Databases Reference
In-Depth Information
23
E
ciently Enforcing the Security and Privacy
Policies in a Mobile Environment
Vijayalakshmi Atluri
1
and Heechang Shin
2
1
Rutgers University, Newark, NJ
atluri@cimic.rutgers.edu
2
Rutgers University, Newark, NJ
hshin@cimic.rutgers.edu
Summary.
Effective delivery of
location-based services
(LBS) requires ecient pro-
cessing of access requests to find the
past, present
and
future
location of the mobile
customers (or moving objects) that match a certain profile. However, this gives rise
to a number of security and privacy concerns because LBS may need to locate and
track a mobile customer, and gain access to his/her profile. Location information
has the potential to allow an adversary to physically locate a person, and user profile
information may include sensitive attributes such as name, address, linguistic pref-
erence, age group, income level, marital status, education level, etc. As such, mobile
customers have legitimate concerns about their personal safety, if such information
should fall into the wrong hands. One way to take these concerns into account is
by establishing security policies and enforcing them for every access. A comprehen-
sive security policy can encode spatiotemporal restrictions on access to location and
profile. To incorporate security, an appropriate access control mechanism must be
in place to enforce the authorization specifications reflecting the above security and
privacy policies. Serving an access request requires to search for the desired moving
objects that satisfy the query, as well as identify and enforce the relevant security
policies.
While this solves the security problem, it creates a performance problem. Often,
enforcing security incurs overhead, and as a result may degrade the performance
of a system. Thus, one way to alleviate this problem and to effectively serve access
requests, is to eciently organize the mobile objects, authorizations as well as mobile
customers' profiles. The key insight is to realize that a lot of duplicate work is
performed while searching for the relevant authorizations and mobile objects. In
this topic chapter, we present the different solutions proposed by researchers in a
response to address the above issue. The solutions specifically propose unified index
schemes for organizing moving object data, authorizations and profiles of users.
1 Introduction
In recent years, mobile phones and wireless PDAs have evolved into wireless
terminals that are Global Positioning System (GPS) enabled. The market
for location-aware mobile applications, often known as
location-based services
