1 / 12

Privacy Enhanced Architecture for Location Based Services (PE-LBS) Alberto Escudero-Pascual

Privacy Enhanced Architecture for Location Based Services (PE-LBS) Alberto Escudero-Pascual <aep@it.kth.se> Royal Institute of Technology -KTH Sweden. About the speaker. Researcher in the area of Privacy in mobile Internet, data protection and cybercrime at KTH in Stockholm.

vea
Download Presentation

Privacy Enhanced Architecture for Location Based Services (PE-LBS) Alberto Escudero-Pascual

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy Enhanced Architecture for Location Based Services (PE-LBS) Alberto Escudero-Pascual <aep@it.kth.se> Royal Institute of Technology -KTH Sweden

  2. About the speaker Researcher in the area of Privacy in mobile Internet, data protection and cybercrime at KTH in Stockholm. • Tec. Licentiate • “Anonymous and untraceable communications in mobile Internet”. (2001) • Dissertation Proposal • 'Privacy in the next generation Internet: Data Protection in the context of European Union Policy’. (2002)

  3. Background and definitions • Location Based Services (LBS) • Privacy Enhanced Technologies (PET) • Unlinkability and Location Privacy • Chaum’s MIXes (1981) • SOAP, XML, RPC, 97/66/EC

  4. Location Privacy in a nutshell Someone is somewhere doing something <identity> <time> <place> <content> SomeoneIdentity Management Somewhere Location Privacy Something Content Confidentiality

  5. PE-LBS Architecture Transport Transport 1. Location Acquisition Hardware 2. XML Location Data Record 3. XML (SOAP) Service Request 4. Transport Service 5. Location Based Service Proxy Server 6. Service Modules XML ServiceRequest LBS PROXY M3 M1 M2 XML Location S1 S2 S3

  6. 1. Location Adquisition Hardware Fastrax iTrax02. GPS receiver (iTalk & NMEA)

  7. Location Data Records  XML Location Data LOCATION DATA RECORDS $GP<messageid>,<data field>,<data field>,...*<checksum><CR><LF> $GPGLL,5924.3131,N,01756.5752,E,134703.77,A,A*61 <?xml version = "1.0" encoding = "UTF-8"?> <loc:SLO xmlns:loc="http://www-nrc.nokia.com/ietf-spatial/2001/05/08/location" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www-nrc.nokia.com/ietf-spatial/2001/05/08/location http://www-nrc.nokia.com/ietf- spatial/2001/05/08/location.xsd"> <POS> <LAT>N59.40.54</LAT> <LONG>E017.94.36</LONG> </POS> <ALT>+12.99</ALT> <ALT_MSL>010</ALT_MSL> <H_ACC>50</H_ACC> <V_ACC>2.5</V_ACC> <TIME>2001-13-11T12:00:01+02:00</TIME> <G_SPEED>2.0</G_SPEED> <V_SPEED unit="knot">1</V_SPEED> <DIR>M240</DIR> <COURSE>M30</COURSE> <H_ORIENT>T25</H_ORIENT> <V_ORIENT>179</V_ORIENT> </loc:SLO> XML LOCATION DATA

  8. SOAP Service Request POST /Temperature HTTP/1.1 Host: www.lbs-proxyserver.com Content-Type: text/xml Content-Length: 357 SOAPAction: "http://weather.org/query#GetTemperature" <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <SOAP-ENV:Body> <m:GetTemperature xmlns:m="http://weather.org/query"> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#3des-cbc'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:KeyName>KeyID </ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue>XkIHMHS4ka4CXFWA3yESBqQzIp21D1MHYgeREk3i50BBDrPGPUCkL7bXoC8S9 QlIKbghAkHbZDgrzBI6yvP33</CipherValue> </CipherData> </m:GetTemperature> </SOAP-ENV:Body> </SOAP-ENV:Envelope>

  9. Service Modules • Publishing location • DNS RRLOC • DNS Update using TSIG • Requesting information based on location • Location based Info services • Unlinkability MobileID - Location - InfoRequest

  10. Conclusions • Using a proxy server between the mobile and the location based services we can hide the location of the mobile device. • Using XML Encryption and signatures in Simple Object Access Protocol service requests we can provide both message digest and message authentication (accountability).

  11. ConclusionsPE-LBS and MIX networks • Three benefits of the PE-LBS architecture: • A PE-LBS proxy can act as a “mix” by buffering and changing the sequence of processing SOAP requests. • Chain of PE-LBS can be used as a “mix network”. • All the functionalities are Transport Independent.

  12. More info Location Privacy and Mobile Internetworking http://www.it.kth.se/~aep/publications <aep@kth.se>

More Related