A query integrity assurance scheme for accessing outsourced spatial databases

With the trend of cloud computing, outsourcing databases to third party service providers is becoming a common practice for data owners to decrease the cost of managing and maintaining databases in-house. In conjunction, due to the popularity of location-based-services (LBS), the need for spatial data (e.g., gazetteers, vector data) is increasing dramatically. Consequently, there is a noticeably new tendency of outsourcing spatial datasets by data collectors. Two main challenges with outsourcing datasets are to keep the data private (from the data provider) and to ensure the integrity of the query result (for the clients). Unfortunately, most of the techniques proposed for privacy and integrity do not extend to spatial data in a straightforward manner. Hence, recent studies proposed various techniques to support either privacy or integrity (but not both) on spatial datasets. In this paper, for the first time, we propose a technique that can ensure both privacy and integrity for outsourced spatial data. In particular, we first use a one-way spatial transformation method based on Hilbert curves, which encrypts the spatial data before outsourcing and, hence, ensures its privacy. Next, by probabilistically replicating a portion of the data and encrypting it with a different encryption key, we devise a technique for the client to audit the trustworthiness of the query results. We show the applicability of our approach for both k-nearest-neighbor queries and spatial range queries, which are the building blocks of any LBS application. We also design solutions to guarantee the freshness of outsourced spatial databases. Finally, we evaluate the validity and performance of our algorithms with security analyses and extensive simulations.

[1]  Philip S. Yu,et al.  Dual encryption for query integrity assurance , 2008, CIKM '08.

[2]  Cyrus Shahabi,et al.  Blind Evaluation of Nearest Neighbor Queries Using Space Transformation to Preserve Location Privacy , 2007, SSTD.

[3]  Xiaofeng Meng,et al.  Providing freshness guarantees for outsourced databases , 2008, EDBT '08.

[4]  Stavros Papadopoulos,et al.  Separating Authentication from Query Execution in Outsourced Databases , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[5]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[6]  Panos Kalnis,et al.  Enabling search services on outsourced private spatial data , 2009, The VLDB Journal.

[7]  Yin Yang,et al.  Spatial Outsourcing for Location-based Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[8]  Christos Faloutsos,et al.  Analysis of the Clustering Properties of the Hilbert Space-Filling Curve , 2001, IEEE Trans. Knowl. Data Eng..

[9]  Jack A. Orenstein Spatial query processing in an object-oriented database system , 1986, SIGMOD '86.

[10]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[11]  Michael Gertz,et al.  Authentic Third-party Data Publication , 2000, DBSec.

[12]  Radu Sion,et al.  Query Execution Assurance for Outsourced Databases , 2005, VLDB.

[13]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[14]  Haixun Wang,et al.  Location-based Spatial Queries with Data Sharing in Wireless Broadcast Environments , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[15]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[16]  D. Hilbert Ueber die stetige Abbildung einer Line auf ein Flächenstück , 1891 .

[17]  Arthur R. Butz,et al.  Alternative Algorithm for Hilbert's Space-Filling Curve , 1971, IEEE Transactions on Computers.

[18]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[19]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[20]  Panos Kalnis,et al.  Outsourcing Search Services on Private Spatial Data , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[21]  Roger Zimmermann,et al.  Location-based Spatial Queries with Data Sharing in Mobile Environments , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[22]  Haixun Wang,et al.  Location-Based Spatial Query Processing with Data Sharing in Wireless Broadcast Environments , 2008, IEEE Transactions on Mobile Computing.

[23]  Peter J. H. King,et al.  Querying multi-dimensional data indexed using the Hilbert space-filling curve , 2001, SGMD.

[24]  Dimitris Sacharidis,et al.  Partially materialized digest scheme: an efficient verification method for outsourced databases , 2008, The VLDB Journal.

[25]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[26]  Kyriakos Mouratidis,et al.  Scalable Verification for Outsourced Dynamic Databases , 2009, Proc. VLDB Endow..

[27]  C. Cachin,et al.  A cloud you can trust , 2011, IEEE Spectrum.

[28]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[29]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[30]  Haixun Wang,et al.  Query Integrity Assurance of Location-Based Services Accessing Outsourced Spatial Databases , 2009, SSTD.

[31]  H. V. Jagadish,et al.  Linear clustering of objects with multiple attributes , 1990, SIGMOD '90.

[32]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.