Abstract
Location-dependent services are services that adapt their behavior based on the locations of mobile devices. For many applications, it is critical that location-dependent services use trustworthy device locations, namely locations that are both accurate and recent. These properties are captured by a security goal called locale authentication whereby an entity can authenticate the physical location of a device, even in the presence of malicious adversaries. In this paper, we present a systematic technique for verifying that location discovery protocols satisfy this security goal. We base our work on the strand space theory which provides a framework for determining which security goals a cryptographic protocol achieves. We extend this theory with a metric that captures the geometric properties of time and space. We use the extended theory to prove that several prominent location discovery protocols including GPS do not satisfy the locale authentication goal. We also analyze a location discovery protocol that does satisfy the goal under some reasonable assumptions.
This work was supported by the MITRE-Sponsored Research Program.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bahl, P., Padmanabhan, V.N.: Radar: An in-building RF-based user location and tracking system. In: Proceedings of IEEE INFOCOM, vol. 2, pp. 775–784 (2000)
Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)
Capkun, S., Buttyan, L., Hubaux, J.P.: SECTOR: Secure tracking of node encounters in multi-hop wireless networks. In: Proceedings of the ACM Workshop on Security of Ad hoc and Sensor Networks, SASN (2003)
Denning, D.E., MacDoran, P.F.: Location-based authentication: Grounding cyberspace for better security. Computer Fraud & Security (February 1996)
Guttman, J.D., Thayer Fábrega, F.J.: Authentication tests and the structure of bundles. Theoretical Computer Science 283(2), 333–380 (2002)
Hofmann-Wellenhof, B., Lichtenegger, H., Collins, J.: The Global Positioning System: Theory and Practice. Springer, Wien (20014b)
Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., Syverson, P.: Distance bounding protocols: Authentication logic analysis and collusion attacks. In: Advances in Information Security, vol. 30, pp. 279–298. Springer, Heidelberg (2007)
Poovendran, R., Wang, C., Roy, S. (eds.): Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks. Advances in Information Security, vol. 30. Springer, Heidelberg (2007)
Priyantha, N.B., Miu, A.K.L., Balakrishnan, H., Teller, S.J.: The cricket compass for context-aware mobile applications. In: MOBICOM, pp. 1–14 (2001)
Sastry, N., Shankar, U., Wagner, D.: Secure verification of location claims. In: Proceedings of the ACM Workshop on Wireless Security, WiSe (2003)
Thayer Fábrega, F.J., Herzog, J.C., Guttman, J.D.: Strand spaces: Proving security protocols correct. Journal of Computer Security 7(2/3), 191–230 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP
About this paper
Cite this paper
Thayer, F.J., Swarup, V., Guttman, J.D. (2010). Metric Strand Spaces for Locale Authentication Protocols. In: Nishigaki, M., Jøsang, A., Murayama, Y., Marsh, S. (eds) Trust Management IV. IFIPTM 2010. IFIP Advances in Information and Communication Technology, vol 321. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13446-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-13446-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13445-6
Online ISBN: 978-3-642-13446-3
eBook Packages: Computer ScienceComputer Science (R0)