近年來,愈來愈多基於位置的服務 (Location-based Services, LBS) 豐富了人類的日常生活,然而,使用者必須提供自身的地理位置才能取得基於位置的服務,此舉動會侵害到使用者的位置隱私權,因此,如何在提供基於位置的服務同時仍能保障使用者的位置隱私,一直是基於位置的服務的重要研究議題之一。除了分享位置造成的隱私權疑慮,許多的安全報告已顯示這些行動裝置系統中有許多漏洞,攻擊者可以利用這些漏洞入侵裝置的系統,並取得使用者的精確位置,造成隱私的極大損失。現有許多的文獻雖提出了保障使用者位置隱私權的機制,但他們並未考慮行動裝置的系統漏洞。為了解決此問題,此篇論文設計一種位置模糊化演算法,該演算法僅提供同一粗略精確度的使用者模糊化定位資訊給所有基於位置的服務應用程式,卻能在基於位置服務伺服器端達到多層次精確度的效果,加以防禦基於位置的服務場景中非伺服器端的位置攻擊。此外,此篇論文加以設計了基於 ARM TrustZone 的 TruzGPS 系統,藉由TruzGPS 系統,即使使用者的行動裝置系統遭到攻擊者入侵,也能防止攻擊者取得使用者的精確位置,保護使用者的位置隱私權。實驗結果顯示TruzGPS 可以有效保護使用者的位置隱私權而不會造成過多的系統成本。;In recent years, location-based services (LBS) have significantly enriched the quality of people’s daily life. However, LBS users may lose their privacy due to their location sharing while they utilize these convenient services. Thus, the protection of location privacy is one of the most significant issues in LBS. In addition to the location sharing, many security reports have shown that mobile devices have many vulnerabilities. Once the system is compromised, the user’s exact location will likely be accessed by the adversary, and the location privacy will be lost. Adversaries can access the user’s exact location, either by circumventing the permissions system, or by compromising the mobile system. Existing solutions are dedicated to preserving LBS user’s privacy, but they do not take the vulnerabilities into account, which may result in vain efforts. To address these issues, we first purpose a hidden multi-level location granularity (Hi-MLG) algorithm. This algorithm can not only obfuscate the user’s location, but also manage to allow different LBS providers to obtain different granularity of user’s location on identical user’s obfuscated location data. We further propose a system named TruzGPS, an ARM TrustZone-based solution that prevents the location data leakage of LBS users, even if the users’ devices are compromised. The evaluations show that our work can preserve LBS user’s privacy with minimal performance overhead.
