Mobile Location-Based Services (LBS) have raised privacy concerns amongst mobile phone users who may need to supply their identity and location information to untrustworthy third parties in order to access these applications. Widespread acceptance of such services may therefore depend on how privacy sensitive information will be handled in order to restore users' confidence in what could become the "killer app" of 3G networks. In this paper, we present a proxy-based public key infrastructure that allows LBS mobile users to shield their identities using pseudonyms and protect their communications using mediated identity-based encryption. In particular, we propose the first identity-based signature scheme applicable in a mediated environment. Furthermore, we introduce a process whereby a mobile user is only required to own one private key in order to protect her communications when accessing LBS under different pseudonyms. The identity-based character of the PKI simplifies significantly key management by removing the need for digital certificates. Its mediated architecture makes key revocation easier and more efficient as it allows for instant revocation of security capabilities.
展开▼
