Efficiently enforcing the security and privacy policies in a mobile environment

Abstract

Effective delivery of location-based services (LBS) requires efficient processing of access requests to find the past, present and future location of the mobile customers (or moving objects) that match a certain profile. However, this gives rise to a number of security and privacy concerns because LBS may need to locate and track a mobile customer, and gain access to his/her profile. Location information has the potential to allow an adversary to physically locate a person, and user profile information may include sensitive attributes such as name, address, linguistic preference, age group, income level, marital status, education level, etc. As such, mobile customers have legitimate concerns about their personal safety, if such information should fall into the wrong hands. One way to take these concerns into account is by establishing security policies and enforcing them for every access. A comprehensive security policy can encode spatiotemporal restrictions on access to location and profile. To incorporate security, an appropriate access control mechanism must be in place to enforce the authorization specifications reflecting the above security and privacy policies. Serving an access request requires to search for the desired moving objects that satisfy the query, as well as identify and enforce the relevant security policies. While this solves the security problem, it creates a performance problem. Often, enforcing security incurs overhead, and as a result may degrade the performance of a system. Thus, one way to alleviate this problem and to effectively serve access requests, is to efficiently organize the mobile objects, authorizations as well as mobile customers' profiles. The key insight is to realize that a lot of duplicate work is performed while searching for the relevant authorizations and mobile objects. In this book chapter, we present the different solutions proposed by researchers in a response to address the above issue. The solutions specifically propose unified index schemes for organizing moving object data, authorizations and profiles of users. © 2008 Springer Science+Business Media, LLC.