Fig 5 - uploaded by Ruoyang Guo
Content may be subject to copyright.
Source publication
As the location-based applications are flourishing, we will witness soon a prodigious amount of spatial data will be stored in the public cloud with the geometric range query as one of the most fundamental search functions. The rising demand of outsourced data is moving larger-scale datasets and wider-scope query size. To protect the confidentialit...
Contexts in source publication
Context 1
... , that is the point p in the dataset can be indexed by As for the given query Q = {p ′ , r ′ }, according to Table II, each bit of a Geohash code has its accuracy effect on the geographical range, where r ′ is between the 5th and 6th bit of scopes. So we need to keep the top five bits in d ′ for the subsequent searches, that is d ′ = {s0scp}. As Fig. 5 shows, Similar to the process of a dataset, we fist convert d ′ to (24,0,24,11,21), then to a 0-1 vector with size of 32. Contrary to the process above in the final step, i.e., 24 is denoted as (1, ..., 1, 0, 1, ..., 1), where only the 24th position is set as 0. Similarly, we can present p ′ in Q as p ′ = {ì u 0 , ..., ì u 4 }. Border ...
Context 2
... , that is the point p in the dataset can be indexed by As for the given query Q = {p ′ , r ′ }, according to Table II, each bit of a Geohash code has its accuracy effect on the geographical range, where r ′ is between the 5th and 6th bit of scopes. So we need to keep the top five bits in d ′ for the subsequent searches, that is d ′ = {s0scp}. As Fig. 5 shows, Similar to the process of a dataset, we fist convert d ′ to (24,0,24,11,21), then to a 0-1 vector with size of 32. Contrary to the process above in the final step, i.e., 24 is denoted as (1, ..., 1, 0, 1, ..., 1), where only the 24th position is set as 0. Similarly, we can present p ′ in Q as p ′ = {ì u 0 , ..., ì u 4 }. Border ...
Context 3
... , that is the point p in the dataset can be indexed by As for the given query Q = {p ′ , r ′ }, according to Table II, each bit of a Geohash code has its accuracy effect on the geographical range, where r ′ is between the 5th and 6th bit of scopes. So we need to keep the top five bits in d ′ for the subsequent searches, that is d ′ = {s0scp}. As Fig. 5 shows, Similar to the process of a dataset, we fist convert d ′ to (24,0,24,11,21), then to a 0-1 vector with size of 32. Contrary to the process above in the final step, i.e., 24 is denoted as (1, ..., 1, 0, 1, ..., 1), where only the 24th position is set as 0. Similarly, we can present p ′ in Q as p ′ = {ì u 0 , ..., ì u 4 }. Border ...
Similar publications
Cloud computing has been widely applied in numerous applications for storage and data analytics tasks. However, cloud servers engaged through a third party cannot be fully trusted by multiple data users. Thus, security and privacy concerns become the main obstructions to use machine learning services, especially with multiple data providers. Additi...
Citations
... Based on the Hilbert curve, they can be encoded as 3, 37, 16, 60, and 33, respectively. If a data requester desires to search all locations inside the geometric ranges Q 1 and Q 2 covered by the blue area and the green area, the data requester can generate geometric range queries and encode them as Q 1 = [14,19] and Q 2 = { [31,33], [46, 51]}, respectively. By doing this, the twodimensional geometric range queries can be directly converted into multiple one-dimensional range queries. ...
In spatial crowdsourcing, location-based task recommendation schemes are widely used to match appropriate workers in desired geographic areas with relevant tasks from data requesters. To ensure data confidentiality, various privacy-preserving location-based task recommendation schemes have been proposed, as cloud servers behave semi-honestly. However, existing schemes reveal access patterns, and the dimension of the geographic query increases significantly when additional information beyond locations is used to filter appropriate workers. To address the above challenges, this paper proposes two efficient and privacy-preserving location-based task recommendation (EPTR) schemes that support high-dimensional queries and access pattern privacy protection. First, we propose a basic EPTR scheme (EPTR-I) that utilizes randomizable matrix multiplication and public position intersection test (PPIT) to achieve linear search complexity and full access pattern privacy protection. Then, we explore the trade-off between efficiency and security and develop a tree-based EPTR scheme (EPTR-II) to achieve sub-linear search complexity. Security analysis demonstrates that both schemes protect the confidentiality of worker locations, requester queries, and query results and achieve different security properties on access pattern assurance. Extensive performance evaluation shows that both EPTR schemes are efficient in terms of computational cost, with EPTR-II being
$10^{3}\times$
faster than the state-of-the-art scheme in task recommendation.
... As location-based applications are flourishing, R. Guo et al observe that privacy preservation is a critical issue as far as spatial data is concerned [33]. A cloud server's outsourced data should be protected, especially when it is queried, to safeguard the privacy of people's geolocation information. ...
The problem of lack of anonymity and confidentiality can be experienced by those who collect statistical data online as well as those who provide the data. One end may be secure, for example, the one providing data, and yet the other end, for example, the one collecting data, may not be secure. In another scenario, both the data provider and collector may seek anonymity. Preventing the decryption of data provided while providing aggregated results is the best solution for such scenarios. To achieve this, this paper proposes a protocol that puts into application. Homomorphic Encryption and a Distributed Ring algorithm, to ensure data anonymity of both parties involved in a spatial search that is a data provider and a searcher. Firstly, we identify a Homomorphic Encryption technique that can work best for a spatial search by reviewing literature on Homomorphic Encryption techniques. Among the Homomorphic Encryption techniques reviewed were Rivest, Shamir and Adleman (RSA), El Gamal cryptosystem, Goldwasser-Micali cryptosystem, Benaloh cryptosystem, Paillier cryptosystem and Fully Homomorphic Encryption (FHE). After a comprehensive study, Paillier Homomorphic Encryption technique was identified as the best approach to be employed in securing a spatial search. Secondly, we propose a protocol for distributed spatial searching using Paillier cryptosystem and distributed ring algorithm principles. Finally, a proof of concept prototype using the proposed approach was implemented. From initial experiments conducted using the proposed approach, it is evident that the bigger cost comes from the communication over the network and less from the encryption algorithm and protocol itself. A 39.7% overhead when compared to the usefulness of the approach, is outweighed making the solution highly practical and useful.
... In [43], the authors propose the use of pairs of bits, instead of the combination of 5 digits in base32 in order to simplify the identification of neighbor cells and improve accuracy when generating the locations. In [44], authors propose the use of Bloom filters in order to faster identify the points inside a grid cell, based on common prefix. However, the most common way of solving the problem [27], [44]- [47] is to trick the system by querying all adjacent grid cells to the user's location, so it will include grid cells even with large code difference. ...
... In [44], authors propose the use of Bloom filters in order to faster identify the points inside a grid cell, based on common prefix. However, the most common way of solving the problem [27], [44]- [47] is to trick the system by querying all adjacent grid cells to the user's location, so it will include grid cells even with large code difference. In AHG [3], the authors propose the use of Hilbert's curves in order to improve locality, and, given that adjacent cells will still have different common prefix, they project the user's location in each adjacent cells, using the relative distance between the point and its centroid on the original cell; this is, applying the vertical and horizontal distance from the original centroid to the new ones, as it can be seen in Figure 3. ...
Location privacy techniques try to protect user’s information by altering, aggregating or generalizing it. Geographical codification techniques, like Geohash, can be used to protect individual locations altering the precision of the location so it represents wide area that contains the user’s location but does not give out the exact coordinate. However, this transformation creates some problems when a simple range-based query wants to be performed over coded data: neighbor points may have quite different representations if they fall in different quadrants. This problem, named lack of locality, has been solved by extending the search area of the query by projecting the user’s location in all adjacent grid cells and use the common prefix of the code to identify all the points in the adjacent cells, but the result set increases substantially, creating a problem for the user which needs to filter the useful results from the set returned by the extended query. In this work, the Hall of Mirrors, or HoM strategy is presented, which creates multiple representations of the points of interest in adjacent quadrants. This allows, not only the execution of the traditional common prefix query, but also distance-based queries from the user’s location, using the numerical code difference, which overcomes the locality problem by obtaining the relevant points of interest - PoI and reduces the number of total results. Four PoI projection techniques are introduced and compared to the Adaptive Hilbert-Geohash, or AHG technique and the regular geographic query. The results of the experiments performed on a dataset of 827 points of interests in Bogota, Colombia, show that, compared to regular common prefix queries, distance-based HoM generates from 29% up to 91% fewer irrelevant results in the best scenarios. In addition, results show that HoM techniques can find the relevant points faster than the AHG technique, due to the nature of the points projection and better distance correspondence.
