Authenticated Time and Location for Location Based Application and Services
Background & Objectives
ATLAS concerns the development of an assurance and authentication service for GNSS-derived time and position information for use in liability-critical LBS applications across a wide variety of market sectors. The targeted LBS application to be enhanced during the project is a highly innovative, existing commercial service that authenticates digital images and video taken from mobile phones and devices using digital watermarking of time and location data. The commercial service is known as ‘Shoot&Proof’. With this service, a Shoot&Proof-enabled mobile phone is used to take a photograph, for instance of damage to property. The image is watermarked with the picture timestamp, geo-reference and other associated data. It is then certified and sent to a secure server and stored for several years during which the image can be retrieved by the owner and used for evidentiary purposes.
By using Shoot&Proof, original digital photographs cannot be falsified and have evidentiary value before the courts which is not the case with normal digital photographs. However, the existing service relies on open, standard, publicly-available GPS which is vulnerable to system faults and failures, including intentional spoofing and jamming. This exposes a potential weakness which shall be addressed through a GNSS data authentication service.
Work will proceed in two parallel activities to develop the GNSS Performance Server-based service and the Authenticated GNSS Solution. To produce these components according to the baseline architecture and sub-system specifications, the work programme will progress through the stages of detailed design, development, integration and testing.
The GNSS Performance Server will be a suite of server software that can link into a network of continuously operating GNSS receivers which will include the EGNOS RIMS accessed through EDAS, as well as additional receivers typical to those used in Shoot&Proof-enabled handsets. The Performance Server will feed an additional software package that will create the audit reports in the format specified in Phase 1 and will securely interface with the Shoot&Proof secure server via the Internet.
The Authentication Server will also link into EDAS providing the navigation and auxiliary data required for the authentication demonstration. This information will be sent into the mobile device using existing communications protocols used by Shoot&Proof (GPRS, EDGE and UMTS). The information will be used by a prototype GNSS receiver, based on NSL’s software defined radio GNSS, that will computes an authenticated time and position. Advanced integrity and spoofing/jamming detection algorithms will also be implemented on the demonstration mobile platform.
This weakness will be addressed by implementing:
- a GNSS Evidential Support Service complementing the existing digital imagery-based Shoot&ProofTM service;
- an Authenticated GNSS Service utilising an enhanced GNSS receiver which is capable of providing authenticated position and time information into the existing solution.
In order to design, develop, integrate and commercialise these two services, there are a number of other objectives:
- analyse user communities and their needs for authenticated, time and location-referenced digital data;
- specify and prototype a GNSS assurance and authentication service that will enable the time and location-referenced digital data to be admissible evidence in court proceedings;
- functionally integrate the authentication service into an existing LBS application;
- demonstrate the additional robustness and benefits over the existing application;
- evaluate performances in operational environments to identify strengths and weaknesses;
- analyse residual vulnerabilities and potential threats;
- identify and evaluate new technologies and approaches to address vulnerabilities that could form components of a future service that would deliver increased levels of robustness against sophisticated attack;
- test the candidate technologies via simulation and/or bench tests, to analyse performances and predict behaviour under threa
Work performed & results
The innovations from Phase 2 include the development of bespoke GNSS servers and receivers for authenticated evidential applications integrating novel concepts, robust positioning algorithms and secure protocols.
Validations of both the GNSS Evidential Support service and the Authenticated GNSS solution will be carried out after the development and associated testing of each service.
The validations will be carried out by the project team along with the key stakeholders identified earlier in the project. The validations will be considered as medium-term trials to potential users, with the trial period scheduled with a five-month duration. This will allow the users to test the new functionality and provide feedback from the operational, technical and user perspective.