Information Technology Reference
In-Depth Information
A New Scheme for the Location Information Protection
in Mobile Communication Environments
Soon Seok Kim
1
, Sang Soo Yeo
2
, Hong Jin Park
3
, and Sung Kwon Kim
2
1
School of Information and Communication Engineering,
Halla University, San 66, Heungup-Li, Heungup-myon, Wonjusi, Kangwondo, Korea
sskim@hit.halla.ac.kr
2
School of Computer Science and Engineering,
Chungang University, 221 Huksukdong, Dongjakku, Seoul, Korea
ssyeo@alg.cse.cau.ac.kr, skkim@cau.ac.kr
3
School of Computer Information and Communication Engineering,
Sangji University, Woosandong, Wonjusi, Kangwondo, Korea
hjpark1@sangji.ac.kr
Abstract.
We propose a new scheme, protecting information about the location
of a user against attacks from inside the mobile communication, especially the
network providers. There have already been some proposals about how to
protect location information in mobile communication environments. Among
them, Kesdogan et al.[2,3] proposed a new method, using so-called temporary
pseudonyms and also described protection method against passive and an active
attacks. However, the protection method against an active attack is not clear.
Moreover, there is an additional load in that it should append a reachability
manager[1,6] to the proposed system. In this paper, we introduce a new scheme
improving the method of Kesdogan et al. and analyze its security and
effectiveness.
1 Introduction
There have already been some proposals[1,2,3,4] about how to protect location
information in mobile communication environments. Federrath et al.[1] suggested
firstly the concept of MIXes as introduced by Chaum[5]. However, Kesdogan et al.[2]
pointed out some serious drawbacks: the encryption for the MIX has to exceed 512
bits which adds further load on the air interface. They also proposed a new method,
using so-called temporary pseudonyms (TP). The basic idea of the TP method is
originally based on the concept of trusted parties where, e.g., a home personal
computer confidentially stores sensitive data (authentication keys, location
information etc.) or even handles the complete location management, replacing the
visited location register (VLR) in GSM network[5]. But, in [2], Kesdogan et al.
protected location information of a user by saving her identity, instead of actual
location information, within a home trusted device. To this end, the user is assigned a
pseudonym, pseudo mobile subscriber identity (PMSI). As long as the user is
registered under a pseudonym, the network provider may know that a user under a
certain pseudonym currently is at a certain place, but he is not able to link the users
