Secure Client and Server Geolocation Over the Internet
This addresses security issues for entities relying on accurate geolocation, such as for authentication or location-based benefits, but it is incremental as it provides a technical overview of existing methods.
The paper tackles the problem of secure Internet geolocation to prevent cheating about geographic locations, summarizing recent techniques like Client Presence Verification (CPV) and Server Location Verification (SLV) that verify locations in real-time against adversarial tactics such as VPNs.
In this article, we provide a summary of recent efforts towards achieving Internet geolocation securely, \ie without allowing the entity being geolocated to cheat about its own geographic location. Cheating motivations arise from many factors, including impersonation (in the case locations are used to reinforce authentication), and gaining location-dependent benefits. In particular, we provide a technical overview of Client Presence Verification (CPV) and Server Location Verification (SLV)---two recently proposed techniques designed to verify the geographic locations of clients and servers in realtime over the Internet. Each technique addresses a wide range of adversarial tactics to manipulate geolocation, including the use of IP-hiding technologies like VPNs and anonymizers, as we now explain.