Reducing Dependency on Middleware for Pull Based Active Services in LBS Systems

The middleware is the most commonly used solution to address the location privacy. But it becomes a bottleneck in terms of system performance and availability as the entire client’s service transactions are routed through the middleware to the actual Location Based Service Providers (LSP). The proposed architecture mainly targets a variety of applications where the availability of the services is probably more important than the location security. In the new flexible middleware based architecture the client and the LSPs can communicate directly. Autonomy on the client-server communication increases the possibility of communication even in the scenarios where the middleware is not available. But it also introduces authentication and security challenges to be addressed. The trusted middleware is used to generate the authentication certificates containing the Proxy Identity (also called Pseudonyms) to fulfill the authentication requirements at the LSP servers. The rest of transactions among the clients and the LSPs are accomplished independently. Further, the level of anonymity can be tuned by altering pseudonyms generation techniques i.e. “One-to-One”, “One-to-Many” and “Many-to-One” depending on the type of the service and security requirements. It also attempts to maintain almost the same level of security for the targeted services.

[1]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[2]  Urs Hengartner,et al.  Hiding Location Information from Location-Based Services , 2007, 2007 International Conference on Mobile Data Management.

[3]  Ling Liu,et al.  A Customizable k-Anonymity Model for Protecting Location Privacy , 2004 .

[4]  Susan Hohenberger,et al.  Honest-Verifier Private Disjointness Testing Without Random Oracles , 2006, Privacy Enhancing Technologies.

[5]  Matthias Kabatnik,et al.  Towards Privacy Support in a Global Location Service , 2001 .

[6]  Jie Yang,et al.  A trusted infrastructure for facilitating access control of location information , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[7]  Douglas M. Blough,et al.  An attribute-based authorization policy framework with dynamic conflict resolution , 2010, IDTRUST '10.

[8]  Jochen Schiller,et al.  Location Based Services , 2004 .

[9]  Uwe Hansmann,et al.  Pervasive Computing , 2003 .

[10]  Panayiotis Kotzanikolaou,et al.  A distributed privacy-preserving scheme for location-based queries , 2010, 2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[11]  Cyrus Shahabi,et al.  Privacy in location-based applications; going beyond k-anonymity, cloaking and anonymizers , 2010 .

[12]  Jinli Cao,et al.  Ticket-Based Service Access Scheme for Mobile Users , 2002, ACSC.

[13]  Jan H. P. Eloff,et al.  New Approaches for Security, Privacy and Trust in Complex Environments: Proceedings of the Ifip Tc 11 22nd International Information Security Conference ... Federation for Information Processing) , 2007 .

[14]  Dimitra I. Kaklamani,et al.  A middleware architecture for privacy protection , 2007, Comput. Networks.

[15]  Kin-Yeung Wong NAN: Near-me Area Network , 2010 .

[16]  Sabrina De Capitani di Vimercati,et al.  Access Control in Location-Based Services , 2009, Privacy in Location-Based Applications.