for whether the test is automatable and has been
automated.
Larger test cases may also contain prerequisite states or steps, and
descriptions. A test case should also contain a place for the actual result. These steps
can be stored in a word processor document, spreadsheet, database or other commonrepository. In a database system, you may also be able to see past test results and who
generated the results and the system configuration used to generate those results.
These past results would usually be stored in a separate table.
The term test script is the combination of a test case, test procedure and test
data. Initially the term was derived from the byproduct of work created by automated
regression test tools. Today, test scripts can be manual, automated or a combination of
both. The most common term for a collection of test cases is a test suite.
7/29/2019 Mobile privacy protection
60/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 60
The test suite often also contains more detailed instructions or goals for each
collection of test cases. It definitely contains a section where the tester identifies the
system configuration used during testing. A group of test cases may also contain
prerequisite states or steps, and descriptions of the following tests. Collections of test
cases are sometimes incorrectly termed a test plan. They might correctly be called a
test specification. If sequence is specified, it can be called a test script, scenario or
procedure.
Test Case 1:
Test case 1: Mobile Client Registration
Test Objective: To enter all the details given in the registration form.
Test Description : After entering into the registration page the mobile client must submit
valid credentials, if not the exception will displayed in the alert message box.
Requirements Verified: Yes
Test Environment: In JSP page, runs at server (ApacheTomcat) with Back-end Oracle DB
Test Setup/Pre-Conditions: Client should be able to open the localhost at port no. 8089
Actions Expected Results
Click the Clients Registration on the home
page and must provide all details make sure the
should not be left blank. Then click Register now.
Details will store in database. And
the message will display
User-Registered-successfully
Pass: Yes Conditions pass: No Fail: No
Problems / Issues: NIL
Notes: Successfully Executed
7/29/2019 Mobile privacy protection
61/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 61
Test Case 2:
Test case 2: Finding the location of a mobile client
Test Objective: To find out the mobile client location by using client details.
Test Description : After successful user login he/she must enter the Phone Number ,
Security question, answer, proof for searching his/her location.
Requirements Verified: Yes
Test Environment: In JSP page, runs at server (ApacheTomcat) with Back-end Oracle
Test Setup/Pre-Conditions: Client should be able to open the localhost at port no. 8089
Actions Expected Results
Enter the correct user details and the values
must match to the registration details. Then
click on Search button.
Redirect to Google Maps and display
the location with mobile number and
client name.
Pass: Yes Conditions pass: No Fail: No
Problems / Issues: NIL
Notes: Successfully Executed
7/29/2019 Mobile privacy protection
62/93
7/29/2019 Mobile privacy protection
63/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 63
6.3. VALIDATION
The system has been tested and implemented successfully and thus
ensured that all the requirements as listed in the software requirements
specification are completely fulfilled. In case of erroneous input corresponding
error messages are displayed.
1. Requirements Analysis: Testing should begin in the requirements phase of the
software development life cycle. During the design phase, testers work with
developers in determining what aspects of a design are testable and under what
parameter those tests work.
2. Test Planning: Test Strategy, Test Plan(s), Test Bed creation.
3. Test Development: Test Procedures, Test Scenarios, Test Cases, Test Scripts to
use in testing software.
4. Test Execution: Testers execute the software based on the plans and tests and
report any errors found to the development team.
5. Test Reporting: Once testing is completed, testers generate metrics and make
final reports on their test effort and whether or not the software tested is ready
for release.6. Retesting the Defects
Not all errors or defects reported must be fixed by a software development team.
Some may be caused by errors in configuring the test software to match the
development or production environment. Some defects can be handled by a
workaround in the production environment. Others might be deferred to future
releases of the software, or the deficiency might be accepted by the business user.
There are yet other defects that may be rejected by the development team (of course,
with due reason) if they deem it inappropriate to be called a defect m testing of
software or hardware is testing conducted on a complete, integrated system to
evaluate the system's compliance with its specified requirements. System testing falls
within the scope of black box testing, and as such, should require no knowledge of the
inner design of the code or logic.