... Wang et al. [8], [9], [12] proposed several secure geometric range query schemes for two-dimensional spatial data search, which may limit practical IoT-based applications. Several geometric range query schemes [8], [13], [14] may cause expensive computational costs due to the heavy cryptographic operations, and they cannot achieve arbitrary geometric range queries. To improve the search efficiency, some schemes adopted bloom filter [15] or R-tree [13] to improve the spatial data search performance. ...
... The scheme in [8] can simultaneously preserve the privacy of IoT owners and users in public clouds, but the performance of geometric range query is inefficient and can only support geometric range query on limited polygons, e.g., circular range, triangular range, or rectangular range. Some schemes achieve geometric range query by leveraging the technique of data structure, such as R-tree [14], [15]. However, their schemes cannot be directly applied to the geometric range query on arbitrary polygons. ...
With the proliferation of cloud computing, data owners can outsource the spatial data from IoT devices to a cloud server to enjoy the pay-as-you-go storage resources and location-based services. However, the outsourced services may raise privacy concerns, since the cloud server may not be fully trusted for both data owners and search users. If the data owners and search users conventionally encrypt the spatial data and query requests, the efficiency and functionality of query processing are weakened. Most of the existing works only focus on spatial data search or keyword search and do not consider spatial keyword search over encrypted data. In this paper, we first design a Geometric Range Query (GRQ) scheme, which can generate an arbitrary geometric range to fit the search user's desired spatial data while protecting location privacy. Furthermore, based on GRQ, we propose a Multi-dimensional Spatial keyword Similarity search scheme with Access Control (MSSAC) by integrating the polynomial function and matrix transformation. Specifically, an access control strategy is defined by a role-based polynomial function, which is embedded in the vectors of indexes and trapdoors to achieve efficient and lightweight access control. Moreover, MSSAC enables the cloud server to execute compute-then-compare operations for spatial keyword search in a privacy-preserving manner by leveraging techniques of randomizable permutation and matrix multiplication. The formal security analyses and extensive experiments demonstrate that GRQ and MSSAC preserve the privacy of data owners and search users while achieving efficient spatial keyword search. Index Terms-Privacy-preserving, spatial keyword search, In-ternet of Things (IoT), cloud computing, geometric range query.
... Since the publication of [18], several works addressed processing on encrypted location data. In [37] and [22], two solutions are proposed for search on encrypted location data hosted at a cloud server. Both approaches rely on symmetric searchable encryption (SSE), where the client has access to the secret key of the transformation. ...
Monitoring location updates from mobile users has important applications in many areas, ranging from public health (e.g., COVID-19 contact tracing) and national security to social networks and advertising. However, sensitive information can be derived from movement patterns, thus protecting the privacy of mobile users is a major concern. Users may only be willing to disclose their locations when some condition is met, for instance in proximity of a disaster area or an event of interest. Currently, such functionality can be achieved using searchable encryption. Such cryptographic primitives provide provable guarantees for privacy, and allow decryption only when the location satisfies some predicate. Nevertheless, they rely on expensive pairing-based cryptography (PBC), of which direct application to the domain of location updates leads to impractical solutions. We propose secure and efficient techniques for private processing of location updates that complement the use of PBC and lead to significant gains in performance by reducing the amount of required pairing operations. We implement two optimizations that further improve performance: materialization of results to expensive mathematical operations, and parallelization. We also propose an heuristic that brings down the computational overhead through enlarging an alert zone by a small factor (given as system parameter), therefore trading off a small and controlled amount of privacy for significant performance gains. Extensive experimental results show that the proposed techniques significantly improve performance compared to the baseline, and reduce the searchable encryption overhead to a level that is practical in a computing environment with reasonable resources, such as the cloud.
... Since the publication of [18], several works addressed processing on encrypted location data. In [37] and [22], two solutions are proposed for search on encrypted location data hosted at a cloud server. Both approaches rely on symmetric searchable encryption (SSE), where the client has access to the secret key of the transformation. ...
