Abstract
Mobile computing enables users to compute and communicate almost regardless of their current location. However, as a side effect this technology considerably increased surveillance potential for user movements. Current research addresses location privacy rather patchwork-like than comprehensively. Thus, this paper presents a methodology for identifying, assessing, and comparing location privacy risks in mobile computing technologies. In a case study, we apply the approach to IEEE 802.11b wireless LAN networks and location-based services, where it reveals significant location privacy concerns through link- and application-layer information. From a technological perspective, we argue that these are best addressed through novel anonymity-based mechanisms.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Spreitzer, M., Theimer, M.: Providing location information in a ubiquitous computing environment. In: Proceedings of the 14th ACM SOSP, pp. 270–283 (1993)
Harter, A., Hopper, A., Steggles, P., Ward, A., Webster, P.: The anatomy of a context-aware application. Mobile Computing and Networking, 59–68 (1999)
Jose, R., Davies, N.: Scalable and flexible location-based services for ubiquitous information access. In: Gellersen, H.-W. (ed.) HUC 1999. LNCS, vol. 1707, pp. 52–66. Springer, Heidelberg (1999)
Bisdikian, C., Christensen, J., Davis II, J., Ebling, M., Hunt, G., Jerome, W., Lei, H., Maes, S.: Enabling location-based applications. In: 1st Workshop on Mobile commerce (2001)
Fox, D.: Der imsi-catcher (in german). Datenschutz and Datensicherheit 21(9) (September 1997)
Lemos, R.: (ZDNet News). Car spy pushes privacy limit (June 2001), http://zdnet.com.com/2100-11-530115.html?legacy=zdnn
Lemos, R.: (ZDNet News). Car rental gps speeding fines illegal (July 2001), http://www.mvcf.com/news/cache/00400/
Rahnema, M.: Overview of the gsm system and protocol architecture. IEEE Communications Magazine 31(4), 92–100 (1993)
IEEE. IEEE standard 802.11b - wireless LAN medium access control (MAC) and physical layer (PHY) specications: High speed physical layer(PHY) in the 2.4 GHz band (1999)
Negroponte, N.: Being wireless. Wired Magazine (October 2002)
Getting, I.: The global positioning system. IEEE Spectrum 30(12), 36–47 (1993)
Spooner, J.: (CNET News). Motorola: New chip will bring gps to all (September 2002), http://news.com.com/2100-1040-959085.html
Goyal, A. In talk given at NIST pervasive computing conference (2001)
Hightower, J., Borriello, G.: A survey and taxonomy of location sensing systems for ubiquitous computing. UW CSE 01-08-03, University of Washington (August 2001)
Reed, J., Krizman, K., Woerner, B., Rappaport, T.: An overview of the challenges and progress in meeting the e-911 requirement for location service. IEEE Personal Communications Magazine 5(3), 30–37 (1998)
Webraska Mobile Technologies. Webraska website, http://www.webraska.com/
Cheverst, K., Davies, N., Mitchell, K., Friday, A.: Experiences of developing and deploying a context-aware tourist guide: the guide project. In: Proceedings of MOBICOM, pp. 20–31. ACM Press, New York (2000)
The Economist. The end of privacy, April 29 (1999)
The Economist. The coming backlash in privacy, December 9 (2000)
Froomkin, M.: The death of privacy? Stanford Law Review 52, 1461–1543 (2000)
Hoffman, D.L., Novak, T.P., Peralta, M.: Building consumer trust online. Communications of the ACM 42(4), 80–85 (1999)
Location privacy protection act of 2001. US Congress, Sponsor: Sen. John Edwards (DNC), Contact: Maureen Mahon, Legislative Assistant, Sen. Edwards / 202.224.3154 / fax 202.228.1374 (2001), http://www.techlawjournal.com/cong107/privacy/location/s1164is.asp
Karger, P.A., Frankel, Y.: Security and privacy threats to ITS. In: Proceedings of the Second World Congress on Intelligent Transport Systems, Yokohama, Japan, November 1995, vol. 5 (1995)
Agre, P.E.: Red rocks eater news service—notes and recommendations (December 1999), http://commons.somewhere.com/rre/1999/RRE.notes.and.recommenda14.html
Tele Atlas North America, Inc. Geocode website, http://www.geocode.com/
Padmanabhan, V.N., Subramanian, L.: An investigation of geographic mapping techniques for internet hosts. In: Proceedings of SIGCOMM 2001, p. 13 (2001)
Periakaruppan, R., Nemeth, E.: Gtrace — a graphical traceroute tool. In: 13th Usenix Systems Administration Conference — LISA, Seattle, WA, November 7-12 (1999)
Bahl, P., Padmanabhan, V.N.: RADAR: An in-building RF-based user location and tracking system. INFOCOM (2), 775–784 (2000)
Castro, P., Chiu, P., Kremenek, T., Muntz, R.: A probabilistic room location service for wireless networked environments. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) UbiComp 2001. LNCS, vol. 2201, p. 18. Springer, Heidelberg (2001)
Ladd, A.M., Bekris, K.E., Rudys, A., Kavraki, L.E., Wallach, D.S., Marceau, G.: Robotics-based location sensing using wireless ethernet. In: Proceedings of MOBICOM, pp. 227–238. ACM Press, New York (2002)
Wireless geographic logging engine (October 2002), http://wigle.net/gpsopen/gps/GPSDB/
Netstumbler software (October 2002), http://www.netstumbler.com
Cuellar, J., Morris, J., Mulligan, D.: IETF Geopriv requirements (2002), http://www.ietf.org/html.charters/geopriv-charter.html
Duri, S., Gruteser, M., Liu, X., Moskowitz, P., Perez, R., Singh, M., Tang, J.-M.: Framework for security and privacy in automotive telematics. In: Proceedings of the second international workshop on Mobile commerce, pp. 25–32. ACM Press, New York (2002)
Snekkenes, E.: Concepts for personal location privacy policies. In: Proceedings of the 3rd ACM conference on Electronic Commerce, pp. 48–57. ACM Press, New York (2001)
Al-Muhtadi, J., Campbell, R., Kapadia, A., Mickunas, D.M., Yi Routing, S.: through the mist: Privacy preserving communication in ubiquitous computing environments. In: International Conference of Distributed Computing Systems (2002)
Fasbender, A., Kesdogan, D., Kubitz, O.: Analysis of security and privacy in mobile IP. In: 4th International Conference on Telecommunication Systems Modeling and Analysis, Nashville, TN (March 1996)
Narten, T., Draves, R.: RFC3041—privacy extensions for stateless address autoconfiguration in ipv6, http://www.faqs.org/ftp/rfc/rfc3041.txt
Priyantha, N.B., Chakraborty, A., Balakrishnan, H.: The cricket locationsupport system. In: Proceedings of the sixth annual international conference on Mobile computing and networking, pp. 32–43. ACM Press, New York (2000)
Smailagic, A., Kogan, D.: Location sensing and privacy in a context-aware computing environment. IEEE Wireless Communications 9, 10–17 (2002)
Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: Proc. of the ACMSIGMOD Conference on Management of Data, pp. 439–450. ACM Press, New York (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gruteser, M., Grunwald, D. (2004). A Methodological Assessment of Location Privacy Risks in Wireless Hotspot Networks. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds) Security in Pervasive Computing. Lecture Notes in Computer Science, vol 2802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39881-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-39881-3_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20887-7
Online ISBN: 978-3-540-39881-3
eBook Packages: Springer Book Archive