CERTILOC
Digital CERTIfication service for LOCation information
Researchers
Abstract
The location based services are attracting attention from all the scopes recently. Next years they are supposed to be one of the more important market niches in the mobile communications scope, and one of the most significant promoters of m-commerce. Security is one of the most important features required in the provision of these services; that is why great efforts are being made in order to integrate these services with the security models and mechanisms that are necessary to provide authentication, integrity, confidentiality, access control and non repudiation. Moreover, some security models for location certification have been recently proposed by several researchers. In these models, a trusted third party issues irrefutable electronic evidences about the location of a mobile device or entity by means of creating a signature for this information. The evolution of positioning systems and location services have caused new necessities like the flexibility in the definition of the location policies, the respect to the privacy rights, the independence of the different location technologies, the integration with the current legislation and the use of standard protocols and interfaces of recent development.
The objective of this project is to face these necessities by means of:
- Proposing a new security model for location certification that takes into account the mentioned features. In order to achieve that, we want to integrate in the model the possibility of defining and managing policies of location certification (for example, certification of itineraries) and privacy policies. One of the tasks to be developed during the project is the research of the techniques and mechanisms that allow this policy management. The model will have to be compliant with the existing legislation in electronic signature and personal data protection, as well as the European directives related to privacy and e-commerce. It will be taken into account the use of standard protocols and interfaces developed for location based services.
- Demonstrating the validity and viability of the model by implementing a location certification service which will be integrated with the three selected representative location systems.
Publications
de Fuentes, José María; González-Tablas, Ana Isabel; Ribagorda, Arturo. CERTILOC: Implementation of a Spatial-Temporal Certification Service Compatible with Several Localization Technologies. 2008 Third International Conference on Availability, Reliability and Security.
Ramos, Benjamín; González-Tablas, Ana Isabel; Ribagorda, Arturo. Mecanismo de No Repudio para el Comercio Electrónico basado en Servicios de Localización. TEXTOS de la CiberSociedad.
González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo. Guaranteeing the authenticity of location information. IEEE Pervasive Computing. IEEE.
González-Tablas, Ana Isabel; de Fuentes, José María; Calvo, JC; Orfila, Agustín; Gallo, J; Patter, J. CERTILOC: Análisis y diseño de un servicio de certificación espacio-temporal respetuoso con la privacidad. CEDI'07.
Ramos, Benjamín; González-Tablas, Ana Isabel; Ribagorda, Arturo. Comercio Electrónico basado en Servicios de Localización. Servicio de No Repudio. CISTI.
González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo. Spatial-temporal certification framework and extension of X. 509 attribute certificate framework and SAML standard to support spatial-temporal certificates. European Public Key Infrastructure Workshop.
González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo; Tapiador, Juan. Mecanismo de certificación espacio-temporal basado en el estándar SAML. IX Reunión Española de Criptología y Seguridad de la Información (RECSI 2006).
Ramos, Benjamín; González-Tablas, Ana Isabel; Ribagorda, Arturo; Hernández Castro, Julio César. Legislación, ética y seguridad para la preservación de la privacidad de la información espacio-temporal (PIET). Conferencia Ibérica de sistemas y tecnologías de la información (CISTI 2006).
Mitre, Hugo; González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo. A legal ontology to support privacy preservation in location-based services. Lectures notes in computer science.
González-Tablas, Ana Isabel; Kursawe, Klaus; Ramos, Benjamín; Ribagorda, Arturo. Survey on location authentication protocols and spatial-temporal attestation services. International Conference on Embedded and Ubiquitous Computing.
González-Tablas, Ana Isabel; Salas, LM; Ramos, Benjamín; Ribagorda, Arturo. Providing personalization and automation to spatial-temporal stamping services. Database and Expert Systems Applications, 2005. Proceedings. Sixteenth International Workshop on.
González-Tablas, Ana Isabel; Wouters, Karel. Integrating XML linked time-stamps in OASIS digital signature services. Lecture notes in computer science. Springer-Verlag.
González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo. Protocolos de sellado espacio-temporal: Mejorando su precisión y disminuyendo el nivel de confianza requerido. Tercer Congreso Iberoamericano de Seguridad Informatica (CIBSI '05).
González-Tablas, Ana Isabel. Arquitectura y mecanismos para la provision de servicios de acreditacion y sellado espacio temporal.
González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo. Hacia una Caracterización de los Servicios de Datación Digital con respecto a otros Servicios de Terceros de Confianza. RECSI 2004.
González-Tablas, Ana Isabel; Ramos, Benjamín; Ribagorda, Arturo. Hacia una caracterización de los servicios de datación digital con respecto a otros servicios de terceros de confianza. Avances en criptología y seguridad de la información.
