Mutually private location proximity detection with access control

Michael G. Solomon, Vaidy Sunderam, Li Xiong, Ming Li

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Mobile application users want to consume location-based services without disclosing their locations and data owners (DO) want to provide different levels of service based on consumer classifications, sometimes without disclosing areas of interest (AOI) locations to all users. Both actors want to leverage location-based services utility without sacrificing privacy. We propose a protocol that supports queries from different classifications of users, such as subscribers/non-subscribers, or inter-nal/external personnel, and imposes embedded fine-grained access control without disclosing user or DO location information. We use Ciphertext Policy Attribute-Based Encryption (CP-ABE) and Hidden Vector Encryption (HVE) to provide flexible access control and mutually private proximity detection (MPPD). Our protocol minimizes expensive cryptographic operations through the use of location mapping with compressed Gray codes, each representing multiple locations. Our protocol encrypts AOI locations using HVE, and then encrypts AOI information using CP-ABE with an expressive access policy. Our protocol’s use of these two encryption methods allows DOs to define a single set of AOIs that can be accessed by sets of users, each with potentially different access permissions. A separate service provider (SP) processes queries without divulging location information of the user or any DO provided AOI.

Original languageEnglish (US)
Title of host publicationData and Applications Security and Privacy XXXI - 31st Annual IFIP WG 11.3 Conference, DBSec 2017, Proceedings
EditorsSencun Zhu, Giovanni Livraga
PublisherSpringer-Verlag
Pages164-184
Number of pages21
ISBN (Print)9783319611754
DOIs
StatePublished - 2017
Event31st Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2017 - Philadelphia, United States
Duration: Jul 19 2017Jul 21 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10359 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference31st Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2017
Country/TerritoryUnited States
CityPhiladelphia
Period7/19/177/21/17

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Mutually private location proximity detection with access control'. Together they form a unique fingerprint.

Cite this