1 / 22

Koi : A Location-Privacy Platform for Smartphone Apps

Koi : A Location-Privacy Platform for Smartphone Apps. Presented by : Ahmed Qaid. Saikat Guha Mudit Jain Venkata N. Padmanabham. Outline. Koi Motivations Koi Goals and Assumptions How Koi works ? Design ,protocol components Implementation - LB applications Experiments Results

whitby
Download Presentation

Koi : A Location-Privacy Platform for Smartphone Apps

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Koi: A Location-Privacy Platform for Smartphone Apps Presented by : Ahmed Qaid • SaikatGuhaMudit Jain Venkata N. Padmanabham

  2. Outline • Koi Motivations • Koi Goals and Assumptions • How Koi works ? Design ,protocol components • Implementation - LB applications • Experiments Results • Conclusion

  3. Location Based Services (LBS) GPS  location-based applications  LBS Search for nearest Gas Station Third party LBS Application Lookup lat-long OS • Problems / Koi Motivation • Information leak to Third parties • Hard job to App developer (low- level) lat-long GPS Smart Phone

  4. Koi Key Idea What about Matching instead of lookup Search for nearest Gas Station Third party LBS Application Event of interest Notify OS • Benefits • No Information leak to Third parties • Easy job to App developer lat-long GPS Smart Phone

  5. Koi Goal Provide location functionality to applications that need it while ensuring that no third party can link between a user’s identity and their location. Assumptions • Location or other attribute are not sensitive. • linkagebetween the user identity and the attribute are sensitive • The matcher and the combiner are assumed to be non-colluding with each other. • Honest-but-curious attacker model for each of the matcher and the combiner. • Non Goals • Prevent a malicious application from leaking a user’s location information.

  6. Koi design overview Koiplatform consist of 2 components • Phone agent /mobile component ( Platform API) • Apps register and update items and triggers ( both have attributes ) • Cloud component (Privacy-Preserving Matching Service) - Matcher & Combiner Application Kio Cloud component Matcher and Combiner OS \ koi agent lat-long Item example : business name Quick Trip Item attribute : Gas , Gas Station ..etc GPS Trigger example : looking for Gas Station ( Query) Trigger attribute : Gas Station Call Back ( content ) -- item such as Name Platform API

  7. How Does Koiwork ? Koi protocol consist of 3 parts: • Registration – App  Agent  Matcher • Matching – in the Combiner • Combining – Matcher  Agent notify  App

  8. Koi agent Gas Station advertise Quick Trip Kio Cloud component Matcher and Combiner Application Register Item OS \ koi agent • I = CreateItem(“Quick Trip” , TTL) • I.AddAttr(“Gas Station”) • I.addLocAttr(“l 3933 West 13th St N, Wichita, KS”) lat-long GPS

  9. Koi Cloud component ( Registration item ) R2A R2U A2R T2A Combiner Matcher A2T M’’ = Enc [Enc ( atr1 , Master pk)], Combiner pk ] M’’ = Enc [Enc ( atr2 , Master pk)], Combiner pk ] Gas Station

  10. Koi mobile component Location is a special attribution (OS) Search for nearest Gas Station Kio Cloud component Matcher and Combiner Application Register trigger (call back) OS \ koi agent • T = CreateTrigger( callback , TTL) • T.AddAttr(“Gas Station”) • T.addLocAttr(“loc:self ” ,True) lat-long GPS Smart Phone

  11. Cloud component ( Registration trigger ) Combiner Matcher M’’ = Enc [Enc ( atr1 , Master pk)], Combiner pk ] M’’ = Enc [Enc ( atr2 , Master pk)], Combiner pk ] Alice

  12. Cloud component ( Matching /Combining ) R2A R2U T2A A2T Combiner Matcher Notify Nearest Gas station is Callback.Notify (Alice)

  13. Implementation - KoiApplications • Private Mobile Social Network Application. (friends near by) • Users pick random key ( profile data) • OS update location , trigger is set up for each friend • Turn-by-turn Directions Application • - Problem with a route ! Form A to B • Fix : • User allow OS update location • Register Triggers for all possible directions • Matcher decide which direction to take

  14. KoiExperiment Setup • One core of a 3 GHz dual-core machine with 4 GB RAM • The Matcher and Combiner share one core • Second core is used by the benchmarking process. • ( Macro and Micro ) benchmarks for evaluating Kio. • Macro : 1 core can handle mobile advertisement application easily. • Micro : ( stress Kio implementation to its limits) • Registration • Matching • Combining

  15. Koiexperiment Results - Matching Number of matching queries processed successfully per second (qps) • Total attribute match = [ items x attributes] • 1000 item with 1 attribute = 100 items with 10 attributes ( x –axis) • The mean query throughput processing 100K request (Y –axis) • Results on 100k requests • 12k matchesper second , bottleneck is connection throughput of HTTP. • End-to-end performance reaches its peak as long as the average number of matching attributes (per request) is below 100. • Same results with Combining

  16. Koiexperiment Results - Registration Number of registration requests processed per second (qps) Results on100k registration requests End-to-end performance reaches its peak as long as the average number of matching attributes (per request) is below 50. bottleneck here is double HTTP is required for registration.

  17. Model Koi • Used ProVerif • Honest-but-curious Results of ProVerif: • Honest-but-curious Matcher or Combiner • Can not link a user with an attribute. ( Attr are encrypted). • Attribute can not be linked to find a user ( AttrID for ach attribute). • If Matcher and Combiner collude , then privacy is compromised.

  18. KoiPrivacy Concerns • Malicious applications Weak :Limit the number of trigger registration from an application • Collusion between Matcher & Combiner Depend on public trust

  19. Conclusion • Koiprovides a new locating-based Platform that provides privacy (linkage) with a simple idea. • Moreover , it helps location based application developers.

  20. Questions !

  21. References • Kio : A Location-privacy Platform for Smartphone Apps, SaikatGuha, Mudit Jain, VenkataPadmanabhan, NSDI, 2012. • http://research.microsoft.com/en-us/um/people/saikat/pub/nsdi12-koi-talk.pdf  

More Related