Enabling secure location-based services in mobile cloud computing

The increasing spread of location-based services (LBSs) has led to a renewed research interest in the security of services. To ensure the credibility and availability of LBSs, there is a pressing requirement for addressing access control, authentication and privacy issues of LBSs in a synergistic way. In this paper, we propose an innovative location-based fine-grained access control mechanism for LBSs, enabling effective fine-grained access control, location-based authentication and privacy protection. Our proposed approach is based on the construction of a spatio-temporal predicate-based encryption by means of efficient secure integer comparison. Our experimental results not only validate the effectiveness of our scheme, but also demonstrate that the proposed integer comparison scheme performs better than previous bitwise comparison scheme.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[3]  Sabrina De Capitani di Vimercati,et al.  Access Control in Location-Based Services , 2009, Privacy in Location-Based Applications.

[4]  Jong Kim,et al.  Protecting location privacy using location semantics , 2011, KDD.

[5]  Jian Xu,et al.  A location privacy preserving algorithm based on linkage protection , 2010, 2010 IEEE International Conference on Information Theory and Information Security.

[6]  Sabrina De Capitani di Vimercati,et al.  A privacy-aware access control system , 2008, J. Comput. Secur..

[7]  Vijayalakshmi Atluri,et al.  Spatiotemporal Access Control Enforcement under Uncertain Location Estimates , 2009, DBSec.

[8]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[9]  Telecommunications Board,et al.  IT Roadmap to a Geospatial Future , 2003 .

[10]  Walid G. Aref,et al.  GPAC: generic and progressive processing of mobile queries over mobile data , 2005, MDM '05.

[11]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[12]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[13]  Elisa Bertino,et al.  The PROBE Framework for the Personalized Cloaking of Private Locations , 2010, Trans. Data Priv..

[14]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[15]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[16]  Gail-Joon Ahn,et al.  Comparison-based encryption for fine-grained access control in clouds , 2012, CODASPY '12.

[17]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[18]  Mudhakar Srivatsa,et al.  A Scalable Method for Access Control in Location-Based Broadcast Services , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.