An Efficient Privacy-Preserving Location-Based Services Query Scheme in Outsourced Cloud

With the pervasiveness of location-aware mobile electronic devices and the advances of wireless communications, location-based services (LBS), which can help people enjoy a convenient life, has attracted considerable interest recently. However, the privacy issues of LBS are still challenging today. Aiming at the challenges, in this paper, we present a new efficient and privacy-preserving LBS query scheme in outsourced cloud, i.e., EPQ, for pervasive smartphones. In the EPQ scheme, the LBS provider's data are first outsourced to the cloud server in an encrypted manner, and then, a registered user can get accurate LBS query results without divulging his/her location information to the LBS provider and the cloud server. Specifically, based on an improved homomorphic encryption technique over a composite order group, a special spatial range query algorithm SRQC over ciphertext is proposed, with which EPQ achieves privacy preservation of user's query and confidentiality of LBS data in the outsourced cloud server. Through detailed security analysis, we show that EPQ can resist various known security threats. In addition, we also implement EPQ over a smartphone and three workstations with a real LBS data set, and extensive simulation results further demonstrate that the proposed EPQ scheme is highly efficient at the smartphone side and can be implemented effectively in the cloud server.

[1]  Xiaodong Lin,et al.  SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency , 2013, IEEE Transactions on Parallel and Distributed Systems.

[2]  Marco Gruteser,et al.  USENIX Association , 1992 .

[3]  Dijiang Huang,et al.  Enabling secure location-based services in mobile cloud computing , 2013, MCC '13.

[4]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[5]  Tetsuji Satoh,et al.  Protection of Location Privacy using Dummies for Location-based Services , 2005, 21st International Conference on Data Engineering Workshops (ICDEW'05).

[6]  Haojin Zhu,et al.  All your location are belong to us: breaking mobile social networks for automated user location tracking , 2013, MobiHoc '14.

[7]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[8]  Xiaodong Lin,et al.  FINE: A fine-grained privacy-preserving location-based service framework for mobile devices , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[9]  Ling Liu,et al.  Privacy-Aware Mobile Services over Road Networks , 2009, Proc. VLDB Endow..

[10]  Jianliang Xu,et al.  VERDICT: Privacy-preserving authentication of range queries in location-based services , 2013, 2013 IEEE 29th International Conference on Data Engineering (ICDE).

[11]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[12]  Philip S. Yu,et al.  Mining Cluster-Based Temporal Mobile Sequential Patterns in Location-Based Service Environments , 2011, IEEE Transactions on Knowledge and Data Engineering.

[13]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[14]  Hui Li,et al.  PPAS: privacy protection authentication scheme for VANET , 2013, Cluster Computing.

[15]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[16]  Cyrus Shahabi,et al.  Blind Evaluation of Nearest Neighbor Queries Using Space Transformation to Preserve Location Privacy , 2007, SSTD.

[17]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[18]  Ratna Dutta,et al.  Recipient Anonymous Ciphertext-Policy Attribute Based Encryption , 2013, ICISS.

[19]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[20]  Tatsuaki Okamoto,et al.  A New Public-Key Cryptosystem as Secure as Factoring , 1998, EUROCRYPT.

[21]  Cong Xu,et al.  Multi-dimensional k-anonymity Based on Mapping for Protecting Privacy , 2011, J. Softw..

[22]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[23]  Elisa Bertino,et al.  Privacy-Preserving and Content-Protecting Location Based Queries , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[24]  Urs Hengartner,et al.  A distributed k-anonymity protocol for location privacy , 2009, 2009 IEEE International Conference on Pervasive Computing and Communications.

[25]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.