Databases Reference
In-Depth Information
may use the location information for different purposes, gathering and manag-
ing such information is a challenging aspect. Among the different issues that
need to be addressed in the development of such services,
location privacy
is becoming increasingly important. Location privacy can be defined as the
right of individuals to decide how, when, and for which purposes their location
information could be released to other parties. The lack of location privacy
protection could result in severe consequences that make users the target of
fraudulent attacks such as [1]:
i) unsolicited advertising,
meaning that the
location of the user could be exploited, without her consent, to provide ad-
vertisements of products and services available nearby the user position;
ii)
physical attacks or harassment,
meaning that the location of the user could
be used to carry physical assaults to individuals;
iii) users profiling,
meaning
that the location of the user, which intrinsically carries personal information,
could be used to infer other sensitive information such as state of health, per-
sonal habits, and professional duties;
iv) denial of services,
meaning that the
location of the user could be used to deny accesses to services under some
circumstances. In addition, location information can expose users to dangers
such as stalking or physical harassment [2, 3].
Although location privacy is the subject of growing research efforts, there
are no comprehensive solutions for location privacy protection in pervasive
systems. The main branch of current research on location privacy focuses
on users anonymity and on supporting online and mobile services that do
not require the personal identification of a user for their provision [4, 5, 6].
When identification of users is required and, consequently, anonymity is not
suitable, a viable solution to protect users privacy is to decrease the precision
of personal information (including location) bound to identities [7, 8, 9]. For
several online services personal information associated with identities does not
need to be as accurate as possible to guarantee a certain service quality.
In this chapter, the issue of protecting location privacy is analyzed in
the context of Location-based Access Control (LBAC) systems [10]. The re-
mainder of this chapter is organized as follows. Section 2 presents basic con-
cepts behind location-based access control systems. Section 3 provides a brief
overview of different types of location privacy that must be preserved depend-
ing on the scenarios and on the requirements together with a description of
the techniques that can be used to protect location privacy. Section 4 de-
scribes some obfuscation-based techniques aimed at privacy protection. Sec-
tion 5 presents a privacy-aware LBAC architecture and discusses how the
evaluation of location-based predicates can be performed. Finally, Section 6
gives our conclusions.
2 Location-based Access Control Systems
Novel access control mechanisms are based on the assumption that properties
characterizing a requester, which are usually provided through
digital cre-
