Many of today’s location services map locations of wireless base stations and use them to localize mobile devices. Severe security and privacy risks exist when unauthorized third party location services are able to localize mobile devices. In this work, we examine a software module that helps network operators to prevent third parties from aggregating wireless base station identifiers by making the identifiers dynamic. This software operates in the infrastructure and does not require any changes of handsets nor any modification of air interface standards. We also examine another software module that provides authorized mobile devices with the ability to locate themselves at different accuracy levels depending on their permission levels. This module operates in the infrastructure with any air interface and does not require standardization. We analyze the effect of the proposed modules on malicious third-party location services, examine their performance, and analyze potential location service countermeasures.
The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author’s copyright. These works may not be reposted without the explicit permission of the copyright holder.