Using Middleware as a Certifying Authority in LBS Applications

  • Priti Jagwani
  • Shivendra Tiwari
  • Saroj Kaushik
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7108)


The trusted middleware is the most commonly used solution to address the location privacy in location based services as generally such service providers are un-trusted entities that can be adversary attack sensitive points. The authors proposed an alternative solution which helps in avoiding a bottleneck in the existing system in terms of performance and availability as the entire client’s service transactions are routed through the middleware to the actual Location Based Service Providers (LSP). In the proposed solution, the client and the LSPs can directly communicate with the same level of location security, privacy and anonymity. The trusted middleware is used as certifying authority that generates authentication certificates which contains the Proxy Identity (also called Pseudonyms), and the services subscribed with validity period. The encrypted certificate fulfills the authentication requirements at the LSP servers. In this paper we are reporting the implementation of the proposed system as a proof of concept using Struts Technology of Java. While evaluating the system features such as response time, delay, drop rate etc., the Google Map’s location services and the internet browser have been considered as a service provider and client respectively. Performance analysis of our solution and that of prevalent architecture is done using Packmime model for http traffic generation of NS2 (Network Simulator 2) tool. The comparative graphs of the simulation results show that the proposed solution is better in terms of throughput, response time, drop rate and scalability in comparison to the existing middleware architectures in which the request response is every time routed through middleware, thus increasing the overheads.


Location Based Services (LBS) Trusted Middleware Information Security Authorization Pseudonyms Location Based Service Provider (LSP) Location Privacy NS2 Middleware Performance Analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lioudakis, G.V., et al.: A Middleware architecture for privacy protection. The International Journal of Computer and Telecommunications Networking 51(16), 4679–4696 (2007)zbMATHGoogle Scholar
  2. 2.
    Ardagna, C., Cremonini, M., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: New Approaches for Security, Privacy and Trust in Complex Environments. In: Venter, H., Eloff, M., Lahuschagne, L., Eloff, J., von Solms, R. (eds.). IFIP, vol. 232, pp. 313–324. Springer, Boston (2007)Google Scholar
  3. 3.
    The European Opinion Research Group. European Union citizens’ views about privacy: Special Eurobarometer 196 (December 2003)Google Scholar
  4. 4.
    Ardagna, C.A., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: Access Control in Location-Based Services. In: Bettini, C., Jajodia, S., Samarati, P., Wang, X.S. (eds.) Privacy in Location-Based Applications. LNCS, vol. 5599, pp. 106–126. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Mohan, A., Blough, D.M.: An attribute-based authorization policy framework with dynamic conflict resolution. In: Proceedings of the 9th Symposium on Identity and Trust on the Internet. ACM International Conference Proceeding Series, pp. 37–50 (2010)Google Scholar
  6. 6.
    Hauser, C., et al.: Privacy and Security in Location-Based Systems With Spatial Models. Institute of Communication Networks and Computer Engineering University of Stuttgart, Germany (2002) Google Scholar
  7. 7.
    Chen, Y., Yang, J., He, F.: A Trusted Infrastructure for Facilitating Access Control. IEEE, Los Alamitos (2008); 978-1-4244-2677-5/08/ 2008Google Scholar
  8. 8.
    Hohenberger, S., Weis, S.A.: Honest-verifier private disjointness testing without random oracles. In: Proceedings of the 6th Workshop on Privacy Enhancing Technologies, pp. 265–284 (June 2006)Google Scholar
  9. 9.
    Hauser, C., Kabatnik, M.: Towards Privacy Support in a Global Location Service. In: Proceedings of the WATM/EUNICE (2001)Google Scholar
  10. 10.
    Schiller, J., et al.: Location-Based Services, vol. 16, pp. 91–96. Morgan Kaufmann Publishers, San Francisco (2005); ISBN: 1-55860-929-6Google Scholar
  11. 11.
    Kin, Y.W.: NAN: Near-me Area Network. In: IEEE Internet Computing. IEEE computer Society Digital Library. IEEE Computer Society, Los Alamitos (2010)Google Scholar
  12. 12.
    Hua, W., et al.: Ticket-based Service Access scheme for Mobile Users. In: ACSC 2002 Proceedings of the Twenty-fifth Australasian Conference on Computer Science, vol. 4 (2002); SBN:0-909925-82-8Google Scholar
  13. 13.
    John, B., et al.: Method for Generating Digital Fingerprint Using Pseudo Random Number Code. International Patent WO 2008/094725 A1 Google Scholar
  14. 14.
    Hauser, C., et al.: Privacy and Security in Location-Based Systems With Spatial Models. Institute of Communication Networks and Computer Engineering University of Stuttgart, GermanyGoogle Scholar
  15. 15.
    Duckham, M., Kulik, L.: A Formal Model of Obfuscation and Negotiation for Location Privacy. In: Gellersen, H.-W., Want, R., Schmidt, A. (eds.) PERVASIVE 2005. LNCS, vol. 3468, pp. 152–170. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Gedik, B., Liu, L.: A Customizable k-Anonymity Model for Protecting Location Privacy. In: ICDCS 2005 (2005)Google Scholar
  17. 17.
    Magkos, E., et al.: A Distributed Privacy-Preserving Scheme for Location-Based Queries. In: Proceedings of the 2010 IEEE International Symposium on A World of Wireless, Mobile and Multimedia Networks, WoWMoM (2010)Google Scholar
  18. 18.
    Hengartner, U.: Hiding Location Information from Location-Based Services. IEEE, Los Alamitos (2007); 1-4244-1241-2/07CrossRefGoogle Scholar
  19. 19.
  20. 20.
    Kaushik, S., Tiwari, S., Goplani, P.: Reducing Dependency on Middleware for Pull Based Active Services in LBS Systems. In: Senac, O., Ott, M., Seneviratne, A. (eds.) ICWCA 2011. LNICST, vol. 72, pp. 90–106 (2011)Google Scholar
  21. 21.

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Priti Jagwani
    • 1
  • Shivendra Tiwari
    • 2
  • Saroj Kaushik
    • 2
  1. 1.School of Information TechnologyIndian Institute of TechnologyNew DelhiIndia
  2. 2.Dept. of Computer Science and Engg.Indian Institute of TechnologyNew DelhiIndia

Personalised recommendations