Lecture Notes in Computer Science 5185

More documents

Recommendations

Info

198 W. Brandi, M.S. Olivier, and A. Zugenmaier coordinates or the actual distances between the bidders at all. Cooperation from the service providers is imperative in this case. The rest of this paper is structured on the following two scenarios: Collaborating service providers - in this scenario cellular service providers are willing to collaborate with one another in addition to the trading system. It is their responsibility to safeguard the privacy of each of their patrons. As a result the geographical coordinates of each patron must be protected from other service providers; this includes third parties the likes of a trading system. Uncooperative service providers - it may be the case that cellular service providers are not interested in the overhead incurred when collaborating with other parties. They will provide the geographical coordinates of their users (provided that each user has given consent) and the onus will then fall upon the trading system to safeguard the privacy of the user. 4 Collaborating Service Providers The problem being dealt with in this paper can be summarised as follows: there are three parties involved of which two are cellular service providers and one is a trading system. The trading system simply wants to determine the distance between two cellular phones (where each phone belongs to one of the service providers). How does the trading system determine the distance between the phones by not infringing on the privacy of the phone holder? In this section we discuss solutions that safeguard the privacy of the cell phone holders through collaborating service providers. By collaborating with one another, the trading system (and any other party for that matter) is able to perform its necessary calculations without exposing the coordinates of any user at any time. 4.1 Solution I - Calculating Distance The ideal solution to this problem has the coordinates of a user protected not only from the trading system but from collaborating service providers as well. In solving the problem, neither of the parties involved must be able to infer any of the coordinates held by either service provider. Using the SMC distance measurement technique proposed by Li and Dai [11], at least one of the service providers will know the distance between the two patrons. In following this protocol, neither of the two service providers will know anything other than the geographical coordinates of their patron and the computed distance to the other service provider’s coordinates. Two problems are immediately apparent: (1) what can be inferred by knowing the distance in addition to knowing only one of the coordinates and (2) how does each service provider refer to the geographical coordinates of a different service provider’s coordinates over a period of time?
Preservation of Privacy in Thwarting the Ballot Stuffing Scheme 199 The latter problem applies to the trading system and is more of an implementation issue. Fortunately, it is easily solved in the form of a ticketing system. Details handed out by the service provider may include the coordinates in addition to a unique identifier (the ticket) that may be used to look up the associated coordinate at a later stage, for example, the coordinates for the cell phone u1 may be released by the service provider in the form (x, y, t1). At a later stage the (x, y) coordinates may be retrieved using only the ticket t1. The former problem has the potential to be far more serious. In calculating the distance from a patron of Service Provider 1 (SP1) to a patron of Service Provider 2 (SP2), the service provider now has a basis from which to start inferring exactly where the patron of SP2 might be. Initially, there may be too many possibilities from which to draw a meaningful conclusion, i.e., the cell phone holder could be located on any point on the circumference of a circle with a radius of n kilometers. However, if SP1 applies the knowledge of its patron’s coordinates in addition to domain specific knowledge it may have regarding SP2 it may be in a position to make far better decisions as to where SP2 might be. 4.2 Solution II - Comparing Distance In the previous section we discuss the implications of privately calculating the distance from one service provider’s patron to another. Unfortunately, knowing the distance to another service provider’s coordinates in addition to one’s own coordinates can be used to launch a privacy attack. Fortunately, the privacy-preserving distance measurement protocol developed by Yonglong et al [12] allows two parties to compute the distance from two points without either of the parties actually knowing what the distance is. Essentially, the two parties are left with a result that can be used to compare the distance to something else. The authors discuss a point inclusion problem which is closely related to the problem discussed in this paper. Alice and Bob want to determine if Alice’s point p(x0,y0) falls within Bob’s circle C :(x − a) 2 +(y − b) 2 = r 2 . As is always the case in these examples, Alice and Bob do not want to share their data with one another. In protocol 4 of their paper (point-inclusion), Yonglong et al describe a technique whereby Bob and Alice collaborate with one another to determine if Alice’s point falls within Bob’s circle. The process consists of two steps. In the first step they use the technique developed in protocol 3 (two dimensional Euclidean distance measure protocol) which leaves Alice with s = n + v where n is the actual distance from the center of Bob’s circle to Alice’s point and v is a random variable known only to Bob. The two parties then use the millionaire protocol to compare variants of s in order to establish whether or not Alice’s point is within Bob’s circle. This example is important because no coordinates were shared between the two parties. In addition to this, the distance between the two points (n)wascompared to r using a protocol where neither party knew n and only one party knew r. By extending the problem discussed in this paper from a distance problem to
Page 1 and 2:
Lecture Notes in Computer Science 5
Page 3 and 4:
Volume Editors Steven Furnell Unive
Page 5 and 6:
Program Committee General Chairpers
Page 7 and 8:
Invited Lecture Table of Contents B
Page 9 and 10:
Biometrics - How to Put to Use and
Page 11 and 12:
Biometrics-HowtoPuttoUseandHowNotat
Page 13 and 14:
Biometrics-HowtoPuttoUseandHowNotat
Page 15 and 16:
7 Outlook Biometrics-HowtoPuttoUsea
Page 17 and 18:
A Map of Trust between Trading Part
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Implementation of a TCG-Based Trust
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
A Model for Trust Metrics Analysis
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Patterns and Pattern Diagrams for A
Page 49 and 50:
Page 51 and 52:
Policy Model AC model Patterns and
Page 53 and 54:
Broker Investor Doctor Patient 1
Page 55 and 56:
Page 57 and 58:
A Spatio-temporal Access Control Mo
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
A Mechanism for Ensuring the Validi
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Multilateral Secure Cross-Community
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Fairness Emergence through Simple R
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Combining Trust and Reputation Mana
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Controlling Usage in Business Proce
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
A Semantics Rules for POLPA-Control
Page 125 and 126:
Page 127 and 128:
Spatiotemporal Connectives for Secu
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
5.2 Expressiveness Spatiotemporal C
Page 135 and 136:
Acknowledgement Spatiotemporal Conn
Page 137 and 138:
BusiROLE: A Model for Integrating B
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
The Problem of False Alarms: Evalua
Page 149 and 150:
The Problem of False Alarms 141 pro
Page 151 and 152:
The Problem of False Alarms 143 To
Page 153 and 154:
The Problem of False Alarms 145 mad
Page 155 and 156: The Problem of False Alarms 147 Des
Page 157 and 158: The Problem of False Alarms 149 3.
Page 159 and 160: A Generic Intrusion Detection Game
Page 171 and 172: On the Design Dilemma in Dining Cry
Page 181 and 182: Obligations: Building a Bridge betw
Page 193 and 194: A User-Centric Protocol for Conditi
Page 199 and 200: Identity Escrow: A User-Centric Pro
Page 203 and 204: Preservation of Privacy in Thwartin
Page 205: Preservation of Privacy in Thwartin
Page 213: Agudo, Isaac 28 Aich, Subhendu 118
show all

Lecture Notes in Computer Science 5185

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?