Abstract
Reliable location estimation has been a key enabler of many applications in the UbiComp space. Much progress has been made on the development of accurate of indoor location systems, which form the foundation of many interesting applications, particularly in consumer scenarios. However, many location-based applications in enterprise settings also require addressing another facet of reliability: assurance. Without having strong guarantees of a location estimate’s legitimacy, stakeholders must explicitly balance the advantages offered with the risks of falsification. In this space, there are two key threats: replay attacks, where signal and sensor information is collected in one location and replayed in another to falsify a location estimation later in time; and wormhole attacks, where signal and sensor information is forwarded to a remote location by a colluding device to falsify location estimation in real-time. In this work, we improve upon the state of the art in wormhole-resistant location estimation techniques. Specifically, we present the Location Anchor, which leverages a combination of technical solutions and social contracts to provide high-assurance proofs of device location that are resistant to wormhole attacks. Unlike existing work, the Location Anchor has minimal hardware costs, supports a rich tapestry of applications, and is compatible with commodity smartphone and tablet platforms. We show that the Location Anchor can extend existing replay-resistant location systems into wormhole-resistant location systems, even in the face of very aggressive attacker assumptions. We describe the protocols underlying the Location Anchor, as well as report on the efficacy of a prototype implementation.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Are estimote beacons secure? How does secure UUID work? https://community.estimote.com/hc/en-us/articles/201371053. Accessed 24 Oct 2017
Arthur W, Challener D (2015) A practical guide to TPM 2.0: using the trusted platform module in the new age of security. Apress, New York
Bahl P, Padmanabhan VN (2000) RADAR: an in-building RF-based user location and tracking system. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOMM ‘00). Proceedings IEEE 2(2000):775–784
Biehl JT, Cooper M, Filby G, Kratz S (2014) LoCo: a ready-to-deploy framework for efficient room localization using Wi-Fi, Proceedings of the 2014 ACM international joint conference on pervasive and ubiquitous computing. Seattle, Washington. https://doi.org/10.1145/2632048.2636083
Biehl JT, Lee AJ, Filby G, Cooper M (2015) You’re where? prove it!: towards trusted indoor location estimation of mobile devices. In Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp '15). ACM, New York, pp 909–919. https://doi.org/10.1145/2750858.2804284
Bolliger P (2008) Redpin - adaptive, zero-configuration indoor localization through user collaboration, Proceedings of the first ACM international workshop on Mobile entity localization and tracking in GPS-less environments, San Francisco, California, USA. https://doi.org/10.1145/1410012.1410025
Carbunar B, Sion R, Potharaju R, Ehsa M (2012) The shy mayor: private badges in GeoSocial networks. Applied Cryptography and Network Security. Lecture notes in computer science, 7341. Springer, Berlin. https://doi.org/10.1007/978-3-642-31284-7_26
Fan M, Liu Q, Tang H, Chiu P (2014) HiFi: hide and find digital content associated with physical objects via coded light. Proceedings of the 15th Workshop on Mobile Computing Systems and Applications, 1-6, Santa Barbara, California. https://doi.org/10.1145/2565585.2565587
El-Khoribi RA, Hamza HS, Hammad MA (2013) Indoor localization and tracking using posterior state distribution of hidden Markov model. Proceedings of the 8th International ICST Conference on Communications and Networking in China (CHINACOM ‘13). IEEE, Guilin. https://doi.org/10.1109/ChinaCom.2013.6694657
Harter A, Hopper A, Steggles P, Ward A, Webster P (2002) The anatomy of a context-aware application. Wirel Netw 8(2/3 (March–May 2002)):187–197. https://doi.org/10.1023/A:1013767926256
Hightower J, Want R, Borriello G (2000) SpotON: an indoor 3D location sensing technology based on RF signal strength, Tech. Rep. UW CSE 00–02-02. University of Washington, Department of Computer Science and Engineering, Seattle
Hu Y-C, Perrig A, Johnson DB (2003) Packet leashes: a defense against wormhole attacks in wireless networks. In Proceedings of the Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM ‘03). IEEE, San Francisco. https://doi.org/10.1109/INFCOM.2003.1209219
iBeacon for Developers. https://developer.apple.com/ibeacon/. Accessed 24 Oct 2017
Inatomi Y, Hong J, Ohtsuki T (2013) Hidden Markov model based localization using array antenna. Int J Wireless Inf Networks 20:246–255. https://doi.org/10.1007/s10776-013-0211-y
Kontakt.io Beacon Security. https://kontakt.io/products-and-solutions/complete-beacon-security/. Accessed 24 Oct 2017
Luo W, Hengartner U (2010) Proving your location without giving up your privacy. In: Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications (HotMobile '10). ACM, New York, pp 7–12. https://doi.org/10.1145/1734583.1734586
Manweiler J, Scudellari R, Cox LP (2009) SMILE: encounter-based trust for mobile social services. In: Proceedings of the 16th ACM conference on Computer and communications security (CCS '09). ACM, New York, pp 246–255. https://doi.org/10.1145/1653662.1653692
Moors T, Mei M, Salim A (2008) Using short-range communication to control mobile device functionality. Pers Ubiquit Comput 12(1 (January 2008)):11–18. https://doi.org/10.1007/s00779-006-0124-1
Polakis I, Volanis S, Athanasopoulos E, Markatos EP (2013) The man who was there: validating check-ins in location-based services. In: Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC '13). ACM, New York, pp 19–28. https://doi.org/10.1145/2523649.2523653
Portnoi M, Shen C-C (2015) Loc-auth: location-enabled authentication through attribute-based encryption. In: International Conference on Computing, Networking and Communications (ICNC 2015). https://doi.org/10.1109/ICCNC.2015.7069321
Saroiu S, Wolman A (2009) Enabling new mobile applications with location proofs, Proceedings of the 10th workshop on Mobile Computing Systems and Applications, 1-6. Santa Cruz, California. https://doi.org/10.1145/1514411.1514414
Yang D, Zhang D, Qu B, Cudré-Mauroux P (2016) PrivCheck: privacy-preserving check-in data publishing for personalized location based services. In: Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp '16). ACM, New York, pp 545–556. https://doi.org/10.1145/2971648.2971685
Whisper Mode. Application Note. https://assets.lairdtech.com/home/brandworld/files/Application%20Note%20-%20BL600%20Whisper%20Mode.pdf. Accessed 24 Oct 2017
Woo J, Kim Y-j, Lee J-o, Lim M-t (2006) Localization of mobile robot using particle filter. In: Proceedings of the SICE-ICASE International Joint Conference. IEEE, Busan. https://doi.org/10.1109/SICE.2006.315151
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Biehl, J.T., Lee, A.J. & Filby, G. Anchor of trust: towards collusion-resistant trusted indoor location for enterprise and industrial use. Pers Ubiquit Comput 24, 551–569 (2020). https://doi.org/10.1007/s00779-019-01220-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00779-019-01220-5