In the ubiquitous computing, user``s availability will be maximized with the wireless network. Users get the proper service anytime, anywhere without any restriction of time and location. Without user``s concerns, user``s contexts are sensed by the network to provide the proper service.
However, the increasing of user``s availability also will occur the increasing of security risks. Sensing user``s context cause privacy issues. Also, forgery of contexts is also problem.
Forgery on location information is critical risk of context based service. There are several researches on location authentication. Denning [11] proposed Differential GPS based location authentication method, while Sastry [12] proposed location authentication method using the time difference from the velocity of radio frequency and sonic. Nakanishi [13] adopted RFID for location information. And, Kindberg [14] showed general model using constrained channel with Wi-Fi, Bluetooth, and etc. But these works are only focused on authentication of location information, there is no consideration of privacy of user. Moreover, they require specific device for protocol.
We generalize the risks in the location based service model, and define security requirements in this paper. We also introduce new model of privacy preserving location authentication method which can be adopted in universal. Based on the model, we propose several protocol using asymmetric/symmetric key encryption and one-time key or timestamp.
Finally, we discuss DRM in ubiquitous computing environments with location authentication.