7/29/2019 Mobile privacy protection
64/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 64
7. CONCLUSION:
We investigated cloaking algorithms that protect location privacy against
location-dependent attacks. We showed that most of the existing location cloaking
algorithms cannot effectively defend against location dependent attacks as they are
concerned with snapshot user locations only. To address this problem, we have
employed a graph model to formalize the problem and transformed it to the problem
of finding k-node cliques in the graph. We have proposed an incremental clique-based
cloaking algorithm called ICliqueCloak to generate cloaked regions. A series of
experiments has been conducted to evaluate ICliqueCloak under various system
settings. The experimental results show that the price paid for location dependent
attacks is small. The average processing time is only 5.7 ms and the cloaking success
rate is about 97 percent for most cases, which validate the efficiency and effectiveness
of the proposed ICliqueCloak algorithm.
7/29/2019 Mobile privacy protection
65/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 65
REFERENCES:
[1] Athens Trucks Data, http://www.rtreeportal.org/, 2006.
[2] ABI Research, http://www.abiresearch.com/press/1097-Mobile + Location +
Based + Services + Revenue + to+Reach+$13.3+ Billion+Worldwide+by+2013,
2008.
[3] O. Abul, F. Bonchi, and M. Nanni, Never Walk Alone: Uncertainty for
Anonymity in Moving Objects Databases, Proc. IEEE 24th Intl Conf. Data Eng.
(ICDE 08), pp. 376-385, Apr. 2008.
[4] B. Bamba and L. Liu, Supporting Anonymous Location Queries in Mobile
Environments with Privacygrid, Proc. 17th Intl Conf. World Wide Web (WWW
08), 2008.
[5] C. Bettini, X.S. Wang, and S. Jajodia, Protecting Privacy against Location-Based
Personal Identification, Proc. Second VLDB Workshop Secure Data Management,
pp. 185-199, 2005.
[6] K. Bharath, G. Ghinita, and P. Kalnis, Privacy-Preserving Publication of User
Locations in the Proximity of Sensitive Sites,Proc. 20th Intl Conf. Scientific and
Statistical Database Management (SSDBM 08), July 2008.
[7] R. Cheng, Y. Zhang, E. Bertino, and S. Prabhakar, Preserving User Location
Privacy in Mobile Data Management Infrastructures, Proc. Privacy Enhancing
Technology Workshop (PET 06), 2006.
[8] C. Chow and M.F. Mokbel, Enabling Private Continuous Queries for Revealed
User Locations, Proc. 10th Intl Conf. Advances in Spatial and Temporal Databases
(SSTD 07), 2007.
[9] Directive 2002/58/EC of the European Parliament and of the Council of 12 July
2002, Official J. European Communities, pp. 37-47, 2002.
[10] J. Du, J. Xu, X. Tang, and H. Hu, iPDA: Enabling Privacy- Preserving
Location-Based Services, Proc. Conf. Mobile Data Management (MDM), 2007.
http://www.abiresearch.com/press/1097-Mobilehttp://www.abiresearch.com/press/1097-Mobilehttp://www.abiresearch.com/press/1097-Mobile7/29/2019 Mobile privacy protection
66/93
7/29/2019 Mobile privacy protection
67/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 67
[21] B. Hoh and M. Gruteser, Protecting Location Privacy ThroughPath Cloaking,
Proc. SecureComm, 2005.
[22] H. Hu and J. Xu, Non-Exposure Location Anonymity, Proc.IEEE Intl Conf.
Data Eng. (ICDE 09), 2009.
[23] H. Hu, J. Xu, S.T. On, J. Du, and J.K. Ng, Privacy-Aware Location Data
Publishing, ACM Trans. Database Systems, vol. 35, no. 3, pp. 1-42, July 2010.
[24] P. Kalnis, G. Ghinita, K. Mouratidis, and D. Papadias, Preventing Location-
Based Identity Inference in Anonymous Spatial Queries, IEEE Trans. Knowledge
and Data Eng., vol. 19, no. 12, pp. 1719-1733, Dec. 2007.
[25] H. Kido, Y. Yanagisawa, and T. Satoh, Protection of Location Privacy Using
Dummies for Location-Based Services, Proc. 25thIntl Conf. Distributed Computing
Systems (ICPS 05), 2005.
