Constructing secure localization systems with adjustable granularity using commodity hardware

Patrick Traynor, Joshua Schiffman, Thomas La Porta, Patrick McDaniel, Abhrajit Ghosh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations


Proof of a user's identity is not always a sufficient means for making an authorization decision. In an increasing set of circumstances, knowledge of physical location provides additional and necessary context for making decisions about resource access. For example, sensitive information stored on a laptop (e.g. customer records, social security numbers, etc), may require additional protections if a user operates outside of an approved area. However, current localization techniques based on signal strength reporting or specialized hardware fail to achieve this goal. In this paper, we design, develop, deploy and measure a system which securely determines the location of a user to within one meter through using only off-the-shelf 802.11 and Bluetooth equipment. We apply this equipment in a two-phased challenge-response protocol: first determining the general area of the client in the Regionalization phase and then pinpointing it in the Localization phase. Using nearly 32,000 data points collected over 75 days, we argue that the stability of wireless networks over time creates easily distinguishable location profiles by which a client can be positioned. Additionally, we demonstrate the inherent ability of a two-phased protocol to discern a client's location information at a level of granularity no finer than is necessitated by policy. After discussing a number of applications, we build a location-based access control framework that automatically protects a white-listed set of resources through encryption when the user leaves specified areas. Our analyses show that this system provides a realistic and efficient means of incorporating unforgeable location information at the appropriate level of granularity into many authorization decisions.

Original languageEnglish (US)
Title of host publication2010 IEEE Global Telecommunications Conference, GLOBECOM 2010
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Print)9781424456383
StatePublished - 2010
Event53rd IEEE Global Communications Conference, GLOBECOM 2010 - Miami, FL, United States
Duration: Dec 6 2010Dec 10 2010

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference


Other53rd IEEE Global Communications Conference, GLOBECOM 2010
Country/TerritoryUnited States
CityMiami, FL

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering


Dive into the research topics of 'Constructing secure localization systems with adjustable granularity using commodity hardware'. Together they form a unique fingerprint.

Cite this