• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3199-3218
• /
• 2019

Location-based services (LBSs) have become popular in recent years due to the ever-increasing usage of smart mobile devices and mobile applications through networks. Although LBS application provides great benefits to mobile users, it also raises a sever privacy concern of users due to the untrusted service providers. In the lack of privacy enhancing mechanisms, most applications of the LBS may discourage the user's acceptance of location services in general, and endanger the user's privacy in particular. Therefore, it is a great interest to discuss on the recent privacy-preserving mechanisms in LBSs. Many existing location-privacy protection-mechanisms (LPPMs) make great efforts to increase the attacker's uncertainty on the user's actual whereabouts by generating a multiple of fake-locations together with user's actual positions. In this survey, we present a study and analysis of existing LPPMs and the state-of-art privacy measures in service quality aware LBS applications. We first study the general architecture of privacy qualification system for LBSs by surveying the existing framework and outlining its main feature components. We then give an overview of the basic privacy requirements to be considered in the design and evaluation of LPPMs. Furthermore, we discuss the classification and countermeasure solutions of existing LPPMs for mitigating the current LBS privacy protection challenges. These classifications include anonymization, obfuscation, and an encryption-based technique, as well as the combination of them is called a hybrid mechanism. Finally, we discuss several open issues and research challenges based on the latest progresses for on-going LBS and location privacy research.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.1
• /
• pp.71-80
• /
• 2008

We have studied to protect location and identity privacy of mobile users in mobile communication environments. In this paper, we propose and analyze new mobile originated protocols as a part of our new integrated system for high level privacy protection service which is not provided in the traditional GSM[1] system of europe. Also our protocols support a roaming service into the remote domain as welt as the home domain.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.450-470
• /
• 2023

Traditional cloud computing faces some challenges such as huge energy consumption, network delay and single point of failure. Edge computing is a typical distributed processing platform which includes multiple edge servers closer to the users, thus is more robust and can provide real-time computing services. Although outsourcing data to edge servers can bring great convenience, it also brings serious security threats. In order to provide image retrieval while ensuring users' data privacy, a privacy preserving image retrieval scheme in edge environment is proposed. Considering the distributed characteristics of edge computing environment and the requirement for lightweight computing, we present a privacy-preserving image retrieval scheme in edge computing environment, which two or more "honest but curious" servers retrieve the image quickly and accurately without divulging the image content. Compared with other traditional schemes, the scheme consumes less computing resources and has higher computing efficiency, which is more suitable for resource-constrained edge computing environment. Experimental results show the algorithm has high security, retrieval accuracy and efficiency.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1471-1483
• /
• 2023

One of the fastest-growing mobile services accessible today is mobile payments. For the safety of this service, the Near Field Communication (NFC) technology is used. However, NFC standard protocol has prioritized transmission rate over authentication feature due to the proximity of communicated devices. Unfortunately, an adversary can exploit this vulnerability with an antenna that can eavesdrop or alter the exchanged messages between NFC-enabled devices. Many researchers have proposed authentication methods for NFC connections to mitigate this challenge. However, the security and privacy of payment transactions remain insufficient. We offer a privacy-preserving, anonymity-based, safe, and efficient authentication protocol to protect users from tracking and replay attacks to guarantee secure transactions. To improve transaction security and, more importantly, to make our protocol lightweight while ensuring privacy, the proposed protocol employs a secure offline session key generation mechanism. Formal security verification is performed to assess the proposed protocol's security strength. When comparing the performance of current protocols, the suggested protocol outperforms the others.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.1
• /
• pp.65-71
• /
• 2012

Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.189-198
• /
• 2009

Mobile RFID system is a next generation technology which combines the existing RFID systems with mobile systems. It is newly expected to provide additional services and will be broadly used in everyday life; however, it sometimes causes the privacy or security problems generated by existing RFID systems and the additional privacy or security problems. Moreover, even if many methods have been proposed to solve those problems, it is still difficult to adapt to reality or to guarantee the security perfectly. Therefore, in this paper, we propose the secure and practicable privacy protection mechanism suitable to mobile RFID systems. proposing mechanism is applicable the mechanism to Private Zone of mobile RFID systems which require to protect the privacy. This mechanism suggests that own tagging-products needed to protect privacy using mobile reader of personal don't provide any information to other readers except their own reader. In addition to, proposing mechanism is the efficient mechanism which largely reduces the process to maintain the synchronization when happen to the DoS attack or system error.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.4
• /
• pp.63-68
• /
• 2010

Mobile devices like iphone, ipad, kindle, and PDA are used as everyday tool. In the mobile environment, smart phones and other mobile units are also used as a tool for protection or infringement of personal information. Therefore, smart monitoring technology is required to protect personal information and privacy. On the other hand, with smart phones and the mobile environment, diverse application technologies are realized on hardware and software platforms. Therefore, this paper designs the network structure that forms privacy trust zone, and based on this, deals with the monitoring and monitoring prevention system with a focus on CCTV, through which this paper proposes a system that provides privacy trust zone information and its utilization which is capable of smart monitoring.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.1
• /
• pp.17-24
• /
• 2023

Mobile apps frequently request permission to access sensitive data for user convenience. However, while using mobile applications, sensitive and personal data has been leaked even if users do not allow it. To deal with this problem, Google App Store has required developers to disclose how the mobile app handles user data in a privacy policy. However, users are not certain that the privacy policy describes all the app's behavior. They have no choice but to rely on the privacy policy to confirm how the app uses data. This study designed a system that checks the reliability of privacy policies by analyzing the privacy policy texts and mobile apps. First, the system extracts and analyzes the privacy policy texts to check which personal data the privacy policy discloses that the mobile apps can collect. After analyzing which data apps can access using android static analysis, we compare both results to analyze the reliability of privacy policies. For the experiment, we collected the APK files and metadata of about 13K android apps registered in the Google Play Store and preprocessed the apps by four conditions. According to the comparison between privacy policies and mobile app behavior, many apps can access more personal data than disclosed in the privacy policy.

• Journal of Information Technology Services
• /
• v.6 no.3
• /
• pp.225-239
• /
• 2007

Mobile service is highly becoming in the limelight on information society by offering infringement problem about individual privacy or information by political and scientific interest This study is focusing on primary LBS application Mobile service that emphasize position confirmation, especially, looking for friends. The aim at this study grasps user productivity factor of LBS application Mobile service, and analyses whether some have relations with value and action determination of LBS application Mobile service. According to result, Mobile service applying position service is supported with usefulness and system quality, adaptedness. On the other hand, Usability and social effect, privacy weren't embossed by leading person. Mobile service applying position service is changed with a person who have experience looking for friend. This study has systematically analysed about LBS application service by leading person

• Journal of Information Processing Systems
• /
• v.15 no.5
• /
• pp.1036-1054
• /
• 2019

Recently, concomitant with a surge in numbers of Internet of Things (IoT) devices with various sensors, mobile crowdsensing (MCS) has provided a new business model for IoT. For example, a person can share road traffic pictures taken with their smartphone via a cloud computing system and the MCS data can provide benefits to other consumers. In this service model, to encourage people to actively engage in sensing activities and to voluntarily share their sensing data, providing appropriate incentives is very important. However, the sensing data from personal devices can be sensitive to privacy, and thus the privacy issue can suppress data sharing. Therefore, the development of an appropriate privacy protection system is essential for successful MCS. In this study, we address this problem due to the conflicting objectives of privacy preservation and incentive payment. We propose a privacy-preserving mechanism that protects identity and location privacy of sensing users through an on-demand incentive payment and group signatures methods. Subsequently, we apply the proposed mechanism to one example of MCS-an intelligent parking system-and demonstrate the feasibility and efficiency of our mechanism through emulation.