Geopriv Working Group

1
Geopriv Working Group

• Milind Nimesh
• VoIP Security COMS 4995Dept. of Computer
  Science
• Prof. Henning Schulzrinne
• Columbia University
• Fall 2008

Oct 14, 2008
2
Location Information

• Describes physical position of a person or
  device
• geographical
• civic
• descriptive (eg. library, airport)
• Formatting and transfer of location information
  relatively easy
• Privacy and security complex
• Application
• emergency services
• resource management
• social networking
• search
• navigation

3
Geopriv Working Group

• Geographic Location/Privacy working group
• Primary tasks
• assess authorization, integrity and privacy
  requirements
• select standardized location information format
• enhance format ? availability of security
  privacy methods
• authorization of requester, responders, proxies
• Goal transferring location information private
  secure

4
Geopriv Entities
Rule Holder
Rule Interface
Location Generator
Location Server
Location Recipient
Publication
Notification
Interface
Interface
Target
5
Geopriv Terminology

• Location Object conveys location information
  privacy rules
• Rule Maker creates rules ? governs access to
  location info
• Target person/entity whose location
  communicated
• Using Protocol protocol carrying location
  object
• Viewer consumes location information but does
  not pass information further

6
Geopriv Requirement

• Secure transmission of location object
• User controlled privacy rules
• Filtering location information
• Location object carries core set of privacy
  rules
• Ability of user to hide his real identities

7
Scenarios
GPS Satellite
Sighting
GPS Device
Location Generator Location Server
Location Storage
Notification Interface
Target
Location Recipient
Rule Maker
GPS Device with Internal Computing Power Closed
System
8
Scenarios
Location Generator
Public Rule Holder
Signed Rule
Locate
Location Information
Location Server Private Rule Holder
Rule Maker
Rule Transfer
Filtered Location Information
Location Recipient
Mobile Communities and Location-Based Services
9
Applications Social Networking
Public Rule Holder
Sighting
Location Generator Rule Maker
Target LocationRecipient
Location Server
10
Applications Search
Location Generator Rule Maker Rule Holder
LocationRecipient
Target
11
Location configuration

• Configuring the location of device
• HTTP Enabled Location Delivery
• device retrieves location from LIS
• assumption device LIS present in same admin
  domain
• Link Layer Discovery Protocol-Media Endpoint
  Discovery
• auto-discovery of LAN policies ? plug play
• device location discovery
• cisco discovery protocol
• switch broadcast switch/port id
• switch ? floor, port ? room room level accuracy
• Modified DHCP server
• Useful? ? emergency 911, voip, location based
  applications

12
DHCP Option for Civic Addresses Configuration

• DHCP Server configures location information of
  devices
• Mapping MAC ? location
• Issues
• consistent information
• geographically validconfiguration
• Option 99 ? civic address
• Option 123 ? geo-coordinate based location
  information

DHCPINFORM MAC0011209da003
DHCP Server
Voip Phone
DHCPACK Option0US1NY2NEW YORK3NEW
YORK6AMSTERDAM191214
13
Security Considerations

• Traffic Analysis
• attacks on target and privacy violations
• Securing the Privacy Rules
• rules accessible to LS carried by LO
• authenticated using signature
• Emergency Case
• handling authentication failure
• Identities Anonymity
• using unlinked pseudonyms
• Unintended Targets

14
Presence Information Data Format

• XML based object format, communicates presence
  information
• PIDF extended to carry geographical information
• Extended PIDF encapsulates
• preexisting location information formats
• security policy control
• Protocols capable of carrying XML or MIME types,
  suitable
• Security MIME-level ? S/MIME

15
PIDF Elements

• Baseline
• entity
• contact
• timestamp
• status
• tuple

• Extensions
• location-info
• usage-rules
• retransmission-allowed
• retention-expires
• ruleset-reference
• note-well
• method
• provided-by

16
Example PIDF

• lt?xml version"1.0" encoding"UTF-8"?gtltpresence
  xmlns"urnietfparamsxmlnspidf"
  xmlnsgp"urnietfparamsxmlnspidfgeopriv10"
  xmlnscl" urnietfparamsxmlnspidfgeopriv10c
  ivicLoc" entity"presgeotarget_at_example.com"gt    
    lttuple id"sg89ae"gt            ltstatusgt       
             ltgpgeoprivgt                        ltg
  plocation-infogt                              ltcl
  civicAddressgt                                   
   ltclcountrygtUSlt/clcountrygt                     
                 ltclA1gtNew Yorklt/clA1gt           
                           ltclA3gtNew
  Yorklt/clA3gt                                    lt
  clA6gtBroadwaylt/clA6gt                           
           ltclHNOgt123lt/clHNOgt                    
                  ltclLOCgtSuite 75lt/clLOCgt        
                              ltclPCgt10027-0401lt/cl
  PCgt                              lt/clcivicAddres
  sgt                        lt/gplocation-infogt   
                       ltgpusage-rulesgt            
                    ltgpretransmission-allowedgtyeslt/
  gpretransmission-allowedgt                       
         ltgpretention-expirygt2003-06-23T045729Zlt/
  gpretention-expirygt                        lt/gp
  usage-rulesgt                  lt/gpgeoprivgt     
         lt/statusgt            lttimestampgt2003-06-22
  T205729Zlt/timestampgt      lt/tuplegtlt/presencegt

17
Civic address format
ltcivicAddress xmlns"urnparamsxmlnspidfgeopri
v10civicAddr"gt      ltcountrygtUSlt/countrygt      
ltA1gtPennsylvanialt/A1gt      ltA3gtPhiladelphialt/A3gt
      ltA6gtMarketlt/A6gt      ltSTSgtStreetlt/STSgt    
  ltHNOgt1201lt/HNOgt      ltPCgt19107lt/PCgt      ltROOM
gtFranknlin 1/2lt/ROOMgtlt/civicAddressgt
18
Labels in Civic Location Format
19
Location Type Registry
Home(9pm 8am)
Office(9am 6pm)
Cinema(7pm 9pm)
call divert off email office pc jabber status
office
call divert on email blackberry jabber status
busy
call divert off email home pc jabber statushome

• Describes places humans or end systems found
• Useful?
• define location based actions
• eg. if loc classroom then cell phone ringer
  off
• eg. if loc cinema then call divert on
• Location coordinate knowledge ? context
• airport, arena, bank, bar, bus-station, club,
  hospital, library.

20
Conclusion

• Framework for geographic location information
• Location Object primary data structure
• Defines requirements for location transferring
  services
• Extends PIDF to carry geographical information
• Standardization ? rapid development of location
  based applications

21
References

• Geopriv requirements (RFC 3693)
• Dynamic Host Configuration Protocol Option for
  Coordinate-based Location Configuration
  Information (RFC 3825)
• Location Types Registry (RFC 4589)
• Dynamic Host Configuration Protocol (DHCPv4 and
  DHCPv6) Option for Civic Addresses Configuration
  Information (RFC 4776)
• Revised Civic Location Format for Presence
  Information Data Format Location Object (PIDF-LO)
  (RFC 5139)
• HTTP Enabled Location Delivery
  (draft-ietf-geopriv-http-location-delivery)
• Location-to-Service Translation Protocol (LoST)
  Extensions(draft-forte-ecrit-lost-extensions-00)
• Loopt Inc. (www.loopt.com)