Skip to main content
SpringerLink
Log in

Security Considerations for a Distributed Location Service

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

Mobile computing, wireless communications, andcheap location tracking and navigation systems have madelocation data a valuable and available commodity formany different kinds of computing applications. However, there are fears that this new wealthof personal location information will lead to newsecurity risks, to the invasion of the privacy of peopleand organizations. In this paper, we discuss security requirements faced by a location service indifferent organizational contexts. We argue thatfine-grained access control requires a symbolic locationmodel over which access control is specified. We outline the salient features of a location servicesupporting such a location model. The two main classicalsecurity models, Lampson's access matrix andBell-LaPadula's security labels, are analyzed with viewto their application to location information. Weargue that those schemes need to be generalized to dealwith multiple targets in order to be applicable tolocation information. Based on the generalized models, we propose a concrete security model forlocation information which protects both personal andorganizational privacy. We have implemented this modelover a prototype implementation of a general location service.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. D. Clark and D. Wilson, A comparison of commercial and military computer security policies, Proceedings of the IEEE Security and Privacy Symposium, pp. 184-194, 1987.

  2. U. Leonhardt and J. Magee, Towards a general location service for mobile environments, Proceedings of the Third International Workshop on Services in Distributed and Networked Environments, Macau, IEEE CS Press, pp. 43-50, June 1996.

    Google Scholar 

  3. C. Dhawan, Mobile Computing: A System Integrator's Handbook, Computer Communications, McGraw-Hill, 1997.

    Google Scholar 

  4. M. Sloman and K. Twidle, Domains: A framework for structuring management policy. In M. Sloman, (ed.), Network and Distributed Systems Management, Addison-Wesley, pp. 433-453, 1994.

  5. M. Moulet and M.-B. Pautet, The GSM System for Mobile Communications, Palaiseau, France, 1992.

  6. M. Spreitzer and M. Theimer, Providing location information in a ubiquitous computing environment, Proceedings of the 14th ACM Symposium on Operating System Principles, Vol. 27 ACM SIGOPS, pp. 270-283, 1993.

    Google Scholar 

  7. M. Rizzo, P. Linington, and I. Utting, Integration of location services in the open distributed offfiice. Technical Report 10-94, University of Kent, Computing Laboratory, Canterbury, United Kingdom 1994.

    Google Scholar 

  8. B. Schilit, N. Adams, and R. Want, Context-aware computing applications, Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications, Santa Cruz, December 1994.

  9. R. Jain and N. Krishnakumar, Service handoffs and virtual mobility for delivery of personal information services to mobile users, Technical Memorandum TM-24696, Bell Communications Research, December 1994.

  10. K. Twidle, Domain services for distributed management, Ph.D. dissertation, Imperial College, Department of Computing, London, United Kingdom, May 1993.

    Google Scholar 

  11. B. W. Lampson, Protection, Proceedings of the Fifth Annual Princeton Conference on Information Science Systems, pp. 437-443, 1971. Reprinted Operating Systems Review, Vol. 8, No. 1, pp. 18-24, 1974.

  12. S. Castano et al., Database Security, Addison-Wesley, 1994.

  13. D. Marriott and M. Sloman, Management policy service for distributed systems, Proceedings of the Third International Workshop on Services in Distributed and Networked Environments, pp. 2-9, Macau, IEEE CS Press. June 1996.

    Google Scholar 

  14. N. Yialelis, Domain-based security for distributed object systems, Ph.D. Thesis, Imperial College, Department of Computing, London, August 1996.

    Google Scholar 

  15. Informix, Inc. Illustra User's Guide, October 1995.

  16. Informix, Inc. 3D Spatial DataBlade Guide, March 1995.

  17. M. Spreitzer and M. Theimer, Scalable, secure, mobile computing with location information, Communications of the ACM, Vol. 36, No. (7), p. 27, 1993.

    Google Scholar 

  18. M. Spreitzer and M. Theimer, Architectural considerations for scalable, secure, mobile computing with location information, Proceedings of the 14th International Conference on Distributed Computing Systems, Poznan, Poland, IEEE CS Press, pp. 29-38, June 1994.

    Google Scholar 

Download references

Authors
  1. Ulf Leonhardt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jeff Magee
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Leonhardt, U., Magee, J. Security Considerations for a Distributed Location Service. Journal of Network and Systems Management 6, 51–70 (1998). https://doi.org/10.1023/A:1018777802208

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1018777802208

Search

Navigation