A general consensus is that the proliferation of locationaware devices will result in a diffusion of location-based services. Privacy preservation is a challenging research issue for this kind of service. A possible solution consists of ensuring users’ anonymity, i.e., ensuring that the user issuing a request is indistinguishable, among a group of users, by any attacker who has access to the service requests. In this paper we propose a formal framework to model the problem of guaranteeing anonymity when requiring location-based services. The proposed framework extends existing approaches by allowing to model different kinds of knowledge that may be available to the attacker. We show application examples of our framework, modeling both known scenarios and new ones. From a practical point of view, the framework makes it possible to define anonymity-preserving techniques that best suite the system assumptions as derived from the applicative context, and the level of privacy protection...