Inside GNSS Media & Research

NOV-DEC 2017

Issue link:

Contents of this Issue


Page 61 of 67

62 Inside GNSS N O V E M B E R / D E C E M B E R 2 0 1 7 network, compared with the case when only RSS information is used. A n a lter nat ive to t he sit u at ion when the user communicates with the network in order to get his/her posi- tion information via timing or angle approaches is the situation when the network broadcasts some signa ling messages for all users in range, and such broadcast messages include the location of the network ANs, the starting time of the signaling message, and possibly some additional information, such as the forwarding time between two ANs. is approach has been proposed for the future 802.11az WLAN standard (see Additional Resources) and it is worth mentioning because it can offer a fully privacy-preserving approach, as the user is not sending back any information to the network. e concept is illustrated in Figure 3 . e ANs in a certain area or building are assumed to be synchronized and to belong to a certain LSP. One of the ANs in the network acts as an initiator and starts sending broadcast and forward- ing messages in its range. Each AN that receives a forwarding message, re-sends it further with a certain delay (known to the network and broadcast in the broadcasting message). e mobile user receives such broadcast messages from all the ANs in range, and it is able to compute its position via hyperbolic tri- lateration (V. Sark et alia), as the ANs' positions are known (transmitted in the broadcast messages). Such a positioning mechanism has recently been studied by E. S. Santiago. It has been found that at least 10 ANs must be in range of the user mobile in order to achieve good location accuracy. A basic open-source simulator for 802.11az-based positioning studies is also available from E. S. Lohan (see Additional Resources). Methods to Protect Location Privacy As the discussions so far show, there is an emerging need for protecting user location privacy and various methods and measures have already been stud- ied or adopted. In our previous article, we described several possible methods currently used or proposed to protect location privacy, such as location cloak- ing, location obfuscation, position shar- ing, k-anonymity approaches, and mix zones. Table 1 presents a summary of privacy-preserving or privacy-protecting methods for user wireless localization. e listed methods have been devel- oped in light of certain attack scenarios and are vulnerable to attacks in which the adversary has further knowledge than originally assumed in the sce- nario. Here we mention only the base algorithms, to which many extensions WORKING PAPERS Method Stakeholder in charge Challenges Laws and policies to protect the privacy of localization Governments Typically, slow process and only a general framework that must be filled sensibly by the service providers Mobile-centric ("passive") localization, according to the first definition of passivity (see fourth section of this article) Device manufacturers and LSP High computational complexity and high power consumption on battery-operated user devices; might be unfeasible for low-cost IoT sensors Random user identities LSP User's identity can usually be easily inferred from four or more regular locations Hashed-based ID variation LSP and Anonymizer There is typically the need for a third party, called an Anonymizer; issues of trust and security might be raised when the additional link to/from the Anonymizer is introduced k-anonymity/ spatial cloaking/ mix zones LSP and Anonymizer Also typically needs a third party, called an Anonymizer. Finding a sensible area of k users of the cluster may also be challenging. Spatial and/or temporal position obfuscation LSP Inaccurate or imprecise; applicability depends on the granularity required for certain LBS Encryption & cryptographic keys User and LSP/LBSP Computational complexity Position Sharing LSP /LBSP Infrastructure and communication overhead Secure clouds LSP Deriving powerful cryptographic methods with low latencies Proximity-based access LBSP Attackers found in the proximity of the user can still eavesdrop the user's location Table 1 Summary of privacy-preserving methods in user localization FIGURE 3 "Passive positioning" via TOF, according to 802.11az upcom- ing standard Forwarding message Synchronized AN network AN1 AN2 AN3 Broadcast messages Broadcast messages TOF measurements

Articles in this issue

Links on this page

view archives of Inside GNSS Media & Research - NOV-DEC 2017