Digital societies urgently require cryptographically secured physical location attestation (Proof-of-Location, PoL) to resist spoofing, replay, and collusion attacks. This paper addresses this challenge by proposing a systematic, requirement-driven design methodology for PoL systems. We introduce the first four-dimensional classification framework—spanning cryptographic guarantees, spatiotemporal synchronization, trust models, and interaction overhead—to enable end-to-end derivation from application-specific requirements to secure, scalable architectures. Our approach innovatively integrates distance-bounding protocols, distributed consensus, and privacy-enhancing technologies, supported by formal modeling and rigorous requirement-to-architecture mapping analysis to ensure verifiable protocol design and evaluation. We validate the methodology through concrete instantiations in three representative use cases: retail coupon redemption, supply-chain auditing, and physical-world voting. Experimental results confirm that our framework efficiently yields customized, security-assured, and interoperable PoL solutions.

Digital societies increasingly rely on trustworthy proofs of physical presence for services such as supply-chain tracking, e-voting, ride-sharing, and location-based rewards. Yet, traditional localization methods often lack cryptographic guarantees of where and when an entity was present, leaving them vulnerable to spoofing, replay, or collusion attacks. In response, research on Proof-of-Location (PoL) has emerged, with recent approaches combining distance bounding, distributed consensus, and privacy-enhancing techniques to enable verifiable, tamper-resistant location claims. As the design space for PoL systems grows in complexity, this paper provides a unified framework to help practitioners navigate diverse application needs. We first propose a taxonomy identifying four core domains: (1) cryptographic guarantees, (2) spatio-temporal synchronization, (3) trust and witness models, and (4) interaction and overhead. Building on this, we introduce a methodology to map application-specific requirements onto appropriate PoL architectures. We illustrate this process through three use cases (retail e-coupons, supply chain auditing, and physical e-voting), each showing how different constraints shape protocol choices. Overall, this work offers a structured approach to building secure, scalable, and interoperable PoL systems.