PROPS: A PRivacy-Preserving Location Proof System - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

PROPS: A PRivacy-Preserving Location Proof System

Résumé

A secure location-based service requires that a mobile user certifies his position before gaining access to a resource. Currently, most of the existing solutions addressing this issue assume a trusted third party that can vouch for the position claimed by a user. However, as computation and communication capacities become ubiquitous with the large scale adoption of smartphones by individuals, we propose to leverage on these resources to solve this issue in a collaborative and private manner. More precisely, we introduce PROPS, for PRivacy-preserving lOcation Proof System, which allows users to generate proofs of location in a private and distributed way using neighboring nodes as witnesses. PROPS provides security properties such as unforgeability and non-transferability of the proofs, as well as resistance to classical localization attacks. I. INTRODUCTION A Location-Based Service (LBS) takes advantage of the position of its users to deliver a service tailored to their current or past geolocated context. In practice, the position that a user transmits to an LBS is often computed determined by his own device. Thus, a malicious user can lie about his position by having his device transmitting a location of his choice. This type of attack can have a severe impact on applications such as real-time traffic monitoring, location-based access control, discount tied to the visit of a particular shop or local electronic election, to name a few. To counter this threat, an LBS should require its users to prove their actual or past position before granting them access to resources. This notion has been formalized through the concept of location proof (LP), which is a digital certificate attesting the position of a user at a specific moment in time. A location proof architecture is a trusted architecture that users can interact with to acquire LPs in a secure manner. However, relying on a dedicated architecture to certify the position of users raises important privacy concerns. First, the location privacy of users can be breached due to their regular interactions with the infrastructure (traceability issue). Another issue is for a malicious user to collect proof on behalf of another user with whom he colludes. This problem is known as the terrorist fraud in the literature of distance-bounding protocols. Furthermore, since often a LP is actually mainly a timestamped signature of a position, there is no mean for a user to change the granularity of the position endorsed by a LP without risking to tamper with its integrity. This property would be particularly interesting with respect to data minimization as it would enable a user to reveal only the granularity of his position (street, district, town,. . .) needed by the LBS to ensure its functionality. Finally, in most of the current architectures [16], [27], [24], LPs are stored
Fichier principal
Vignette du fichier
locationProof.pdf (1.27 Mo) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01242266 , version 1 (11-12-2015)

Identifiants

Citer

Sébastien Gambs, Marc-Olivier Killijian, Matthieu Roy, Moussa Traoré. PROPS: A PRivacy-Preserving Location Proof System. 33rd IEEE International Symposium on Reliable Distributed Systems, SRDS 2014,, Oct 2014, Nara, Japan. ⟨10.1109/SRDS.2014.37⟩. ⟨hal-01242266⟩
510 Consultations
585 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More