120 likes | 222 Views
Privacy Enhanced Architecture for Location Based Services (PE-LBS) Alberto Escudero-Pascual <aep@it.kth.se> Royal Institute of Technology -KTH Sweden. About the speaker. Researcher in the area of Privacy in mobile Internet, data protection and cybercrime at KTH in Stockholm.
E N D
Privacy Enhanced Architecture for Location Based Services (PE-LBS) Alberto Escudero-Pascual <aep@it.kth.se> Royal Institute of Technology -KTH Sweden
About the speaker Researcher in the area of Privacy in mobile Internet, data protection and cybercrime at KTH in Stockholm. • Tec. Licentiate • “Anonymous and untraceable communications in mobile Internet”. (2001) • Dissertation Proposal • 'Privacy in the next generation Internet: Data Protection in the context of European Union Policy’. (2002)
Background and definitions • Location Based Services (LBS) • Privacy Enhanced Technologies (PET) • Unlinkability and Location Privacy • Chaum’s MIXes (1981) • SOAP, XML, RPC, 97/66/EC
Location Privacy in a nutshell Someone is somewhere doing something <identity> <time> <place> <content> SomeoneIdentity Management Somewhere Location Privacy Something Content Confidentiality
PE-LBS Architecture Transport Transport 1. Location Acquisition Hardware 2. XML Location Data Record 3. XML (SOAP) Service Request 4. Transport Service 5. Location Based Service Proxy Server 6. Service Modules XML ServiceRequest LBS PROXY M3 M1 M2 XML Location S1 S2 S3
1. Location Adquisition Hardware Fastrax iTrax02. GPS receiver (iTalk & NMEA)
Location Data Records XML Location Data LOCATION DATA RECORDS $GP<messageid>,<data field>,<data field>,...*<checksum><CR><LF> $GPGLL,5924.3131,N,01756.5752,E,134703.77,A,A*61 <?xml version = "1.0" encoding = "UTF-8"?> <loc:SLO xmlns:loc="http://www-nrc.nokia.com/ietf-spatial/2001/05/08/location" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www-nrc.nokia.com/ietf-spatial/2001/05/08/location http://www-nrc.nokia.com/ietf- spatial/2001/05/08/location.xsd"> <POS> <LAT>N59.40.54</LAT> <LONG>E017.94.36</LONG> </POS> <ALT>+12.99</ALT> <ALT_MSL>010</ALT_MSL> <H_ACC>50</H_ACC> <V_ACC>2.5</V_ACC> <TIME>2001-13-11T12:00:01+02:00</TIME> <G_SPEED>2.0</G_SPEED> <V_SPEED unit="knot">1</V_SPEED> <DIR>M240</DIR> <COURSE>M30</COURSE> <H_ORIENT>T25</H_ORIENT> <V_ORIENT>179</V_ORIENT> </loc:SLO> XML LOCATION DATA
SOAP Service Request POST /Temperature HTTP/1.1 Host: www.lbs-proxyserver.com Content-Type: text/xml Content-Length: 357 SOAPAction: "http://weather.org/query#GetTemperature" <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <SOAP-ENV:Body> <m:GetTemperature xmlns:m="http://weather.org/query"> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#3des-cbc'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:KeyName>KeyID </ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue>XkIHMHS4ka4CXFWA3yESBqQzIp21D1MHYgeREk3i50BBDrPGPUCkL7bXoC8S9 QlIKbghAkHbZDgrzBI6yvP33</CipherValue> </CipherData> </m:GetTemperature> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
Service Modules • Publishing location • DNS RRLOC • DNS Update using TSIG • Requesting information based on location • Location based Info services • Unlinkability MobileID - Location - InfoRequest
Conclusions • Using a proxy server between the mobile and the location based services we can hide the location of the mobile device. • Using XML Encryption and signatures in Simple Object Access Protocol service requests we can provide both message digest and message authentication (accountability).
ConclusionsPE-LBS and MIX networks • Three benefits of the PE-LBS architecture: • A PE-LBS proxy can act as a “mix” by buffering and changing the sequence of processing SOAP requests. • Chain of PE-LBS can be used as a “mix network”. • All the functionalities are Transport Independent.
More info Location Privacy and Mobile Internetworking http://www.it.kth.se/~aep/publications <aep@kth.se>