privacy in vehicular networks and location-based services · location-based services francesc sebé...
TRANSCRIPT
![Page 1: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/1.jpg)
Privacy in Vehicular Networks and Location-Based Services
Francesc Sebé FeixasCRISES research group
Rovira i Virgili University of TarragonaJune 2007
![Page 2: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/2.jpg)
Index Introduction Privacy in vehicular networks Privacy in location-based services
![Page 3: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/3.jpg)
Introduction Location privacy
“Ability to prevent other parties from learning one’s current or past position”
Not a problem in GPS Passive receiver
To consider in Mobile telephony Ubiquitous computing Vehicular networks
![Page 4: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/4.jpg)
Privacy in Vehicular Networks
![Page 5: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/5.jpg)
MANET MANET (Mobile Ad-hoc Network)
Network formed by self-organized mobile nodes without infrastructure
![Page 6: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/6.jpg)
VANET VANET (Vehicular Ad-hoc Network)
Mobile nodes placed in vehicles Fix nodes located on traffic infrastructure
(signals, semaphores, etc)
![Page 7: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/7.jpg)
Communication types
“Alert” messagesWarn about dangerous actions
Braking
![Page 8: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/8.jpg)
Communication types “Alert” messages• Warn about dangerous actions•BrakingLimited disseminationHard real time requirementsAccidents prevention
![Page 9: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/9.jpg)
Communication types “Announcement” messages
Inform about facts that disrupt the traffic
![Page 10: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/10.jpg)
Communication types “Announcement” messages
Inform about facts that disrupt the traffic Traffic jams, accidents
Wide dissemination Soft real time requirements They permit to choose alternative routes to
avoid the troubled points
![Page 11: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/11.jpg)
Communication types TCP/IP communications
Internet access Instantaneous messages among vehicles
![Page 12: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/12.jpg)
Privacy in VANET Information about driving habits is
highly confidential Frequented places Timetables Personality Offenses
![Page 13: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/13.jpg)
Routing in VANET The nodes of a VANET are very
dynamic Constant change of location Arrival and departure of nodes
Location-based routing ‘Hello beacon’ messages → Each node
periodically indicates its position
![Page 14: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/14.jpg)
Privacy in VANET Anonimity
The identity of a node is not known Use of pseudonyms
Unlinkability Different interactions can't be linked Requires periodic change of addresses,
identifiers, etc.
![Page 15: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/15.jpg)
Privacy in VANET VANET without privacy
Joan
Anna
Rosa
![Page 16: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/16.jpg)
Privacy in VANET Anonimity (permits tracking)
?
?
?
![Page 17: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/17.jpg)
Privacy in VANET Anonimity and unlinkability
?
?
?
![Page 18: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/18.jpg)
Security in VANET Security is basic in a VANET Malicious messages can cause
Accidents Traffic complications
![Page 19: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/19.jpg)
Security in VANET External attackers
Prevention using cryptography Authorized nodes know a secret key
![Page 20: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/20.jpg)
Security in VANET Authorized nodes add an authentication
code to messages The code demonstrates knowledge on the
secret key Verifiable from a public key certificate Allows tracking Interchangeable pseudonyms
Costly management
![Page 21: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/21.jpg)
Privacy vs Security Anonimity
It is not known who has carried out a certain action
How to take measures against users who have performed in a fraudulent way?
