PASPORT: A Secure and Private Location Proof Generation and Verification Framework

Nosouhi, MR; Sood, K; Yu, S; Grobler, M; Zhang, J

PASPORT: A Secure and Private Location Proof Generation and Verification Framework

Nosouhi, MR Sood, K Yu, S

Grobler, M Zhang, J

Permalink

Publisher:: Institute of Electrical and Electronics Engineers (IEEE)
Publication Type:: Journal Article
Citation:: IEEE Transactions on Computational Social Systems, 2020, 7, (2), pp. 293-307
Issue Date:: 2020-04-01

Closed Access

	Filename	Description	Size
	08967030.pdf	Published version	3.12 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Nosouhi, MR
dc.contributor.author	Sood, K
dc.contributor.author	Yu, S https://orcid.org/0000-0003-4485-6743
dc.contributor.author	Grobler, M
dc.contributor.author	Zhang, J
dc.date.accessioned	2021-03-25T07:36:47Z
dc.date.available	2021-03-25T07:36:47Z
dc.date.issued	2020-04-01
dc.identifier.citation	IEEE Transactions on Computational Social Systems, 2020, 7, (2), pp. 293-307
dc.identifier.issn	2373-7476
dc.identifier.issn	2329-924X
dc.identifier.uri	http://hdl.handle.net/10453/147523
dc.description.abstract	© 2014 IEEE. Recently, there has been a rapid growth in location-based systems and applications in which users submit their location information to service providers in order to gain access to a service, resource, or reward. We have seen that in these applications, dishonest users have an incentive to cheat on their location. Unfortunately, no effective protection mechanism has been adopted by service providers against these fake location submissions. This is a critical issue that causes severe consequences for these applications. Motivated by this, we propose the Privacy-Aware and Secure Proof Of pRoximiTy (PASPORT) scheme in this article to address the problem. Using PASPORT, users submit a location proof (LP) to service providers to prove that their submitted location is true. PASPORT has a decentralized architecture designed for ad hoc scenarios in which mobile users can act as witnesses and generate LPs for each other. It provides user privacy protection as well as security properties, such as unforgeability and nontransferability of LPs. Furthermore, the PASPORT scheme is resilient to prover-prover collusions and significantly reduces the success probability of Prover-Witness collusion attacks. To further make the proximity checking process private, we propose P-TREAD, a privacy-aware distance bounding protocol and integrate it into PASPORT. To validate our model, we implement a prototype of the proposed scheme on the Android platform. Extensive experiments indicate that the proposed method can efficiently protect location-based applications against fake submissions.
dc.language	en
dc.publisher	Institute of Electrical and Electronics Engineers (IEEE)
dc.relation.ispartof	IEEE Transactions on Computational Social Systems
dc.relation.isbasedon	10.1109/TCSS.2019.2960534
dc.rights	info:eu-repo/semantics/closedAccess
dc.rights	© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.	en_US
dc.title	PASPORT: A Secure and Private Location Proof Generation and Verification Framework
dc.type	Journal Article
utslib.citation.volume	7
utslib.for	0805 Distributed Computing
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
utslib.copyright.status	closed_access	*
dc.date.updated	2021-03-25T07:36:43Z
pubs.issue	2
pubs.publication-status	Published
pubs.volume	7
utslib.citation.issue	2

Abstract:

© 2014 IEEE. Recently, there has been a rapid growth in location-based systems and applications in which users submit their location information to service providers in order to gain access to a service, resource, or reward. We have seen that in these applications, dishonest users have an incentive to cheat on their location. Unfortunately, no effective protection mechanism has been adopted by service providers against these fake location submissions. This is a critical issue that causes severe consequences for these applications. Motivated by this, we propose the Privacy-Aware and Secure Proof Of pRoximiTy (PASPORT) scheme in this article to address the problem. Using PASPORT, users submit a location proof (LP) to service providers to prove that their submitted location is true. PASPORT has a decentralized architecture designed for ad hoc scenarios in which mobile users can act as witnesses and generate LPs for each other. It provides user privacy protection as well as security properties, such as unforgeability and nontransferability of LPs. Furthermore, the PASPORT scheme is resilient to prover-prover collusions and significantly reduces the success probability of Prover-Witness collusion attacks. To further make the proximity checking process private, we propose P-TREAD, a privacy-aware distance bounding protocol and integrate it into PASPORT. To validate our model, we implement a prototype of the proposed scheme on the Android platform. Extensive experiments indicate that the proposed method can efficiently protect location-based applications against fake submissions.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/147523