52 research outputs found
Privacy and location-aware service discovery for mobile and ubiquitous systems
Wireless networks play a major role in allowing the deployment of ubiquitous distributed systems. In these networks, service discovery should not only allow finding available networked services, but should also take into account the physical proximity of the entities requesting these services.
However, physical proximity is not a sufficient criteria for service search and selection, as close attention should be paid to privacy issues. In this paper we present the design issues that should be considered in order to properly support service discovery based on the physical location of clients; these issues are taken into account for the proposal of an architecture for context-aware distributed systems that consider privacy concerns8th IFIP/IEEE International conference on Mobile and Wireless CommunicationRed de Universidades con Carreras en Informática (RedUNCI
Privacy Issues of the W3C Geolocation API
The W3C's Geolocation API may rapidly standardize the transmission of
location information on the Web, but, in dealing with such sensitive
information, it also raises serious privacy concerns. We analyze the manner and
extent to which the current W3C Geolocation API provides mechanisms to support
privacy. We propose a privacy framework for the consideration of location
information and use it to evaluate the W3C Geolocation API, both the
specification and its use in the wild, and recommend some modifications to the
API as a result of our analysis
Conveying and Handling Location Information in the IP Multimedia Subsystem
The IP Multimedia Subsystem (IMS), specified by the 3rd Generation Partnership Project (3GPP), is a key element in the next-generation network (NGN) converged architecture. Extending the IMS towards provisioning support for location based services (LBS) will enable enhanced services and offer new revenues to the operator. Conveying location information in the IMS and connecting the IMS with a positioning system are still open issues. This paper presents the design and implementation of an IMS Location Server (ILS) integrating IMS with a positioning system. From the IMS perspective, the ILS serves as a service enabler for LBS. In order to demonstrate proof-of-concept in enhancing IMS-based services, two prototype service scenarios have been implemented: Location-aware Messaging (LaM), and Location-aware Push-to-Talk over cellular (LaPoC). Some work has been done by the IETF in the area of location information transport based on the Session Initiation Protocol (SIP). This paper proposes improvements in this area, primarily related to reducing the necessary amount of signaling with the specification of a new type of location filter. We have conducted measurements in a laboratory environment in order to illustrate our proposed solution and verify the benefits compared to existing solutions in terms of traffic load and session establishment time. Furthermore, we present a case study integrating the ILS with the Ericsson Mobile Positioning System (MPS)
On User Privacy for Location-based Services
This thesis investigates user privacy concerns associated with
the use of location based services. We begin by introducing
various privacy schemes relevant to the use of location based
services.
We introduce the notion of constraints, i.e. statements
limiting the use and dis tribution of Location Information
(LI), i.e. data providing information regarding a subject's
location. Constraints can be securely bound to LI, and are
designed to reduce threats to privacy by controlling its
dissemination and use. The various types of constraint which
may be required are also considered. The issues and risks with
the possible use of constraints are discussed, as are possible
solutions to these hazards.
To address some of the problems that have been identified with
the use of constraints, we introduce the notion of an LI
Preference Authority (LIPA). A LIPA is a trusted party which
can examine LI constraints and make decisions about LI
distribution without revealing the constraints to the entity
requesting the LI. This is achieved by encrypting both the LI
and the constraints with a LIPA encryption key, ensuring that
the LI is only revealed at the discretion of the LIPA. We
further show how trusted computing can be used to enhance
privacy for LI. We focus on how the mechanisms in the Trusted
Computing Group specifications can be used to enable the holder
of LI to verify the trustworthiness of a remote host before
transferring the LI to that remote device. This provides
greater assurance to end users that their expressed preferences
for the handling of personal information will be respected.
The model for the control of LI described in this thesis has
close parallels to models controlling the dissemination and use
of other personal information. In particular, Park and Sandhu
have developed a general access control model intended to
address issues such as Digital Rights Management, code
authorisation, and the control of personal data. We show how
our model for LI control fits into this general access control
model.
We present a generic service which allows a device to discover
the location of other devices in ad hoc networks. The
advantages of the service are discussed in several scenarios,
where the reliance on an infrastructure such as GPS satellites
or GSM cellular base stations is not needed. An outline of the
technology which will be needed to realise the service is
given, along with a look at the security issues which surround
the use of this location discovery service.
Finally, we provide conclusions and suggestions for future
work
SIP presence location service
This paper presents an innovative use of the Session Initiation Protocol (SIP) for the subscription and notification of geographic information in order to provide a privacy concerned location-based service. SIP is a signaling protocol used for establishing sessions in an IP network. It has been widely used for Internet conferencing and telephony. This research project aims to enhance the SIP presence model in order to protect sensitive geographic information. To achieve this goal, we thoroughly analyzed existing Location-Based Services (LBS), reviewed LBS designs’ pitfalls and identified several key privacy requirements. Based on this research, we presented a SIP flow that meets the privacy requirements. This SIP message flow includes SUBSCRIBE, NOTIFY and PUBLISH messages. A data format to carry geographic location information has also been introduced. The data format is based on Presence Information Data Format (PIDF). We define it as Location-enhanced PIDF, or LPIDF. LPIDF contains geographical information objects. We hope that the outcome of this research project will provide rich, convenient, privacy concerned architecture for LBS. Because LPIDF is based on SIP, this approach can be easily integrated into IP telephony services. LPIDF enables personalization of the Location-Based services address user privacy concerns and hereby increase their satisfaction.Telkom, Cisco, THRI
Privacy and location-aware service discovery for mobile and ubiquitous systems
Wireless networks play a major role in allowing the deployment of ubiquitous distributed systems. In these networks, service discovery should not only allow finding available networked services, but should also take into account the physical proximity of the entities requesting these services.
However, physical proximity is not a sufficient criteria for service search and selection, as close attention should be paid to privacy issues. In this paper we present the design issues that should be considered in order to properly support service discovery based on the physical location of clients; these issues are taken into account for the proposal of an architecture for context-aware distributed systems that consider privacy concerns8th IFIP/IEEE International conference on Mobile and Wireless CommunicationRed de Universidades con Carreras en Informática (RedUNCI
Extending IP Flow-Based Network Monitoring with Location Information
Internet Draft - IETFIP Flow-based monitoring lacks a mechanism to associate measured IP Flow information with the geographic location of the device where theIP Flows have been observed. This document defines a set of guidelines and best practices to extend IP Flow monitoring protocols with location information of the device (both fixed and mobile) that acts as an IP Flow metering process
- …