More Web Proxy on the site http://driver.im/

research-article

Privacy-Preserving Location-Based Services by using Intel SGX

Authors:

Vaibhav Kulkarni,

Bertil Chapuis,

Benoît GarbinatoAuthors Info & Claims

HumanSys'17: Proceedings of the First International Workshop on Human-centered Sensing, Networking, and Systems

Pages 13 - 18

https://doi.org/10.1145/3144730.3144739

Published: 05 November 2017 Publication History

Abstract

We are witnessing a rapid proliferation of location-based services, due to the useful context-aware services they provide their users. However, sharing sensitive location traces with untrusted service-providers has many privacy implications. Although, user-data monetization is the core economic model of such services, offering private services to concerned users will be a beneficial functionality in the coming years. Existing solutions include location perturbation, k-anonymity and cryptographic primitives that trade service accuracy or latency for enhanced user privacy. We introduce a novel approach for privacy preserving location-based services by using the Intel Software Guard eXtensions (SGX). We implement a simple location-based service using SGX and gauge its performance in terms of efficiency and effectiveness, in comparison with its bare-metal implementation. Our evaluation results show that SGX contributes a marginal overhead but also provides near-to-the-perfect results in contrast to spatial cloaking with k-anonymity whose performance deteriorates as the degree of desired privacy increases. We show that hardware-based trusted execution-environments are a promising alternative for offering proactive and de-facto location-privacy in the context of location-based services.

References

[1]

Chi-Yin Chow, Mohamed F. Mokbel, and Xuan Liu. 2006. A peer-to-peer spatial cloaking algorithm for anonymous location-based service. In GIS.

Digital Library

[2]

Youssef Gahi, Mouhcine Guennoun, Zouhair Guennoun, and Khalil El-Khatib. 2012. Privacy Preserving Scheme for Location-Based Services. J. Information Security 3 (2012), 105--112.

[3]

Sébastien Gambs, Marc-Olivier Killijian, and Miguel Núñez del Prado Cortez. 2010. Show me how you move and I will tell you who you are. In SPRINGL.

Digital Library

[4]

Bugra Gedik and Ling Liu. 2008. Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms. IEEE Transactions on Mobile Computing 7 (2008), 1--18.

Digital Library

[5]

Marco Gruteser and Dirk Grunwald. 2003. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the 1st international conference on Mobile systems, applications and services. ACM, 31--42.

Digital Library

[6]

Debayan Gupta, Benjamin Mood, Joan Feigenbaum, Kevin Butler, and Patrick Traynor. 2016. Using intel software guard extensions for efficient two-party secure function evaluation. In International Conference on Financial Cryptography and Data Security. Springer, 302--318.

[7]

Investopedia. 2016. Uber Starwood. http://www.investopedia.com/articles/investing/030916/how-uber-uses-its-data-bank.asp. (2016).

[8]

Vishal Karande, Erick Bauman, Zhiqiang Lin, and Latifur Khan. 2017. SGX-Log: Securing System Logs With SGX. In AsiaCCS.

Digital Library

[9]

Hidetoshi Kido, Yutaka Yanagisawa, and Tetsuji Satoh. 2005. Protection of Location Privacy using Dummies for Location-based Services. 21st International Conference on Data Engineering Workshops (ICDEW'05) (2005), 1248--1248.

Digital Library

[10]

Kubilay Ahmet Küçük, Andrew Paverd, Andrew Martin, N. Asokan, Andrew Simpson, and Robin Ankele. 2016. Exploring the Use of Intel SGX for Secure Many-Party Applications. In Proceedings of the 1st Workshop on System Software for Trusted Execution (SysTEX '16). ACM, New York, NY, USA, Article 5, 6 pages.

Digital Library

[11]

Xiang-Yang Li and Taeho Jung. 2013. Search me if you can: privacy-preserving location query service. In INFOCOM, 2013 Proceedings IEEE. IEEE, 2760--2768.

[12]

Aniket Pingley, Wei Yu, Nan Zhang, Xinwen Fu, and Wei Zhao. 2012. A context-aware scheme for privacy-preserving location-based services. Computer Networks 56, 11 (2012), 2551--2568.

Digital Library

[13]

Rafael Pires, Daniel Gavril, Pascal Felber, Emanuel Onica, and Marcelo Pasin. 2017. A lightweight MapReduce framework for secure processing with SGX. In Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing. IEEE Press, 1100--1107.

