Raluca Ada Popa, Hari Balakrishnan, Andrew Blumberg
18th USENIX Security Symposium, Montreal, Canada, August 2009
A variety of location-based vehicular services are currently being woven into the national transportation infrastructure in many countries. These include usage- or congestion-based road pricing, traffic law enforcement, traffic monitoring, "pay-as-you-go" insurance, and vehicle safety systems. Although such applications promise clear benefits, there are significant potential violations of the location privacy of drivers under standard implementations (i.e., GPS monitoring of cars as they drive, surveillance cameras, and toll transponders).
In this paper, we develop and evaluate VPriv, a system that
can be used by several such applications without violating the
location privacy of drivers. The starting point is the observation
that in many applications, some centralized server needs to compute
a function of a user's path---a list of time-position
tuples. VPriv provides two components: 1) the first practical
protocol to compute path functions for various kinds of tolling,
speed and delay estimation, and insurance calculations in a way that
does not reveal anything more than the result of the function to the
server, and 2) an out-of-band enforcement mechanism using random
spot checks that allows the server and application to handle
misbehaving users. Our implementation and experimental
evaluation of VPriv shows that a modest infrastructure of a few
multi-core PCs can easily serve 1 million cars.
Using analysis and simulation based on real vehicular data collected
over one year from the CarTel project's testbed of 27 taxis running in the Boston area, we demonstrate that VPriv is resistant to a range of possible
attacks.
[PDF (388KB)]
Bibtex Entry:
@inproceedings{popa2009vpriv,
author = "Raluca Ada Popa and Hari Balakrishnan and Andrew Blumberg",
title = "{VPriv: Protecting Privacy in Location-Based Vehicular Services}",
booktitle = {18th USENIX Security Symposium},
year = {2009},
month = {August},
address = {Montreal, Canada}
}