Loading…

A Cryptographic Protocol for Efficient Mutual Location Privacy Through Outsourcing in Indoor Wi-Fi Localization

Digital services and applications are increasingly requiring location information from users to provide personalized services. However, disclosing one's location introduces significant privacy risks, as location traces are highly unique and can be used to infer additional sensitive data. While...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security 2024, Vol.19, p.4086-4099
Main Authors: Eshun, Samuel N., Palmieri, Paolo
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Digital services and applications are increasingly requiring location information from users to provide personalized services. However, disclosing one's location introduces significant privacy risks, as location traces are highly unique and can be used to infer additional sensitive data. While location-based services were once restricted to outdoor spaces, given the lack of GPS signal indoors, a growing number of applications rely on Wi-Fi to provide indoor localization. Indoor localization can impact privacy to an even greater degree, as most of our daily activities occur indoors. Therefore, several indoor privacy protocols have been proposed, focusing on protecting the user's location. However, the problem of mutual location privacy, that is, the protection of both the user's privacy and the service provider's location database, has not been addressed, particularly against malicious (active) adversaries. In addressing this gap, this paper presents an efficient and privacy-preserving cryptographic protocol for indoor localization. Our protocol hides the user's location, while also protecting the service provider's location map and areas of interest against malicious users. Furthermore, the protocol outsources most of the user-side heavy computation to a third-party cloud server, which does not need to be trusted by the parties as it remains oblivious to both user's location and the provider's database throughout the computations. Compared to leading solutions in the literature, including Eshun and Palmieri (2019) and Li et al. (2014), our protocol is the first to provide security against malicious users. Additionally, it significantly reduces the user computation and communication overhead (of up to 99%), making it potentially the first practicable scheme in resource-constrained mobile and IoT environments.
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2024.3372805