SUCAS: An Architecture for Secure User Centric Attestation in Location-based Services

Yap, Lee Fueng; Yashiro, Takeshi; Bessho, Masahiro; Usaka, Tomonori; Khan, M. Fahim Ferdous; Koshizuka, Noboru; Satoh, Ken

doi:10.1109/socialcom.2010.117

Cited by 2 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first context uses trusted SoC (e.g., Trusted Platform Module) to generate location proofs in end devices. Yap et al proposed a secure user-centric attestation service protocol that generates location evidence using a tamper-resistant device [42]. Liu et al proposed software abstraction on x86 and ARM architectures to offer trusted readings from GPS sensors to mobile applications [23].…”

Section: Related Workmentioning

confidence: 99%

Assuring Spatio-Temporal Integrity on Mobile Devices with Minimum Location Disclosure

Chen

et al. 2017

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

Since the boom of smartphones and location-based services, spatio-temporal data (i.e., user locations with timestamps) have become increasingly essential in many real-life applications. To ensure these data are faithfully extracted from the underlying location tracking hardware and not altered by any malicious party or the user himself/herself, integrity assurance schemes such as digital signatures or message authentication codes (MAC) must be adopted. However, these conventional schemes disclose to the verifier the complete plaintext location and thus jeopardize users' privacy. In this paper, we propose an integrity assurance scheme with minimum location disclosure. That is, the granule of the disclosed location is just small enough to prove the user is/has been to a certain place, and the verifier cannot learn anything beyond it. To this end, we propose a new MAC scheme called Prefix-verifiable MAC (PMAC), based on which we design indexes and protocols to authenticate both spatial and spatio-temporal predicates. Security analysis and experimental results show our scheme is both secure and efficient for practical use.

show abstract

Section: Related Workmentioning

confidence: 99%

Assuring Spatio-Temporal Integrity on Mobile Devices with Minimum Location Disclosure

Chen

et al. 2017

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

show abstract

“…COIS purports the design of integrated, secure and consumer-oriented costumer services that map consumer's online and offline shopping activities. The fundamental element of COIS is the digital receipts generated by SUCAS [7] using the eTRON tamper-resistant device. The digital receipts represent the proof of purchase consumer obtained from the retailer through either online or in-store shopping.…”

Section: Consumer Integrated Servicesmentioning

confidence: 99%

“…The generated digital receipts are non-forgeable. The security and integrity of SUCAS architecture has been verified with Japanese Subway Transportation System's delay certificate application [7]. Warranty cards, review coupons and vouchers known as the derivative documents are generated based on the content of the digital receipts.…”

Section: Consumer Integrated Servicesmentioning

confidence: 99%

“…This paper looks at providing a secure Consumer-Oriented Integrated Services (COIS) using activity-based attestation for consumer who buys from both online and physical stores managed by the same company. The activity-based attestation function is provided by the digital receipt application built based on the Secure User-Centric Attestation Service architecture (SUCAS) [7] that uses the eTRON tamper-resistant solution [8] for digital receipts generation and storage. The activity-based attestation works by verifying a consumer's action i.e., proves that the consumer has purchased a product from a retailer.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Secure Consumer-Oriented Integrated Services Using Activity-Based Attestation for Converging Online and In-Store Shopping ExperienceSecure Consumer-Oriented Integrated Services Using Activity-Based Attestation for Converging Online and In-Store Shopping Experience

Yap¹,

Bessho²,

Usaka³

et al. 2012

IJCTE

Self Cite

View full text Add to dashboard Cite

There has been an increasing number of consumers who engage in both online and in-store shopping in the recent years. However, little research has been done in providing integrated services to this group of consumers. We present the design of secure Consumer-Oriented Integrated Services (COIS) framework using activity-based attestation to converge customer services of both shopping modes. It offers consumers ease of use and privacy protection in managing receipts, products' warranty cards, coupons and vouchers. The activity-based attestation works by verifying a consumer's action i.e., proves that the consumer has purchased a product from a retailer. COIS also enhances the trust of user generated content for product review site by implementing access control mechanism via coupon system derived from the activity-based attestation. A prototype was built for evaluating the proposed framework. The evaluation results and analysis indicate that the proposed framework is capable of providing integrated services to the consumers, protecting their privacy and enhancing the trust of product review site's content.

show abstract

SUCAS: An Architecture for Secure User Centric Attestation in Location-based Services

Cited by 2 publications

References 12 publications

Assuring Spatio-Temporal Integrity on Mobile Devices with Minimum Location Disclosure

Assuring Spatio-Temporal Integrity on Mobile Devices with Minimum Location Disclosure

Secure Consumer-Oriented Integrated Services Using Activity-Based Attestation for Converging Online and In-Store Shopping ExperienceSecure Consumer-Oriented Integrated Services Using Activity-Based Attestation for Converging Online and In-Store Shopping Experience

Contact Info

Product

Resources

About