Department of Mathematics
Royal Holloway University Of London

Technical report: On User Privacy for Location-based Services

Author: Anand S. Gajparia

Reference: RHUL-MA-2007-7


This thesis investigates user privacy concerns associated with
the use of location based services. We begin by introducing
various privacy schemes relevant to the use of location based

We introduce the notion of constraints, i.e. statements
limiting the use and dis tribution of Location Information
(LI), i.e. data providing information regarding a subject's
location. Constraints can be securely bound to LI, and are
designed to reduce threats to privacy by controlling its
dissemination and use. The various types of constraint which
may be required are also considered. The issues and risks with
the possible use of constraints are discussed, as are possible
solutions to these hazards.

To address some of the problems that have been identified with
the use of constraints, we introduce the notion of an LI
Preference Authority (LIPA). A LIPA is a trusted party which
can examine LI constraints and make decisions about LI
distribution without revealing the constraints to the entity
requesting the LI. This is achieved by encrypting both the LI
and the constraints with a LIPA encryption key, ensuring that
the LI is only revealed at the discretion of the LIPA. We
further show how trusted computing can be used to enhance
privacy for LI. We focus on how the mechanisms in the Trusted
Computing Group specifications can be used to enable the holder
of LI to verify the trustworthiness of a remote host before
transferring the LI to that remote device. This provides
greater assurance to end users that their expressed preferences
for the handling of personal information will be respected.

The model for the control of LI described in this thesis has
close parallels to models controlling the dissemination and use
of other personal information. In particular, Park and Sandhu
have developed a general access control model intended to
address issues such as Digital Rights Management, code
authorisation, and the control of personal data. We show how
our model for LI control fits into this general access control

We present a generic service which allows a device to discover
the location of other devices in ad hoc networks. The
advantages of the service are discussed in several scenarios,
where the reliance on an infrastructure such as GPS satellites
or GSM cellular base stations is not needed. An outline of the
technology which will be needed to realise the service is
given, along with a look at the security issues which surround
the use of this location discovery service.

Finally, we provide conclusions and suggestions for future

Download the full report from this page.

posted 29 June 2007

Department of Mathematics, Royal Holloway, University of London, Egham, Surrey TW20 0EX
Tel/Fax: +44 (0)1784 443093/430766