Nearest neighbor search with strong location privacy

The tremendous growth of the Internet has significantly reduced the cost of obtaining and sharing information about individuals, raising many concerns about user privacy. Spatial queries pose an additional threat to privacy because the location of a query may be sufficient to reveal sensitive information about the querier. In this paper we focus on k nearest neighbor (kNN) queries and define the notion of strong location privacy, which renders a query indistinguishable from any location in the data space. We argue that previous work fails to support this property for arbitrary kNN search. Towards this end, we introduce methods that offer strong location privacy, by integrating private information retrieval (PIR) functionality. Specifically, we employ secure hardware-aided PIR, which has been proven very efficient and is currently considered as a practical mechanism for PIR. Initially, we devise a benchmark solution building upon an existing PIR-based technique. Subsequently, we identify its drawbacks and present a novel scheme called AHG to tackle them. Finally, we demonstrate the performance superiority of AHG over our competitor, and its viability in applications demanding the highest level of privacy.

[1]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[2]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[3]  Robert H. Deng,et al.  Private Information Retrieval Using Trusted Hardware , 2006, IACR Cryptol. ePrint Arch..

[4]  Haibo Hu,et al.  Range Nearest-Neighbor Query , 2006, IEEE Trans. Knowl. Data Eng..

[5]  Peter Williams,et al.  Usable PIR , 2008, NDSS.

[6]  Hua Lu,et al.  SpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[7]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[8]  Yu Zhang,et al.  Preserving User Location Privacy in Mobile Data Management Infrastructures , 2006, Privacy Enhancing Technologies.

[9]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[10]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[11]  Sean W. Smith,et al.  Private Information Storage with Logarithm-Space Secure Hardware , 2004, International Information Security Workshops.

[12]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[13]  Nikos Mamoulis,et al.  Secure kNN computation on encrypted databases , 2009, SIGMOD Conference.

[14]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[15]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[16]  Lars Kulik,et al.  Simulation of Obfuscation and Negotiation for Location Privacy , 2005, COSIT.

[17]  Yuval Ishai,et al.  Breaking the O(n/sup 1/(2k-1)/) barrier for information-theoretic Private Information Retrieval , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[18]  Kyriakos Mouratidis,et al.  Conceptual partitioning: an efficient method for continuous nearest neighbor monitoring , 2005, SIGMOD '05.

[19]  Mark de Berg,et al.  Computational geometry: algorithms and applications , 1997 .

[20]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[21]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[22]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[23]  Christos Faloutsos,et al.  Analysis of the Clustering Properties of the Hilbert Space-Filling Curve , 2001, IEEE Trans. Knowl. Data Eng..

[24]  Cyrus Shahabi,et al.  Location privacy: going beyond K-anonymity, cloaking and anonymizers , 2011, Knowledge and Information Systems.

[25]  Cyrus Shahabi,et al.  Blind Evaluation of Nearest Neighbor Queries Using Space Transformation to Preserve Location Privacy , 2007, SSTD.