On location-restricted services

Monitoring the location of user equipment is an important problem in many industries, including direct broadcasting satellites and others, where the physical location of the user determines the availability of the service or is crucial for the security or operation of the service. In this article we study four schemes for detecting the movement of user equipment, such as a set-top terminal, wireless local loop (fixed wireless) phones, and other “nonmovable” equipment, using existing (or emerging) communication infrastructures. The first two schemes are network-centric, which means that the network infrastructure determines the location. The two other schemes are terminal-centric, which means that they rely on the user´s device. We start with the currently used scheme, which is based on the telephone network´s caller ID features, and show how it can be undermined. Then we describe three more robust schemes: one that uses the cellular phone´s enhanced 911 service, one that uses the Global Positioning System, and one that measures the time-difference-of-arrival of the satellite´s broadcast. We discuss the accuracy, features, and vulnerabilities of each scheme. We also present possible attacks on these schemes that allow the attackers to conceal their movement, and evaluate the complexity and cost of the attacks