• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.8
• /
• pp.853-862
• /
• 2010

As the mobile device and broadband wireless internet such as WiBro, HSDPA is widely spreading, various types of advertisement and services based on personal location information can be provided. However, with convenience supported by these services, it is possible to be increased an invasion of privacy such as personal location and moving pattern. In this paper, we analysis an essential element for protection of privacy related on location information in mobile environment and propose location privacy protocol for managing location privacy self-control. And we design and implementation prototype of location privacy self-control system which is able to manage user's location privacy condition oneself using the proposed location privacy protocol.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.3
• /
• pp.379-387
• /
• 2013

In large-scale wireless sensor networks, tremendous amount of dummy packets is usually accompanied by keeping location privacy of the communication source and destination against global eavesdropping. In our earlier work we designed a location privacy routing protocol, ELPR(End-node Location Privacy Routing) in which the generation of dummy packets at each idle time-slot while transferring data packets are restricted to only the nodes within certain areas of encompassing the source and destination, respectively. In this paper, it is given that ELPR provides various degrees of location privacy while PCM(Periodic Collection Method) allows the only fixed level. Simulation results show that as the number of nodes or data packets increases ELPR permits in terms of the number of generated packets more cost-effective location privacy than PCM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.71-82
• /
• 2005

Though there are many authentication protocols for RFID system, only a few protocols support location privacy. Because of tag's hardware limitation, these protocols suffer from many security threats, especially from DoS (Denial of Service) attack. In this paper, we explain location privacy problem and show vulnerabilities of RFID authentication protocols. And then, we suggest an authentication protocol that is strong against location tracing, spoofing attack and DoS attack

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.12
• /
• pp.1353-1358
• /
• 2014

Tremendous amount of dummy packets are generally generated for faking over a wireless sensor network so as to keep the location privacy of nodes on the communication paths against the global eavesdropping. In this paper, a scoped-flooding protocol is designed for transferring data between each source and mobile sink(aka, basestation) where, the only nodes within the scope are allowed to issue dummy packets at every idle time so that the location privacy of the nodes on the paths is kept and the amount of dummy packets is reduced to the extend of the flooding scope. The size of the flooding diameter can be taken into consideration of the privacy level and the communication cost. We design a detailed specification of the protocol and verify several properties.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.621-624
• /
• 2013

Mobile Cloud Computing is today's emerging technology. Customers enjoy the services and application from this combination of mobile technology and cloud computing. Beside all these benefits it also increases the concerns regarding privacy of users, while interacting with this new paradigm One of the services is Location based services, but to get their required services user has to give his/her current location to the LBS provider that is violation of location privacy of mobile client. Many approaches are in literature for preserve location privacy but some has computation restriction and some suffer from lack of privacy. In this paper we proposed a novel idea that not only efficient in its protocol but also completely preserves the user's privacy. The result shows that by sharing just service name and a large enough geographic area (e.g. a city) user gets required information from the server by doing little client side processing We perform experiments at client side by developing and testing an android based mobile client application to support our argument.

• The KIPS Transactions:PartC
• /
• v.13C no.5 s.108
• /
• pp.595-600
• /
• 2006

Nowadays, low-cost radio frequency identification (RFID) technique, is recognizable without the physical contact between the reader and the tag, has been attracting more and more interests from both industry and academic institutes. however, it causes the serious privacy infringement such as excessive information exposure and user's location information tracking due to the wireless characteristics. The security problem of read only tag can be only solved by physical method. In this paper, we propose a low-cost authentication protocol which can be adopted for read-only RFID tag using XOR and Partial ID. The proposed protocol is secure against reply attacking, eavesdropping and spoofing attacking so that avoiding the location privacy exposure

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.2
• /
• pp.219-226
• /
• 2013

Against the global eavesdropping in wireless sensor networks, tremendous amount of dummy packets for faking are likely to be continuously generated in order to keep the location privacy of the communication source and destination. In our approach only certain disk-shaped zones of encompassing sources and destination are allowed to issue dummy packets during the data transfer so that the amount of generated packets is reduced while the location privacy of the source and destination remains secret. To this end we design a routing protocol and propose a detailed formal specification of it, and verify major characteristics.

• Journal of information and communication convergence engineering
• /
• v.5 no.3
• /
• pp.265-268
• /
• 2007

In previous papers [1] and [2], we proposed two improved methods protecting mobile users from active attacks[3,4] of network providers in mobile communication environment. But they were the case that mobile users were located in only home domain. In [5], we proposed protocol extending the method of [1] in case of roaming from the home domain to the remote domain. The purpose of this paper is to propose new mobile terminated protocol extending the method of [2] and analyze its security.

• Journal of KIISE
• /
• v.41 no.9
• /
• pp.715-727
• /
• 2014

The number of subscribers in 4th generation mobile system has been increased rapidly. Along with that, preserving subscribers' privacy has become a hot issue. To prevent users' location from being revealed publicly is important more than ever. In this paper, we first show that the privacy-related problem exists in user authentication procedure in 4th generation mobile system, especially LTE. Then, we suggest an attack model which allows an adversary to trace a user, i.e. he has an ability to determine whether the user is in his observation area. Such collecting subscribers' location by an unauthorized third party may yield severe privacy problem. To keep users' privacy intact, we propose a modified authentication protocol in LTE. Our scheme has low computational overhead and strong secrecy so that both the security and efficiency are achieved. Finally, we prove that our scheme is secure by using the automatic verification tool ProVerif.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.5
• /
• pp.581-591
• /
• 2016

RFID(Radio Frequency IDentification) is a key technology in ubiquitous computing and is expected to be employed in more fields in the near future. Nevertheless, the RFID system is vulnerable to attacks by eavesdropping or altering of the messages transmitted in wireless channels. In 2013, Oh et al. proposed a mutual authentication protocol between a tag and a reader in RFID systems. Their protocol is designed to resist location tracking for privacy protection. However, all tags and readers use only one network-wide key in their protocol and tags are usually vulnerable to physical attacks. We found that their protocol is still vulnerable to tag/reader impersonation attacks and location tracking if an attacker obtains the network-wide key from a tag. In this paper, we propose a security improved authentication protocol for privacy protection in RFID systems. In addition, we demonstrate that the proposed scheme is efficient in terms of computation and communication costs.