Location Assurance and Privacy in Location-based Services

Doctoral thesis (2014)

Due to the development of global navigation satellite systems (GNSS), people are able to obtain their precise locations in real time. This in turn leads to a wide range of location-based services (LBS ... [more ▼]

Due to the development of global navigation satellite systems (GNSS), people are able to obtain their precise locations in real time. This in turn leads to a wide range of location-based services (LBS), through which a user can acquire information customised to locations. However, the vulnerabilities of GNSS systems and the exposure of information such as locations and queries in LBS requests impose a strong need from users on security. In this thesis, we study two security requirements in LBSs: location assurance and privacy. Location assurance expresses users’ requirement for trustworthy locations in terms of correctness and precision while privacy addresses users’ concern about personal information leakage in LBSs. First, we present a trust framework to detect spoofing by evaluating the integrity of GNSS signals. The framework combines existing spoofing detection methods to generate an overall quantitative evaluation of the integrity of received signals. Based on this evaluation, users can determine the extent to which they can trust their locations. We implement a prototype based on our framework and develop a public service called location assurance certification. In this service, a trusted agent is introduced to issue certificates for users’ locations according to the integrity of their received signals. Second, we propose a general approach to protect users’ query privacy when the adversary has access to various contextual information. We present a probabilistic framework, in which we formally define the attacks to infer the issuers of LBS queries by exploring various contextual information. With this framework, we propose a series of query privacy metrics. These metrics not only measure query privacy from different perspectives but also enable users to express their requirements for query privacy flexibly and precisely. Our framework finally allows us to develop new mechanisms which provide protection for users’ query privacy satisfying their requirements. Third, we address location privacy. Many location privacy preserving methods (LPPM) have been proposed to protect users’ location privacy. A user will make use of them to break the link between his identity and his locations when requesting LBSs. We propose a new attack on location privacy based on the adversary’s observation on users’ locations protected by LPPMs. Compared to existing attacks which target at where users went, our attack provides the adversary with sufficient information to infer what users did, i.e., their activities. Specifically, through our attack, the adversary learns the places where users performed activities and their beginning and ending time of each activity. To achieve this goal, we explore the patterns of users with respect to movements and requesting LBSs, i.e., user profiles. [less ▲]

DEMO: Demonstrating a Trust Framework for Evaluating GNSS Signal Integrity

in Proceedings of 20th ACM Conference on Computer and Communications Security (CCS'13) (2013, November)

Through real-life experiments, it has been proved that spoofing is a practical threat to applications using the free civil service provided by Global Navigation Satellite Systems (GNSS). In this paper, we ... [more ▼]

Through real-life experiments, it has been proved that spoofing is a practical threat to applications using the free civil service provided by Global Navigation Satellite Systems (GNSS). In this paper, we demonstrate a prototype that can verify the integrity of GNSS civil signals. By integrity we intuitively mean that civil signals originate from a GNSS satellite without having been artificially interfered with. Our prototype provides interfaces that can incorporate existing spoofing detection methods whose results are then combined into an overall evaluation of the signal’s integrity, which we call integrity level. Considering the various security requirements from different applications, integrity levels can be calculated in many ways determined by their users. We also present an application scenario that deploys our prototype and offers a public central service – localisation assurance certification. Through experiments, we successfully show that our prototype is not only effective but also efficient in practice. [less ▲]

Constructing and comparing user mobility profiles for location-based services

in Proc. 28th ACM Symposium on Applied Computing (2013)

A trust framework for evaluating GNSS signal integrity

in Proceedings of 26th IEEE Computer Security Foundations Symposium (CSF'13) (2013)

Guidelines for the use and interpretation of assays for monitoring autophagy.

in Autophagy (2012), 8(4), 445-544

In 2008 we published the first set of guidelines for standardizing research in autophagy. Since then, research on this topic has continued to accelerate, and many new scientists have entered the field ... [more ▼]

In 2008 we published the first set of guidelines for standardizing research in autophagy. Since then, research on this topic has continued to accelerate, and many new scientists have entered the field. Our knowledge base and relevant new technologies have also been expanding. Accordingly, it is important to update these guidelines for monitoring autophagy in different organisms. Various reviews have described the range of assays that have been used for this purpose. Nevertheless, there continues to be confusion regarding acceptable methods to measure autophagy, especially in multicellular eukaryotes. A key point that needs to be emphasized is that there is a difference between measurements that monitor the numbers or volume of autophagic elements (e.g., autophagosomes or autolysosomes) at any stage of the autophagic process vs. those that measure flux through the autophagy pathway (i.e., the complete process); thus, a block in macroautophagy that results in autophagosome accumulation needs to be differentiated from stimuli that result in increased autophagic activity, defined as increased autophagy induction coupled with increased delivery to, and degradation within, lysosomes (in most higher eukaryotes and some protists such as Dictyostelium) or the vacuole (in plants and fungi). In other words, it is especially important that investigators new to the field understand that the appearance of more autophagosomes does not necessarily equate with more autophagy. In fact, in many cases, autophagosomes accumulate because of a block in trafficking to lysosomes without a concomitant change in autophagosome biogenesis, whereas an increase in autolysosomes may reflect a reduction in degradative activity. Here, we present a set of guidelines for the selection and interpretation of methods for use by investigators who aim to examine macroautophagy and related processes, as well as for reviewers who need to provide realistic and reasonable critiques of papers that are focused on these processes. These guidelines are not meant to be a formulaic set of rules, because the appropriate assays depend in part on the question being asked and the system being used. In addition, we emphasize that no individual assay is guaranteed to be the most appropriate one in every situation, and we strongly recommend the use of multiple assays to monitor autophagy. In these guidelines, we consider these various methods of assessing autophagy and what information can, or cannot, be obtained from them. Finally, by discussing the merits and limits of particular autophagy assays, we hope to encourage technical innovation in the field. [less ▲]

Implementation and Validation of a Localisation Assurance Service Provider

in Proc. 6th ESA Workshop on Satellite Navigation Technologies (2012)

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with ... [more ▼]

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with the integrity and authenticity of satellite signals: they can delay signals, or re-broadcast signals. Positioning is thus compromised and location-based services are at risk.This paper describes a solution to mitigate this risk. It is a trusted third-party Localisation Assurance service that informs location-based services providers up to which level a location claimed by client can be trusted. It runs several tests over the localisation data of client receivers and certifies the level of assurance of locations. An assurance level expresses the amount of trust the third-party has that a receiver's location is calculated from integral and authentic satellite signals. [less ▲]

Improving automatic verification of security protocols with XOR

in Proc. 11th International Conference on Formal Engineering Methods (2009)