Internal attackers Revocable anonimity
TTP can revoke anonimity
![Page 22: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/22.jpg)
Privacy vs Security A priori measures
Prevent authorized nodes from sending fraudulent information
A message is considered valid if it has been supported by a minimum number of vehicles
![Page 23: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/23.jpg)
Standards IEEE 1609
United States Funded by the Dept. of Transport
WAVE system Wireless Access in Vehicular Environments
Composed of four standards One of them is still being developed Vehicles equipped by default in 2011
![Page 24: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/24.jpg)
Standards Security in IEEE 1609 (1609.2)
Public key + Digital certificates Semantically secure cryptography
Privacy They mention it is necessary to avoid tracking by
MAC address Through frequent change
They mention the need for a mechanism to send authenticated messages in an anonymous way
Privacy issues are left for future work
![Page 25: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/25.jpg)
Standards C2C-CC (Car to Car – Communication
Consortium) European area Consortium of vehicle manufacturers and
suppliers of electronic components
Under development
![Page 26: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/26.jpg)
Standards Security requirements C2C-CC
Correct and reliable information Robustness (DoS) Privacy
Privacy (open topic) Anonymous certificates (blind signatures) Short time certificates Zero-knowledge proofs
![Page 27: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/27.jpg)
Privacy in location-based services
![Page 28: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/28.jpg)
LBS introduction LBS=Location-Based Services User receives information depending on
its location Emergency assistance Touristic information: hotels, monuments,
restaurants... Itineraries
![Page 29: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/29.jpg)
Privacy in LBS Service provider learns the location
from user queries He will be able to infer
Frequented places Timetables Habits, hobbies
![Page 30: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/30.jpg)
Privacy in LBS Applications where it is necesari to
reveal identity Subscription services I don't want to reveal where I am I distort my location Tradeoff between privacy and the quality
of the received information
![Page 31: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/31.jpg)
Privacy in LBS Applications that provide anonymity to
the user It is not known who I am I can reveal my location
![Page 32: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/32.jpg)
Privacy in LBS How to achieve anonymity
Without TTP Technically difficult (addresses, identifiers,
keys) Situation in VANET
With TTP User sends the query to a trusted anonymizer
![Page 33: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/33.jpg)
Privacy in LBS Anonymity with TTP
The anonymizer receives the query Eliminates the identifier Possibly distorts the position Sends the query to the service provider
![Page 34: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/34.jpg)
Privacy in LBS Why is it necessary that the anonymizer
distorts the location?
(Query,Location,Identity)
(Query,Location)
Anonymizer Provider
![Page 35: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/35.jpg)
Privacy in LBS Why is it necessary that the anonymizer
distorts the location?
Operator
(Location)
(Identity)
(Query,Location,Identity)
(Query,Location)
Anonymizer Provider
![Page 36: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/36.jpg)
Privacy in LBS k-Anonymity
‘‘Location’’ assignable to at least k users
(Query,Location,Identity)
(Query,“Location”)
Anonymizer Provider
![Page 37: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/37.jpg)
k-Anonymity What happens if we don't trust the
anonymizer? Distributed system to mask the location Users calculate the “location” in a
collaborative way
![Page 38: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/38.jpg)
Users trust each others They share location
(Identity, Query,
“Location’’)
(x,y)
(x,y)(x,y)
(x,y)
k-Anonymity
![Page 39: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/39.jpg)
We reduce confidence Share location with noise (x,y)+(Nx,Ny)
(x’,y’)
(x’,y’)(x’,y’)
(x’,y’)
k-Anonymity
(Identity, Query,
“Location’’)
![Page 40: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/40.jpg)
We reduce confidence Use of privacy homomorphism
E(x’,y’)
E(x’,y’)E(x’,y’)
E(x’,y’)
k-Anonymity
(Identity, Query,
E(“Location’’))
![Page 41: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/41.jpg)
We reduce confidence Homomorphism + Paths
E(x’’,y’’)
E(x,y)E(x’,y’)
E(x’’’,y’’’)
k-Anonymity
(Identity, Query,
E(“Location’’))
![Page 42: Privacy in Vehicular Networks and Location-Based Services · Location-Based Services Francesc Sebé Feixas CRISES research group Rovira i Virgili University of Tarragona June 2007](https://reader033.vdocuments.us/reader033/viewer/2022050214/5f6043a9093d175f223a5483/html5/thumbnails/42.jpg)
Conclusions Vehicular networks and location-based
services Reveal information about user's location Very confidential information Measures have to be taken Open research topic