Query Integrity Assurance of Location-Based Services Accessing Outsourced Spatial Databases

Outsourcing data to third party data providers is becoming a common practice for data owners to avoid the cost of managing and maintaining databases. Meanwhile, due to the popularity of location-based-services (LBS), the need for spatial data (e.g., gazetteers, vector data) is increasing exponentially. Consequently, we are witnessing a new trend of outsourcing spatial datasets by data collectors. Two main challenges with outsourcing datasets is to keep the data private (from the data provider) and ensure the integrity of the query result (for the clients). Unfortunately, most of the techniques proposed for privacy and integrity do not extend to spatial data in a straightforward manner. Hence, recent studies proposed various techniques to support either privacy or integrity (but not both) on spatial datasets. In this paper, for the first time, we propose a technique that can ensure both privacy and integrity for outsourced spatial data. In particular, we first use a one-way spatial transformation method based on Hilbert curves, which encrypts the spatial data before outsourcing and hence ensures its privacy. Next, by probabilistically replicating a portion of the data and encrypting it with a different encryption key, we devise a technique for the client to audit the trustworthiness of the query results. We show the applicability of our approach for both k -nearest-neighbor and spatial range queries, the building blocks of any LBS application. Finally, we evaluate the validity and performance of our algorithms with real-world datasets.

[1]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[2]  D. Hilbert Ueber die stetige Abbildung einer Line auf ein Flächenstück , 1891 .

[3]  Arthur R. Butz,et al.  Alternative Algorithm for Hilbert's Space-Filling Curve , 1971, IEEE Transactions on Computers.

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[6]  Ian Sommerville,et al.  Software Engineering: (Update) (8th Edition) (International Computer Science) , 2006 .

[7]  Radu Sion,et al.  Query Execution Assurance for Outsourced Databases , 2005, VLDB.

[8]  Panos Kalnis,et al.  Outsourcing Search Services on Private Spatial Data , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[9]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[10]  Dimitris Sacharidis,et al.  Partially materialized digest scheme: an efficient verification method for outsourced databases , 2008, The VLDB Journal.

[11]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[12]  D. Hilbert Über die stetige Abbildung einer Linie auf ein Flächenstück , 1935 .

[13]  Yin Yang,et al.  Spatial Outsourcing for Location-based Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[14]  Christos Faloutsos,et al.  Analysis of the Clustering Properties of the Hilbert Space-Filling Curve , 2001, IEEE Trans. Knowl. Data Eng..

[15]  Jack A. Orenstein Spatial query processing in an object-oriented database system , 1986, SIGMOD '86.

[16]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[17]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[18]  Haixun Wang,et al.  Location-Based Spatial Query Processing with Data Sharing in Wireless Broadcast Environments , 2008, IEEE Transactions on Mobile Computing.

[19]  Cyrus Shahabi,et al.  Blind Evaluation of Nearest Neighbor Queries Using Space Transformation to Preserve Location Privacy , 2007, SSTD.

[20]  Peter J. H. King,et al.  Querying multi-dimensional data indexed using the Hilbert space-filling curve , 2001, SGMD.

[21]  Ian Sommerville,et al.  Software engineering, 8th Edition , 2007, International computer science series.

[22]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[23]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[24]  Michael Gertz,et al.  Authentic Third-party Data Publication , 2000, DBSec.

[25]  Stavros Papadopoulos,et al.  Separating Authentication from Query Execution in Outsourced Databases , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[26]  Chengyang Zhang,et al.  Advances in Spatial and Temporal Databases , 2015, Lecture Notes in Computer Science.

[27]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[28]  Philip S. Yu,et al.  Dual encryption for query integrity assurance , 2008, CIKM '08.

[29]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[30]  H. V. Jagadish,et al.  Linear clustering of objects with multiple attributes , 1990, SIGMOD '90.