Abstract
Third party service providers are starting to use advanced location services based on area or periodical notification in order to develop innovative applications. However, such functions can be easily misused for tracking users and building their activity profiles, if privacy enhancement mechanisms are not integrated into the service architecture. In this paper we present a protocol based on transaction pseudonyms that protects the user’s address from being disclosed and associated with their location. Based on hash chains, the pseudonyms are used to authorize service and the localization requests, making possible ad hoc service usage without registration. We further analyze security aspects of the proposed protocol.
This work was supported by the Austrian Kplus program.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Parlay: Parlay x, http://www.parlay.org/ (accessed May 03, 2005)
W3C (Soap (simple object access protocol) version 1.2), http://www.w3.org/TR/soap (accessed May 03)
Alamäki, T., Björksten, M., Dornbach, P., Gripenberg, C., GyorbÃró, N., Márton, G., Németh, Z., Skyttä, T., Tarkiainen, M.: Privacy enhancing service architectures. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 99–109. Springer, Heidelberg (2003)
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
ISO/IEC 9797-2: Information Technology — Security Techniques — Message Authentication Codes (MACs) - Part 2: Mechanisms Using a Dedicated Hash-Function. International Organization for Standardization, Geneva, Switzerland (2002)
Menezes, A.J.A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. The CRC Press series on discrete mathematics and its applications. CRC Press, 2000 N.W. Corporate Blvd., Boca Raton, FL 33431-9868, USA (1997)
National Institute of Standards and Technology: Secure hash standard (SHS). Federal Information Processing Standards Publication 180-2 (2002)
Rivest, R.: RFC 1321: The MD5 message-digest algorithm, Status: INFORMATIONAL (1992)
Wang, X., Lai, X., Daum, M.: Collisions for hash functions MD4, MD5, HAVAL-128 and RIPEMD (2004), http://eprint.iacr.org/2004/199.pdf
Wang, X., Yin, Y.L., Yu, H.: Collision search attacks on SHA1, http://www.infosec.sdu.edu.cn/paper/sha-attack-note.pdf (2005)
ECRYPT Network of Excellence: Recent collision attacks on hash functions: ECRYPT position paper, http://www.ecrypt.eu.org/documents/ECRYPT-hash-statement.pdf (accessed May 03, 2004)
Andersson, C., Lundin, R., Fischer-Huebner, S.: Enabling anonymity for the mobile internet using the mcrowds system. In: FIP WG 9.2, 9.6/11.7 Summer School on Risks and Challenges of the Network Society, Karlstad University Studies (2004)
Jorns, O., Bessler, S., Pailer, R.: An Efficient Mechanism to ensure Location Privacy in Telecommunication Service Applications. In: Proc. International Conference on Network Control and Engineering, Palma de Mallorca, Spain (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jorns, O., Jung, O., Gross, J., Bessler, S. (2005). A Privacy Enhancement Mechanism for Location Based Service Architectures Using Transaction Pseudonyms. In: Katsikas, S., López, J., Pernul, G. (eds) Trust, Privacy, and Security in Digital Business. TrustBus 2005. Lecture Notes in Computer Science, vol 3592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11537878_11
Download citation
DOI: https://doi.org/10.1007/11537878_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28224-2
Online ISBN: 978-3-540-31796-8
eBook Packages: Computer ScienceComputer Science (R0)