Abstract
Geographic privacy services provide location information on roaming targets to location recipients via location servers, in a way that protects the privacy of the individuals involved. In this paper we propose and discuss new protocols representing the core of Geopriv, with particular focus on the security requirements stated in the IETF’s RFC 3693. Using the AVISPA tool, we check that these requirements, namely anonymity against the location server, as well as confidentiality, integrity, and authenticity of the location information, are actually met. In the design phase of such protocols, numerous variants are to be considered and evaluated. Here the use of model checkers turns out to be very helpful in exploring the security implications quickly and precisely.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The AVISPA project homepage (2003), http://www.avispa-project.org/
The AVISPA Tool (2005), Available at: http://www.avispa-project.org/
HLPSL Tutorial: A Beginner’s Guide to Modelling and Analysing Internet Security Protocols, Available at: [AH-03] (2005)
AVISPA User Manual, Available at: [AH-03] (2005)
Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Mantovani, J., Mödersheim, S., Vigneron, L.: A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols. Automated Software Engineering, vol. 180, pp. 193–205. Austrian Computer Society, Austria (2004)
Cuellar, J., Morris, J., Mulligan, D., Peterson, J., Polk, J.: RFC 3693: geopriv requirements (2004), http://www.faqs.org/rfcs/rfc3693.html
Danley, M., Mulligan, D., Morris, J., Peterson, J.: RFC 3694: Threat Analysis of the Geopriv Protocol (2004), http://www.faqs.org/rfcs/rfc3694.html
Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29) (1983)
IETF Working Group: Geographic location/privacy (geopriv) (2006), http://www.ietf.org/html.charters/geopriv-charter.html
Liu, L.: Analyzing web service protocols with the AVISPA approach. M.Sc. thesis, Universität Karlsruhe and Siemens (2005)
Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop (CSFW 1997), pp. 31–43. IEEE Computer Society Press, Los Alamitos (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
von Oheimb, D., Cuellar, J. (2006). Designing and Verifying Core Protocols for Location Privacy. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds) Information Security. ISC 2006. Lecture Notes in Computer Science, vol 4176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11836810_36
Download citation
DOI: https://doi.org/10.1007/11836810_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-38341-3
Online ISBN: 978-3-540-38343-7
eBook Packages: Computer ScienceComputer Science (R0)