Achieving User Privacy in Mobile Networks

B. Askwith, M. Merabti, Q. Shi & K. Whiteley

The evolution of mobile networks towards third generation systems, which aim to allow the user to receive 'any service, anywhere, any time', has generated considerable interest within the research community. In order for such networks to become ubiquitous, users need to feel confident about the privacy provided by these systems.

The requirements for user privacy in mobile environments are detailed as: content privacy, location privacy, identification privacy, and authentication. An important differentiation between older approaches to privacy is drawn, that the network itself is considered to be an untrusted party (particularly since the user may roam into a foreign network).

Existing research efforts suffer from a number of shortcomings which are discussed in this paper. In particular the networks themselves are able to determine the location and/or identification information of the mobile user. This paper proposes a scheme that allows the user to register with the network and remain anonymous (both location and identification).

Digital mixes are used to create anonymity and authentication is achieved through a token based scheme. Finally the aspect of information leaking to authorised third parties is discussed and billing requirements are detailed which involves the use of 'coin' like tokens traded for services.