Cryptographic Spatio-temporal Predicates for Location-Based Services

The increasing spread of location-based services (LBSs) has led to a renewed research interest in location-based security, especially location-based access control. It also raises a lot of concern on potential privacy violation due to the possibility of identifying the user who requests a given service based on her/his location information at the time of the request. To ensure the credibility and availability of LBSs, there is a pressing requirement for addressing security and privacy issues of LBSs in a synergistic way. In this paper, we propose an innovative access control mechanism for LBSs, enabling both fine-grained access control and effective privacy protection. Our proposed approach is based on the construction of cryptographic spatio-temporal predicates by means of efficient secure integer comparison. Our experimental results not only validate the effectiveness of our scheme, but also demonstrate that the proposed integer comparison scheme performs better than previous bit wise comparison scheme.

[1]  Ernesto Damiani,et al.  Supporting location-based conditions in access control policies , 2006, ASIACCS '06.

[2]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[3]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[4]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[5]  Jyh-haw Yeh,et al.  An RSA-based time-bound hierarchical key assignment scheme for electronic article subscription , 2005, CIKM '05.

[6]  Vijayalakshmi Atluri,et al.  Spatiotemporal Access Control Enforcement under Uncertain Location Estimates , 2009, DBSec.

[7]  Walid G. Aref,et al.  GPAC: generic and progressive processing of mobile queries over mobile data , 2005, MDM '05.

[8]  Ernesto Damiani,et al.  Location Privacy Protection Through Obfuscation-Based Techniques , 2007, DBSec.

[9]  Anne V. D. M. Kayem Adaptive cryptographic access control for dynamic data sharing environments , 2008 .

[10]  Upkar Varshney,et al.  Location management for mobile commerce applications in wireless Internet environment , 2003, TOIT.

[11]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[12]  Mudhakar Srivatsa,et al.  A Scalable Method for Access Control in Location-Based Broadcast Services , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[13]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[14]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[15]  Elisa Bertino,et al.  The PROBE Framework for the Personalized Cloaking of Private Locations , 2010, Trans. Data Priv..

[16]  Jason Crampton,et al.  Practical and efficient cryptographic enforcement of interval-based access control policies , 2011, TSEC.

[17]  Jong Kim,et al.  Protecting location privacy using location semantics , 2011, KDD.

[18]  Marina Blanton,et al.  Efficient Multi-dimensional Key Management in Broadcast Services , 2010, ESORICS.

[19]  Alfredo De Santis,et al.  New constructions for provably-secure time-bound hierarchical key assignment schemes , 2008, Theor. Comput. Sci..

[20]  Chi-Yin Chow,et al.  Towards location-based social networking services , 2010, LBSN '10.

[21]  Telecommunications Board,et al.  IT Roadmap to a Geospatial Future , 2003 .

[22]  Manish Parashar,et al.  Dynamic context-aware access control for grid applications , 2003, Proceedings. First Latin American Web Congress.

[23]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[24]  Peter Steenkiste,et al.  Access control to people location information , 2005, TSEC.

[25]  Alec Wolman,et al.  Enabling new mobile applications with location proofs , 2009, HotMobile '09.

[26]  Mikhail J. Atallah,et al.  Efficient and secure distribution of massive geo-spatial data , 2009, GIS.

[27]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[28]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[29]  Mohsen Sharifi,et al.  Providing location privacy in pervasive computing through a hybrid mechanism , 2010 .

[30]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[31]  Sabrina De Capitani di Vimercati,et al.  A privacy-aware access control system , 2008, J. Comput. Secur..

[32]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[33]  Mudhakar Srivatsa,et al.  Scalable Key Management Algorithms for Location-Based Services , 2009, IEEE/ACM Transactions on Networking.