José Simão
Paulo Ferreira
ABSTRACT
Today there are many location technologies providing people or object location. However, location privacy must be ensured before providing widely disseminated location services. Privacy rules may depend not only on the identity of the requester, but also on past events such as the places visited by the person being located, or previous location queries.
So, location systems must support the specification and enforcement of security policies allowing users to specify when, how and who can know their location. We propose a middleware platform named Jano1 supporting both pull and push location requests while enforcing configurable security policies. Policies are specified using the Security Policy Language - SPL, facilitating the use of well known security models. In particular, Jano supports history-based policies applied to persons or objects location.
The system was implemented with the integration of several location technologies (e.g. GPS, Bluetooth, etc.), and dealing with the heterogeneity aspects. It provides an interface that facilitates policy specification and has good performance.
- C. A. Ardagna, M. Cremonini, E. Damiani, S. D. C. di Vimercati, and P. Samarati. Location privacy protection through obfuscation-based techniques. volume 4602 of Lecture Notes in Computer Science, pages 47--60. Springer, 2007. Google Scholar
Digital Library
- A. R. Beresford. Location privacy in ubiquitous computing. Technical Report 612, University of Cambridge, January 2005.Google Scholar
- C. Cornelius, A. Kapadia, D. Kotz, D. Peebles, M. Shin, and N. Triandopoulos. AnonySense: Privacy-aware people-centric sensing. In Proceeding of the 6th international conference on Mobile systems, applications, and services, pages 211--224. ACM, 2008. Google ScholarDigital Library
- M. B. et. a. Rfc 2704: The keynote trust-management system version 2, September 1999.Google Scholar
- D. Garlan, D. P. Siewiorek, A. Smailagic, and P. Steenkiste. Project aura: Toward distraction-free pervasive computing. PERVASIVE Computing, pages 22--31, June 2002. Google ScholarDigital Library
- U. Hengartner and P. Steenkiste. Protecting access to people location information. In First International Conference on Security in Pervasive Computing, pages 25--38, 2003.Google Scholar
- J. I. Hong. An architecture for privacy-sensitive ubiquitous computing. In In MobiSYS Š04: Proceedings of the 2nd international conference on mobile systems, applications, and services, pages 177--189. ACM Press, 2004. Google ScholarDigital Library
- P. G. Kelley, P. H. Drielsma, N. M. Sadeh, and L. F. Cranor. User-controllable learning of security and privacy policies. In AISec, pages 11--18, 2008. Google ScholarDigital Library
- J. Kotamraju. Jsr 224: Java api for xml-based web services (jax-ws) 2.0. JSRs: Java Specification Requests.Google Scholar
- U. Leonhardt and J. Magee. Stability considerations for a distributed location service. J. Network Syst. Manage., 6(1), 1998. Google ScholarDigital Library
- Microsoft. Standard ecma-335 common language infrastructure (cli), 2006.Google Scholar
- M. Mitzenmacher. Compressed bloom filters. IEEE/ACM Transactions on Networking (TON), 10(5):604--612, 2002. Google ScholarDigital Library
- M. Mokbel, C. Chow, and W. Aref. The new Casper: query processing for location services without compromising privacy. In Proceedings of the 32nd international conference on Very large data bases, page 774. VLDB Endowment, 2006. Google ScholarDigital Library
- G. Myles, A. Friday, and N. Davies. Preserving privacy in environments with location-based applications. Pervasive computing, pages 56--64, 2003. Google ScholarDigital Library
- L. Opyrchal, A. Prakash, and A. Agrawal. Supporting privacy policies in a publish-subscribe substrate for pervasive environments. Journal of Networks, pages 17--26, February 2007.Google Scholar
- C. Ribeiro, A. Zuquete, P. Ferreira, and P. Guedes. Spl: An access control language for security policies and complex constraints. In NDSS. The Internet Society, 2001.Google Scholar
- J. Y. Tsai, P. G. Kelley, L. F. Cranor, and N. Sadeh. Location-sharing technologies: Privacy risks and controls. In In Research Conference on Communication, Information and Internet Policy (TPRC, 2009.Google Scholar
- U. Varshney. Location management for mobile commerce applications in wireless internet environment. ACM Trans. Interet Technol., 3(3):236--255, 2003. Google ScholarDigital Library
Index Terms
- Jano: specification and enforcement of location privacy in mobile and pervasive environments
Recommendations
Virtual Information Towers-A Metaphor for Intuitive, Location-Aware Information Access in a Mobile Environment
ISWC '99: Proceedings of the 3rd IEEE International Symposium on Wearable ComputersThis paper introduces Virtual Information Towers (VITs) as a concept for presenting and accessing location-aware information with mobile clients. A VIT is a means of structuring location-aware information, which is assigned to a certain geographical ...
Location-aware information retrieval for identifying local and distant landmark
SAC '14: Proceedings of the 29th Annual ACM Symposium on Applied ComputingTwo types of locations are important for wayfinding which is an essential process of determining persons' routes, and of identifying their own locations and orientations. Locations of the first type are related to their routes. Locations of the second ...
Location privacy protection with a semi-honest anonymizer in information centric networking
ICN '18: Proceedings of the 5th ACM Conference on Information-Centric NetworkingLocation-based services, which provide services based on locations of consumers' interests, are becoming essential for our daily lives. Since the location of a consumer's interest contains private information, several studies propose location privacy ...
Comments