Commercial use of Unmanned Aerial Vehicles (UAVs), or drones, promises to revolutionize the way in which consumers interact with retail services. However, the further adoption of UAVs has been significantly impeded by an overwhelming public outcry over the privacy implications of drone technology. While lawmakers have attempted to establish standards for drone use (e.g., No-Fly-Zones (NFZs)), at present a general technical mechanism for policy enforcement eludes state-of-the-art drones.
In this work, we propose that Proof-of-Alibi (PoA) protocols should serve as the basis for enforcing drone privacy compliance. We design and implement AliDrone, a trustworthy PoA protocol that enables individual drones to prove their compliance with NFZs to a third party Auditor. AliDrone leverages trusted hardware to produce cryptographically-signed GPS readings within a secure enclave, preventing malicious drone operators from being able to forge geo-location information. AliDrone features an adaptive sampling algorithm that reacts to NFZ proximity in order to minimize the processing cost. Through laboratory benchmarks and field studies, we demonstrate that AliDrone provides strong assurance of geo-location while im- posing an average of 1.5% overhead on CPU utilization and 0.3% of memory consumption. AliDrone thus enables the further proliferation of drone technology through the introduction of a trustworthy and accountable compliance mechanism.