A User Location Privacy Protection Mechanism for LBS using Third Party-based Architectures

Abstract

Location Based Services are becoming more and more popular as users are enjoying a wide range of services such as tracking friends, finding the nearest cash machine, querying for nearby restaurants, etc. However, protecting location privacy is becoming a growing concern, as principals are not willing to reveal any sensitive information about their locations, which can lead to disclosure of confidential and personal information. In addition, principals aim to be provided with a different privacy protection level mechanism based on their relationships. For example, some principals may need a low or medium privacy protection level when interacting with close friends or friends respectively. However, a high privacy protection level is required when interacting with public users. In this paper, we propose a privacy aware access control model using third party-based architectures. The proposed mechanism provides principals with different location privacy protection levels whenever they are willing to reveal whether they are visible and accessible or not. The proposed user location privacy mechanism is based on elliptic curve cryptography concepts, which can preserve the location privacy of the principals. The protocol is shown to achieve privacy protection for users' location. Through the informal security analysis, the proposed protocol is shown to be secure against many well-known location privacy threats. In addition, the proposed mechanism provides an efficient solution to overcome dynamic access control problems.