Publication


Designing and verifying core protocols for location privacy

Proceedings of ISC'06


Author(s): David von Oheimb and Jorge Cuellar
Year: 2006
Publisher: Springer LNCS
Editor: S.K. Katsikas, J. Lopez, M. Backes, S. Gritzalis, B. Preneel
CR Classification: D.2.4, D.3.1, F.3.1
CR General Terms: Languages, Verification, Theory
Keywords: protocol analysis, model checking
Abstract: Geographic privacy services provide location information on roaming targets to location recipients via location servers, in a way that protects the privacy of the individuals involved.
In this paper we propose and discuss new protocols representing the core of Geopriv, with particular focus on the security requirements stated in the IETF's RFC 3693. Using the AVISPA tool, we check that these requirements, namely anonymity against the location server, as well as confidentiality, integrity, and authenticity of the location information, are actually met.
In the design phase of such protocols, numerous variants are to be considered and evaluated. Here the use of model checkers turns out to be very helpful in exploring the security implications quickly and precisely.


Copyright © 2006 Springer-Verlag.
This paper has been published by Springer LNCS.
Preprint version

BibTeX entry:

@inproceedings{Geopriv06, author = {Oheimb, David von and Cuellar, Jorge}, title = {Designing and verifying core protocols for location privacy}, booktitle = {Information Security}, editor = {S.K. Katsikas and J. Lopez and M. Backes and S. Gritzalis and B. Preneel}, conference = {9th Information Security Conference (ISC'06)}, publisher = {Springer}, series = {LNCS}, volume = 4176, year = 2006, note = {Presented at the 9th Information Security Conference (ISC'06), preprint version at \url{http://ddvo.net/papers/Geopriv.html}}, abstract = { Geographic privacy services provide location information on roaming targets to location recipients via location servers, in a way that protects the privacy of the individuals involved. In this paper we propose and discuss new protocols representing the core of Geopriv, with particular focus on the security requirements stated in the IETF's RFC 3693. Using the AVISPA tool, we check that these requirements, namely anonymity against the location server, as well as confidentiality, integrity, and authenticity of the location information, are actually met. In the design phase of such protocols, numerous variants are to be considered and evaluated. Here the use of model checkers turns out to be very helpful in exploring the security implications quickly and precisely. }, CRClassification = {D.2.4, F.1.2, H.2.0}, CRGenTerms = {Security, Theory, Verification} }