Journal of the ACM (JACM)
Location Privacy in Pervasive Computing
IEEE Pervasive Computing
Preserving Privacy in Environments with Location-Based Applications
IEEE Pervasive Computing
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Protecting Client Privacy with Trusted Computing at the Server
IEEE Security and Privacy
Privacy for RFID through trusted computing
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
The new Casper: query processing for location services without compromising privacy
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking
Proceedings of the 1st international conference on Mobile systems, applications and services
PRIVE: anonymous location-based queries in distributed mobile systems
Proceedings of the 16th international conference on World Wide Web
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Improving the Robustness of Private Information Retrieval
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Cryptographic support for secure logs on untrusted machines
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Safeguarding location privacy in wireless ad-hoc networks
UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
Privacy for profitable location based services
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Preserving user location privacy in mobile data management infrastructures
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
I am a sensor, and I approve this message
Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
Preventing multi-query attack in location-based services
Proceedings of the third ACM conference on Wireless network security
Hi-index | 0.00 |
Many operators of cellphone networks now offer location-based services to their customers, whereby an operator often outsources service provisioning to a third-party provider. Since a person's location could reveal sensitive information about the person, the operator must ensure that the service provider processes location information about the operator's customers in a privacy-preserving way. So far, this assurance has been based on a legal contract between the operator and the provider. However, there has been no technical mechanism that lets the operator verify whether the provider adheres to the privacy policy outlined in the contract. We propose an architecture for location-based services based on Trusted Computing and Secure Logging that provides such a technical mechanism. Trusted Computing lets an operator query the configuration of a location-based service. The operator will hand over location information to the service only if the service is configured such that the service provider cannot get access to location information using software-based attacks. This includes passive attacks, where the provider monitors information flowing into and out of its service, and active attacks, where the provider modifies or injects customer queries to the service. We introduce several requirements that must be satisfied by a location-based service to defend against passive attacks. Furthermore, we present Secure Logging, an auditing mechanism to defend against active attacks.