Browse Prior Art Database

Geopriv Requirements (RFC3693)

IP.com Disclosure Number: IPCOM000021967D
Original Publication Date: 2004-Feb-01
Included in the Prior Art Database: 2004-Feb-18
Document File: 31 page(s) / 69K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Cuellar: AUTHOR [+5]

Abstract

Location-based services, navigation applications, emergency services, management of equipment in the field, and other location-dependent services need geographic location information about a Target (such as a user, resource or other entity). There is a need to securely gather and transfer location information for location services, while at the same time protect the privacy of the individuals involved.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group J. Cuellar

Request for Comments: 3693 Siemens AG

Category: Informational J. Morris

Center for Democracy & Technology

D. Mulligan

Samuelson Law, Technology & Public Policy Clinic

J. Peterson

NeuStar

J. Polk

Cisco

February 2004

Geopriv Requirements

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2004). All Rights Reserved.

Abstract

Location-based services, navigation applications, emergency services,

management of equipment in the field, and other location-dependent

services need geographic location information about a Target (such as

a user, resource or other entity). There is a need to securely

gather and transfer location information for location services, while

at the same time protect the privacy of the individuals involved.

This document focuses on the authorization, security and privacy

requirements for such location-dependent services. Specifically, it

describes the requirements for the Geopriv Location Object (LO) and

for the protocols that use this Location Object. This LO is

envisioned to be the primary data structure used in all Geopriv

protocol exchanges to securely transfer location data.

Cuellar, et al. Informational [Page 1]

RFC 3693 Geopriv Requirements February 2004

Table of Contents

1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2. Conventions Used in this Document. . . . . . . . . . . . . . . 4

3. Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

4. Primary Geopriv Entities . . . . . . . . . . . . . . . . . . . 6

5. Further Geopriv Terminology. . . . . . . . . . . . . . . . . . 7

5.1. Location Information and Sighting. . . . . . . . . . . . 7

5.2. The Location Object and Using Protocol . . . . . . . . . 9

5.3. Trusted vs. Non-trusted Data Flows . . . . . . . . . . . 10

5.4. Further Geopriv Principals . . . . . . . . . . . . . . . 10

5.5. Privacy Rules. . . . . . . . . . . . . . . . . . . . . . 12

5.6. Identifiers, Authentication and Authorization. . . . . . 13

6. Scenarios and Explanatory Discussion . . . . . . . . . . . . . 15

7. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 19

7.1. Location Object. . . . . . . . . . . . . . . . . . . . . 19

7.2. The Using Protocol . . . . . . . . . . . . . . . . . . . 21

7.3. Rule based Location Data Transfer. . . . . . . . . . . . 21

7.4. Location Object Privacy and Security . . . . . . . . . . 22

7.4.1. Identity Protection. . . . . . . . . . . . . . . 22

7.4.2. Authentication Requirements. . . . . . . . . . . 23

7.4.3. Actions to be secured. . . . . . . . . . . . . . 23

7.5. Non-Requirements . . . . . . . . . . . . . . . . . . . . 24

8. Security Considerations. . . . . . . . . . . . . . . . . . . . 24

8.1. Traffic Analysis . . . . . . . . . . . . . . . . . . . . 24

8.2. Securing the Privacy Rules . . . . . . . . . . . . . . . 24

8.3. Emerg...