Role(s) of a Proxy in Location Based Services, IEEE Proceeding of the International Symposium on Personal Indoor and Mobile Radio Communications (PIMRC 2002)

Published 31 Aug 2002 by Alberto Escudero Pascual and Gerald Q. Maguire

bulletDownload: pimrc2002-escuderoa-maguireg.pdf

Logo PIMRC

We examine a number of roles that a proxy server can play in Location Based Services and how it can be used to provide protection of personal identifiable information. Location data, service requests, and privacy policies are encoded in XML by the mobile terminal and forwarded to a proxy server placed between the mobile terminal and the location based service(s). We will show that by a suitable architecture in the mobile client and in the proxy that we can hide the network location of the mobile device, hide the identity of the user of the mobile device, and in some cases even provide misleading physical location(s) for the mobile device. We will illustrate a number of di˙erent functions which can be provided by examining some scenarios.

In order to illustrate our approach, we have applied our privacy model to location information obtained from a Global Positioning System receiver. Among the difeerent methods to obtain a mobile's position the GPS-based method was chosen as being the only method, available today, where the Positioning Calculation Function (PCF) is fully under the user's control, since the position is calculated within the GPS-equipped mobile terminal; while other technologies rely on the network infrastructure and hence some or all of the position data is outside the control of the user.

A proof of concept was implemented using Fastrax's iTrax02 GPS receiver. The iTrax02 is an ultra-low power consumption receiver, roughly the size of a stamp and specifically designed for small portable devices. In one of the scenarios, the location information is encrypted using a public key encryption scheme (with multiple private keys), embedded in a XML message and transmited to a proxy that runs a secure DNS update module. This location privacy solution allows a mobile terminal to publish its location as an encrypted DNS location record via the proxy, while concealing from eavesdroppers and third parties the relation between the location information and the identity of the mobile terminal and its user.

Keyword(s): Location Privacy, Mobile Internet, Wireless