Digital Library

[14]

Rafael Pires, Marcelo Pasin, Pascal Felber, and Christof Fetzer. 2016. Secure Content-Based Routing Using Intel Software Guard Extensions. In Middleware.

Digital Library

[15]

USA Today. 2014. LBS Tracking, www.usatoday.com/story/tech/2014/11/19/uber-privacy-tracking/19285481/. (2014).

[16]

Hui Zhu, Rongxing Lu, Cheng Huang, Le Chen, and Hui Li. 2016. An Efficient Privacy-Preserving Location-Based Services Query Scheme in Outsourced Cloud. IEEE Transactions on Vehicular Technology 65, 9 (2016), 7729--7739.

Cited By

Han ZYe QHu H(2023)OTKI-F: An efficient memory-secure multi-keyword fuzzy search protocolJournal of Computer Security10.3233/JCS-21014531:2(129-152)Online publication date: 6-Apr-2023
https://doi.org/10.3233/JCS-210145
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Yan ZQian XLiu SDeng R(2022)Privacy Protection in 5G Positioning and Location-based Services Based on SGXACM Transactions on Sensor Networks10.1145/351289218:3(1-19)Online publication date: 30-Aug-2022
https://dl.acm.org/doi/10.1145/3512892
Show More Cited By

Index Terms

Privacy-Preserving Location-Based Services by using Intel SGX
1. Security and privacy
  1. Security services
    1. Privacy-preserving protocols

Recommendations

Protecting location privacy using location semantics
KDD '11: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining

As the use of mobile devices increases, a location-based service (LBS) becomes increasingly popular because it provides more convenient context-aware services. However, LBS introduces problematic issues for location privacy due to the nature of the ...
Preserving location privacy without exact locations in mobile services

Privacy preservation has recently received considerable attention in location-based services (LBSs). A large number of location cloaking algorithms have been proposed for protecting the location privacy of mobile users. However, most existing cloaking ...
Privacy Preserving for Location-Based Services Using Location Transformation
Cyberspace Safety and Security
Abstract
With the increasing popularity of mobile communication devices loaded with positioning capabilities (e.g.,GPS), there is growing demand for enjoying location-based services (LBSs). An important problem in LBSs is the disclosure of a user’s real ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

HumanSys'17: Proceedings of the First International Workshop on Human-centered Sensing, Networking, and Systems

November 2017

67 pages

ISBN:9781450354806

DOI:10.1145/3144730

Editor:
Rasit Eskicioglu
University of Manitoba, Canada

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Schweizerischer Nationalfonds zur Förderung der Wissenschaftlichen Forschung

Conference

SenSys '17

Sponsor:

SenSys '17: The 15th ACM Conference on Embedded Network Sensor Systems

November 5, 2017

Delft, Netherlands

Acceptance Rates

Overall Acceptance Rate 7 of 10 submissions, 70%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
218
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)6

Reflects downloads up to 10 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Han ZYe QHu H(2023)OTKI-F: An efficient memory-secure multi-keyword fuzzy search protocolJournal of Computer Security10.3233/JCS-21014531:2(129-152)Online publication date: 6-Apr-2023
https://doi.org/10.3233/JCS-210145
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Yan ZQian XLiu SDeng R(2022)Privacy Protection in 5G Positioning and Location-based Services Based on SGXACM Transactions on Sensor Networks10.1145/351289218:3(1-19)Online publication date: 30-Aug-2022
https://dl.acm.org/doi/10.1145/3512892
Wei WWang JYan ZDing W(2022)EPMDroid: Efficient and privacy-preserving malware detection based on SGX through data fusionInformation Fusion10.1016/j.inffus.2021.12.006Online publication date: Jan-2022
https://doi.org/10.1016/j.inffus.2021.12.006
Valadares DWill NCaminha JPerkusich MPerkusich AGorgonio K(2021)Systematic Literature Review on the Use of Trusted Execution Environments to Protect Cloud/Fog-Based Internet of Things ApplicationsIEEE Access10.1109/ACCESS.2021.30855249(80953-80969)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3085524
Yang YHuang XLiu XCheng HWeng JLuo XChang V(2019)A Comprehensive Survey on Secure Outsourced Computation and Its ApplicationsIEEE Access10.1109/ACCESS.2019.29497827(159426-159465)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2949782

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents