• Journal of Internet Computing and Services
• /
• v.18 no.5
• /
• pp.31-38
• /
• 2017

Recently with the rapid development of LBS (Location-based Services) technology, approaches of protecting user's location have gained tremendous attentions. For using LBS, users need to forward their real locations to LBS server. However, if the user sends his/her real location to LBS server, the server will have the all the information about user in LBS. Moreover, if the user opens it to LBS server for a long time, the trajectory of user may be released. In this paper, we propose GTC (Grid-based Trajectory Cloaking) method to address the privacy issue. Different from existing approaches, firstly the GTC method sets the predicting trajectory and divides the map into $2^n*2^n$ grid. After that we will generate cloaking regions according to user's desired privacy level. Finally the user sends them to LBS server randomly. The GTC method can make the cost of process less than sequential trajectory k-anonymity. Because of confusing the departure and destination, LBS server could not know the user's trajectory any more. Thus, we significantly improve the privacy level. evaluation results further verify the effectiveness and efficiency of our GTC method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.125-137
• /
• 2007

This paper proposes a new scheme to provide the location privacy of sources in Wireless Sensor Networks (WSNs). Because the geographical location of a source sensor reveals contextual information on an 'event' in WSN, anonymizing the source location is an important issue. Despite abundant research efforts, however, about data confidentiality and authentication in WSN, privacy issues have not been researched well so far. Moreover, many schemes providing the anonymity of communication parties in Internet and Ad-hoc networks are not appropriate for WSN environments where sensors are very resource limited and messages are forwarded in a hop-by-hop manner through wireless channel. In this paper, we first categorize the type of eavesdroppers for WSN as Global Eavesdropper and Compromising Eavesdropper. Then we propose a novel scheme which provides the anonymity of a source according to the types of eavesdroppers. Furthermore, we analyze the degree of anonymity of WSN using the entropy-based modeling method. As a result, we show that the proposed scheme improves the degree of anonymity compared to a method without any provision of anonymity and also show that the transmission range plays a key role to hide the location of source sensors.

• The Journal of Society for e-Business Studies
• /
• v.15 no.3
• /
• pp.85-98
• /
• 2010

The prevailing infrastructure of ubiquitous computing paradigm on the one hand making significant development for integrating technology in the daily life but on the other hand raising concerns for privacy and confidentiality. This research presents a new privacy-preserving spatio-temporal query processing technique, in which location based services (LBS) can be serviced without revealing specific locations of private users. Existing location cloaking techniques are based on a grid-based structures such as a Quad-tree and a multi-layered grid. Grid-based approaches can suffer a deterioration of the quality in query results since they are based on pre-defined size of grids which cannot be adapted for variations of data distributions. Instead of using a grid, we propose a location-cloaking algorithm which uses the R-tree, a widely adopted spatio-temporal index structure. The proposed algorithm uses the MBRs of leaf nodes as the cloaked locations of users, since each leaf node guarantees having not less than a certain number of objects. Experimental results show the superiority of the proposed method.

• Journal of Korea Spatial Information System Society
• /
• v.11 no.1
• /
• pp.115-126
• /
• 2009

Recent development in wireless communication and mobile positioning technologies makes Location-Based Services (LBSs) popular. However, because, in the LBSs, users request a query to database servers by using their exact locations, the location information of the users can be misused by adversaries. Therefore, a mechanism for users' privacy protection is required for the safe use of LBSs by mobile users. For this, we, in this paper, propose a efficient cloaking region creation scheme using Hilbert curves in distributed grid environment, so as to protect users' privacy in LBSs. The proposed scheme generates a minimum cloaking region by analyzing the characteristic of a Hilbert curve and computing the Hilbert curve values of neighboring cells based on it, so that we may create a cloaking region to satisfy K-anonymity. In addition, to reduce network communication cost, we make use of a distributed hash table structure, called Chord. Finally, we show from our performance analysis that the proposed scheme outperforms the existing grid-based cloaking method.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.83-90
• /
• 2006

Recently, the security for RFID/USN environment is divided into network security and RFID security. The authentication protocol design for RFID security is studied to protect user privacy in RFID system. However, the study of efficient authentication protocol for RFID system is not satisfy a security for low-cost RFID tag and user privacy. Therefore, this paper proposes a secure matrix-based RFID authentication protocol that decrease communication overhead and computation. In result, the Matrix-based RFID authentication protocol is an effective authentication protocol compare with HB and $HB^+$ in traffic analysis attack and trace location attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.13-26
• /
• 2006