Monitoring location updates from mobile users has important applications in many areas, ranging from public safety and national security to social networks and advertising. However, sensitive information can be derived from movement patterns, thus protecting the privacy of mobile users is a major concern. Users may only be willing to disclose their locations when some condition is met, for instance in proximity of a disaster area or an event of interest. Currently, such functionality can be achieved using searchable encryption. Such cryptographic primitives provide provable guarantees for privacy, and allow decryption only when the location satisfies some predicate. Nevertheless, they rely on expensive pairing-based cryptography (PBC), of which direct application to the domain of location updates leads to impractical solutions. We propose secure and efficient techniques for private processing of location updates that complement the use of PBC and lead to significant gains in performance by reducing the amount of required pairing operations. We implement two optimizations that further improve performance: materialization of results to expensive mathematical operations, and parallelization. We also propose an heuristic that brings down the computational overhead through enlarging an alert zone by a small factor (given as system parameter), therefore trading off a small and controlled amount of privacy for significant performance gains. Extensive experimental results show that the proposed techniques significantly improve performance compared to the baseline, and reduce the searchable encryption overhead to a level that is practical in a computing environment with reasonable resources, such as the cloud.
GPS-enabled Internet of Things devices, which can obtain the location and temporal information of installed objects to promote Location Based Service, are completely changing our lives. In recent years, the confidentiality and privacy of personal data have attracted widespread attention, especially when outsourcing to third-party providers. To achieve both the confidentiality and availability of outsourced data, various Dynamic Searchable Symmetric Encryption (DSSE) schemes have been proposed. However, existing solutions are limited either in terms of security or efficiency. To address this challenge, we propose a Secure and Efficient Search over Encrypted Spatio-Temporal Data (SES-ESTD) scheme that utilizes constrained pseudo-random function and enhanced asymmetric scalar-product preserving encryption. Our scheme not only achieves high retrieval efficiency but also ensures forward security and content privacy. We provide a formal security analysis to prove SES-ESTD is forward secure and content private. Furthermore, extensive experiments indicate that SES-ESTD incurs lower computation and storage overheads compared to other schemes. Most importantly, SES-ESTD achieves millisecond-level retrieval for millions of data points and provides a retrieval speed that is 2.85 times faster than existing forward secure spatio-temporal DSSE schemes.
Geometric range query is a general query algorithm over spatial data and applies to many real-world applications, such as location-based services. Considering the sensitivity of location information, how to guarantee the confidentiality of the location information while providing efficient query service becomes a big concern. Several cryptographic solutions are proposed to solve this problem, particularly those dynamic searchable encryption schemes with forward and backward privacy that provides strong security guarantees for encrypted spatial databases that support data deletion and addition. Despite the increasing efforts, recent studies show that existing solutions with these two securities either use less secure property-preserving encryption for efficiency and flexibility or intuitively build a binary tree for each dimension, which leads to poor scalability. This paper proposes a novel forward and backward secure geometric range searchable encryption scheme on encrypted spatial data. Specifically, we build a two-level index for first-step rough navigation and second-step precise testing to get accurate search results. Detailed theoretical analysis and experimental evaluation demonstrate that compared with related work, our scheme achieves strong security and sub-linear search efficiency while boosting the average update time by 70 times.KeywordsDynamic searchable encryptionForward securityBackward securitySpatial dataGeometric range queries
Driven by the cloud-first initiative taken by various governments and companies, it has become a common practice to outsource spatial data to cloud servers for a wide range of applications such as location-based services and geographic information systems. Searchable encryption is a common practice for outsourcing spatial data which enables search over encrypted data by sacrificing the full security via leaking some information about the queries to the server. However, these inherent leakages could equip the server to learn beyond what is considered in the scheme, in the worst-case allowing it to reconstruct of the database. Recently, a novel form of database reconstruction attack against such kind of outsourced spatial data was introduced (Markatou and Tamassia, IACR ePrint 2020/284), which is performed using common leakages of searchable encryption schemes, i.e., access and search pattern leakages. An access pattern leakage is utilized to achieve an order reconstruction attack, whereas both access and search pattern leakages are exploited for the full database reconstruction attack. In this paper, we propose two novel schemes for outsourcing encrypted spatial data supporting dynamic range search. Our proposed schemes leverage R+tree to partition the dataset and binary secret sharing to support secure range search. They further provide backward and content privacy and do not leak the access pattern, therefore being resilient against the above mentioned database reconstruction attacks. The evaluations and results on the real-world dataset demonstrate the practicality of our schemes, due to (a) the minimal round-trip between the client and server, and (b) the low computation and storage overhead on the client side.