[26] J. Krumm, Inference Attacks on Location Tracks, Proc. Fifth Intl Conf.
Pervasive Computing, 2007.
[27] K. Lee, W.C. Lee, H.V. Leong, and B. Zheng, Navigational Path PrivacyProtection: Navigational Path Privacy Protection, Proc. 18th ACM Conf. Information
and Knowledge Management (CIKM), 2009.
[28] L. Liu, From Data Privacy to Location Privacy: Models andAlgorithms, Proc.
33rd Intl Conf. Very Large Data Bases (VLDB07), pp. 1429-1430, 2007.
[29] H. Lu, C.S. Jensen, and M.L. Yiu, A3D: Anonymity area aware, Dummy-Based
Location Privacy in Mobile Services, Proc. Data Eng. for Wireless and MobileAccess (MobiDE 08), 2008.
[30] S. Mascetti, C. Bettini, X.S. Wang, D. Freni, and S. Jajodia, Preserving
Anonymity in Location-based Services When Requests From the Same Issuer May be
Correlated, technical report, Univ. of Milan, Italy, 2007.
7/29/2019 Mobile privacy protection
68/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 68
[31] M.F. Mokbel, C.Y. Chow, and W.G. Aref, The New Casper: Query Processing
for Location Services Without Compromising Privacy, Proc. 32nd Intl Conf. Very
Large Data Bases (VLDB 06), 2006.
[32] D. Reid, An Algorithm for Tracking Multiple Targets, IEEE Trans. Automatic
Control, vol. TAC-24, no. 6, pp. 843-854, Dec. 1979.
[33] P. Samarati and L. Sweeney, Protecting Privacy When Disclosing Information:
K-Anonymity and Its Enforcement Through Generalization and Suppression, Intl J.
on Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 10, no. 5, pp. 571-
588, 2002.
[34] L. Sweeney, K-Anonymity: A Model for Protecting Privacy, Intl J.
Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 10, no. 5, pp. 557-570,
2002.
[35] M. Terrovitis and N. Mamoulis, Privacy Preservation in the Publication of
Trajectories, Proc. Ninth Intl Conf. Mobile DataManagement (MDM 08), 2008.
[36] Thomas Brinkhoff Network-Based Generator of Moving Objects,http://www.fh-
oow.de/institute/iapg/personen/brinkhoff/ generator/, 2008.
[37] J. Xu, X. Tang, H. Hu, and J. Du, Privacy-Conscious Location- Based Queries
in Mobile Environments, IEEE Trans. Parallel and Distributed Systems, vol. 21, no.
3, pp. 313-326, Mar. 2010.
[38] T. Xu and Y. Cai, Location Anonymity in Continuous Location - Based
Services, Proc. 15th Ann. ACM Intl Symp. Advances in Geographic Information
Systems (GIS 07), 2007.
[39] T. Xu and Y. Cai, Exploring Historical Location Data for Anonymity
Preserving in Location-Based Services, Proc. IEEE INFOCOM, 2008.
Sites Referred:
1. http://www.sourcefordgde.com
http://www.fh-oow.de/institute/iapg/personen/brinkhoff/http://www.fh-oow.de/institute/iapg/personen/brinkhoff/http://www.fh-oow.de/institute/iapg/personen/brinkhoff/http://www.fh-oow.de/institute/iapg/personen/brinkhoff/http://www.sourcefordgde.com/http://www.sourcefordgde.com/http://www.fh-oow.de/institute/iapg/personen/brinkhoff/http://www.fh-oow.de/institute/iapg/personen/brinkhoff/7/29/2019 Mobile privacy protection
69/93
7/29/2019 Mobile privacy protection
70/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 70
ANNEXURE I
User Manual of Project:
1. Install the Java 1.6 in the machine.
2. Install the Oracle 10g XE database edition.
3. Install the Server Apache Tomcat version 6.0.
4. Set the path , for that right click on My Computer Properties
AdvancedEnvironment VariableSystem Variable Edit(PATH)
5. In System Variable edit PATH ;C:\Program Files (x86)\Java\jdk1.6.0\bin;.;
and click ok.