RFID technology is evaluated as one of core technologies for ubiquitous environment, because of its various characteristics which barcode systems don't have. However, RFID systems have consumer's privacy infringement problems, such like information leakage and location tracing. We need RFID privacy protection protocols, that satisfy three essential security requirements; confidentiality, indistinguishability and forward security, in order to protect consumer's privacy perfectly. The most secure protocol, that satisfies all of the three essential security requirements, among existing protocols, is the hash-chain based protocol that Ohkubo proposed. Unfortunately this protocol has a big disadvantage that it takes very long time to identify a tag in the back-end server. In this paper, we propose a scheme to keep security just as it is and to reduce computation time for identifying a tag in back-end server. The proposed scheme shows the results that the identification time in back-end server is reduced considerably compared to the original scheme of Ohkubo protocol.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.12
• /
• pp.2193-2201
• /
• 2006

In related to mobile communication environment. Kesdogan and Pfitzmann[1,2,3] proposed solutions using temporary pseudonym identification, called TP(Temporary Pseudonym) to solve the problems concerning current locations of mobile users and exposure of their movements in the privacy aspect. After that, we proposed more improved method protecting mobile users from active attacks of network providers in [4]. But it is the case that mobile users are located in only home domain. As a more extended method. we propose new mobile terminated protocol protecting user privacy in case of moving from the home domain to the remote domain and analyze its security.

• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.3
• /
• pp.57-66
• /
• 2014

This paper proposes the UHISRL(Ubiquitous Healthcare Information System based on Real Time Location) which manages patient, doctor, medicine by using RFID. The proposed UHISRL monitors the patient's health state, and enables us to confirm the result with Smart Phone and Tablet PC. Also, it can block Replay and Spoofing attack by using the ERHL(Extended Randomized Hash Lock) authentication scheme designed in this paper. A patient privacy is enhanced by limiting UHISRL DB access according to attributes with CP-ABE (Cipher Text - Attributed based Encryption) technique. Specially, UHISRL can prevent an unexpected accident by monitoring a chronic patient's emergency situation in real time.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.758-760
• /
• 2013

위치기반 서비스에 관련된 기술 연구가 활발히 진행됨에 따라 다수의 사용자가 위치기반 앱 서비스를 이용하고 있다. 그러나 위치기반 앱 서비스를 이용하는 사용자가 점차 증가함에 따라 사용자의 위치정보가 노출될 확률이 높아지고 있다. 우리는 개인의 위치 정보를 보호하면서도 서버의 작업 부하를 줄일 수 있는 self-Privacy Protection Range (self-PR)을 제안한다. Self-PR은 클라이언트의 조건(ex. 배터리 상태, 모바일 기기의 성능 등)에 따라 보호 영역을 설정할 수 있기 때문에 이상적인 질의처리가 가능하다. 반면에 서버는 클라이언트의 self-PR이 증가할수록 서버는 데이터 탐색 경로가 짧아지기 때문에 작업부하를 줄일 수 있다. 그리고 서버는 클라이언트의 self-PR 확인하고 질의 결과를 전송하기 때문에 정확한 질의 결과를 전송할 수 있다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.55-57
• /
• 2005

본 논문에서는 프라이버시 보호를 위한 개인 위치 정보 접근에 대한 통보 유무, 동의와 같은 차별화 된 정책 설정과 특정 장소나 시간에 대해 위치 정보 제공을 차단 할 수 있는 프로토콜을 제안 하려고 한다. 제안하는 프로토콜은 모바일 상의 프라이버시 설정을 위해 응용 레벨에서 동적으로 발생하는 개인의 위치정보에 대해 유저가 설정한 특정 장소와 시간에 따라 차단하는 기능 설정할 수 있다. 또한 서비스 제공자와 요청자 별로 개인 위치 정보 접근에 대한 통보 유무, 동의와 같은 차별화된 정책을 설정 할 수 있다. 제안하는 프로토콜은 이들 설정된 정책들의 리스트들을 요청자 별로 나누어서 사용자 프라이버시 리스트 서버(UPLS)에서 관리하며, 서비스 요청 시 설정된 정책에 맞는 서비스를 서비스 제공자들이 제공하게 되므로 개인 위치 정보에 대해 프라이버시를 제공하게 된다.