IRIS

In this paper, we propose a novel localization service to monitor the position of residents in assisted living facilities. The service supports a configurable balancing between precision and privacy, in such a way that the right of the residents to move freely in the environment in which they live without being tracked is preserved. However, in case of need, they can always be quickly localized. To do this, we implement, on top of an RFID-based architecture, a probabilistic model guaranteeing that the probability of identifying a person in a given (sensitive) place is at most k −1 , where k represents the required privacy level. This is obtained by ensuring that the EPC sent by RFID tags is not an identifier, but is equal to that of at least other k^{−1} people, each afferent to a different reader. We show that our method reaches the goal, resisting also attacks aimed at breaking privacy on the basis of humans’ movement models. Importantly, privacy is guaranteed against both misuse of the administrator and client-side eavesdropping attacks.

A Privacy-Preserving Localization Service for Assisted Living Facilities / Buccafurri, Francesco; Lax, Gianluca; Nicolazzo, Serena; Nocera, Antonino. - In: IEEE TRANSACTIONS ON SERVICES COMPUTING. - ISSN 1939-1374. - 13:1(2020), pp. 16-29. [10.1109/TSC.2016.2646363]

A Privacy-Preserving Localization Service for Assisted Living Facilities

Francesco Buccafurri
;Gianluca Lax;Serena Nicolazzo;Antonino Nocera
2020-01-01

Abstract

In this paper, we propose a novel localization service to monitor the position of residents in assisted living facilities. The service supports a configurable balancing between precision and privacy, in such a way that the right of the residents to move freely in the environment in which they live without being tracked is preserved. However, in case of need, they can always be quickly localized. To do this, we implement, on top of an RFID-based architecture, a probabilistic model guaranteeing that the probability of identifying a person in a given (sensitive) place is at most k −1 , where k represents the required privacy level. This is obtained by ensuring that the EPC sent by RFID tags is not an identifier, but is equal to that of at least other k^{−1} people, each afferent to a different reader. We show that our method reaches the goal, resisting also attacks aimed at breaking privacy on the basis of humans’ movement models. Importantly, privacy is guaranteed against both misuse of the administrator and client-side eavesdropping attacks.
2020
Privacy, location tracking, assistive environments
1.1 Articolo in rivista
File in questo prodotto:
File Dimensione Formato  
02 TSC.pdf

accesso aperto

Tipologia: Documento in Post-print
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 459.9 kB
Formato Adobe PDF
Visualizza/Apri
459.9 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12318/952
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 13
  • ???jsp.display-item.citation.isi??? 10
social impact