6. New Click and add CLASSPATH and copy the link
C:\Program Files (x86)\Java\jdk1.6.0\lib;
7. Set the JDBC class path to the below location-
c:\oraclexe\app\oracle\product\10.2.0\server\jdbc\lib\ojdbc14.jar;
8. Install the Eclipse IDE for J2EE.
7/29/2019 Mobile privacy protection
71/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 71
ANNEXURE II
Sample Source Code of Software:
home.jsp
Foundation by FCT
A DEFENCE SECLUSION
AGAINST LOCATION BASED PERSONAL RECOGNITION
Pages
7/29/2019 Mobile privacy protection
72/93
7/29/2019 Mobile privacy protection
73/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 73
Welcome to Defence!
Copyright's 2013. All Rights
Reserved..
registration.jsp
7/29/2019 Mobile privacy protection
74/93
7/29/2019 Mobile privacy protection
75/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 75
window.alert("Please enter password");
document.f2.pas.focus();
return false;
}
else if(!pas.match(pwd_re))
{
window.alert(" password should contain alphanumerics only");
document.f2.pas.focus();
return false;
}
else if(pas.length
7/29/2019 Mobile privacy protection
76/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 76
}
else if(f2.add.value=="")
{
window.alert("Please Enter Address");
document.f2.add.focus();
return false;
}
else if(f2.dd.selectedIndex==0)
{
window.alert("Please select the date of Birth");
document.f2.dd.focus();
return false;
}
else if(f2.mm.selectedIndex==0)
{
window.alert("Please select the month of Birth");
document.f2.mm.focus();
return false;
}
else if(f2.yy.selectedIndex==0)
7/29/2019 Mobile privacy protection
77/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 77
{
window.alert("Please select the year of Birth");
document.f2.yy.focus();
return false;
}
else if ( ( document.f2.gen[0].checked == false ) && (
document.f2.gen[1].checked == false ) ){
window.alert ( "Please choose Radio Button!" );
document.f2.gen[0].focus();
return false;
}
else if(f2.ema.value=="")
{
window.alert("Please enter your email id");
document.f2.ema.focus();
return false;
}
else if(!f2.ema.value.match(email_re))
{
window.alert(" invalid email");
document.f2.ema.focus();
return false;
7/29/2019 Mobile privacy protection
78/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 78
}
else if(f2.pho.value=="")
{
window.alert("Please enter your Contact No");
document.f2.pho.focus();
return false;
}
else if(pho.length
7/29/2019 Mobile privacy protection
79/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 79
document.f2.ans.focus();
return false;
}
else if(f2.pro.selectedIndex=="")
{
window.alert("Please select the proof you are going to submit");
document.f2.pro.focus();
return false;
}
else if (document.f2.iac.checked == false)
{
window.alert("Please Select I Accept");
document.f2.iac.focus();
return false;
}
return true;
}
7/29/2019 Mobile privacy protection
80/93
7/29/2019 Mobile privacy protection
81/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 81
Preventing-Mobile's
Welcome to Defence!
7/29/2019 Mobile privacy protection
82/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 82
User Registration
User
ID
Password
7/29/2019 Mobile privacy protection
83/93
7/29/2019 Mobile privacy protection
84/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 84
Month
7/29/2019 Mobile privacy protection
85/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 85
ID
Contact
No
Security Question
Select here
where you did
your Schooling
Your BirthPlaceYour Favourite
ColorYour First Bikeyour Favourite Place
7/29/2019 Mobile privacy protection
86/93
7/29/2019 Mobile privacy protection
87/93
7/29/2019 Mobile privacy protection
88/93
7/29/2019 Mobile privacy protection
89/93
7/29/2019 Mobile privacy protection
90/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 90
return true;
}
A DEFENCE SECLUSION
AGAINST LOCATION BASED PERSONAL RECOGNITION
Pages
Home
Client's Registration
Client's Login
Authorized Login
7/29/2019 Mobile privacy protection
91/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 91
Preventing-Mobile's
Welcome to Defence!
7/29/2019 Mobile privacy protection
92/93
A DEFEND SECLUSION AGAINST LOCATION-BASED PERSONAL RECOGNITION
QCET, Dept Of CSE 92
User Login
User
ID
Password
Stay in
7/29/2019 Mobile privacy protection
93/93
Top Related