Abstract
Cloud service providers can offer virtual servers, with powerful processors and massive storage capacity for nominal per-use charges. With the underlying resources, the cloud allows data owners to trade capital expense for the variable cost. The auto-scaling features of the cloud can control the consumption of computing resources and hence the associated cost. However, by saving data on the cloud, the privacy of data becomes at risk. Data becomes exposed to the untrusted cloud. The users’ queries can also be monitored by attackers and cloud operators. Furthermore, the pattern of accessing data can be identified. The solution is to encrypt data before outsourcing to the cloud. However, answering queries over encrypted data becomes a challenge. This paper proposes a novel technique, called Secure Voronoi kNN (SVK), that answers k-nearest neighbor (kNN) queries over encrypted data in a two-cloud architecture. SVK can hide data access patterns from the cloud.
Similar content being viewed by others
Data availability
The spatial dataset used to test the proposed algorithms is a real-world dataset that can be publicly accessed through https://www.openstreetmap.org. The dataset represents spatial data points of the Road Network of Texas. The domain of the dataset was normalized to the unit square [0,1].
References
Liu Z, Choo KKR, Zhao M (2017) Practical-oriented protocols for privacy-preserving outsourced big data analysis: challenges and future research directions. Comput Secur. https://doi.org/10.1016/j.cose.2016.12.006
Hashim A (2020) Sina Weibo suffered data breach exposing 538 million records now on sale. https://latesthackingnews.com/2020/03/24/sina-weibo-suffered-data-breach-exposing-538-million-records-now-on-sale/#:~:text=SinaWeiboDataBreachReportedly%2CChinesesiteSina,Shu%29%2CCTOMoresec%2CpostedaboutitonWeibo. Accessed 13 Feb 2021
CBSNewYork (2020) Data breach. CBSNewYork
Bohli JM, Gruschka N, Jensen M et al (2013) Security and privacy-enhancing multicloud architectures. IEEE Trans Dependable Secure Comput 10:212–224. https://doi.org/10.1109/TDSC.2013.6
Schoenmakers B (2011) Homomorphic encryption. In: van Tilborg HCA, Jajodia S (eds) Encyclopedia of cryptography and security. Springer, Boston
Paillier P (2011) Paillier encryption and signature schemes. In: van Tilborg HCA, Jajodia S (eds) Encyclopedia of cryptography and security. Springer, Boston
Hong J, Wen T, Guo Q, Ye Z (2017) Secure kNN computation and integrity assurance of data outsourcing in the cloud. Math Probl Eng. https://doi.org/10.1155/2017/8109730
White DA, Jain R (1996) Similarity indexing with the SS-tree. In: Proceedings—International Conference on Data Engineering, pp 516–523. https://doi.org/10.1109/icde.1996.492202
Delfs H, Knebl H (2015) Introduction to cryptography principles and applications, 3rd edn. Springer, Berlin
Goethals B, Laur S, Lipmaa H, Mielik T (2004) On private scalar product computation for privacy-preserving data mining Bart. In: International Conference on Information Security and Cryptology, vol 3506, pp 104–120
Oliveira SRM, Zaïane OR (2003) Privacy preserving clustering by data transformation. In: Proceedings of the 18th Brazilian Symposium on Databases, vol 1, pp 304–318. 10.1.1.2.42
Zhu X, Wu J, Chang W, et al (2019) Authentication of multi-dimensional top-K query on untrusted server. In: IEEE/ACM 26th International Symposium on Quality of Service, IWQoS, pp 1–6. https://doi.org/10.1109/IWQoS.2018.8624145
Yang G, Cai Y, Hu Z (2016) Authentication of function queries. In: IEEE 32nd International Conference on Data Engineering, ICDE 2016, pp 337–348. https://doi.org/10.1109/ICDE.2016.7498252
Liu AX, Li R (2021) K-nearest neighbor queries over encrypted data. Algorithms for data and computation privacy. Springer, pp 79–108. https://doi.org/10.1007/978-3-030-58896-0
Bloom BH (1970) Space/time trade-offs in hash coding with allowable errors. Commun ACM 13:422–426. https://doi.org/10.1145/362686.362692
Wong WK, Cheung DW, Kao B, Mamoulis N (2009) Secure kNN encrypted databases. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, pp 139–152
Hu H, Xu J, Ren C, Choi B (2011) Processing private queries over untrusted data cloud through privacy homomorphism. In: Proceedings—International Conference on Data Engineering, pp 601–612. https://doi.org/10.1109/ICDE.2011.5767862
Yi X, Paulet R, Bertino E, Varadharajan V (2014) Practical k nearest neighbor queries with location privacy. In: Proceedings—International Conference on Data Engineering, pp 640–651. https://doi.org/10.1109/ICDE.2014.6816688
Wang B, Hou Y, Li M (2016) Practical and secure nearest neighbor search on encrypted large-scale data. In: Proceedings—IEEE Conference on Computer Communications, INFOCOM
Yao B, Li F, Xiao X (2013) Secure nearest neighbor revisited. In: Proceedings—International Conference on Data Engineering, pp 733–744. https://doi.org/10.1109/ICDE.2013.6544870
Demsetz H, Alchian A (2020) One-time, oblivious, and unlinkable query processing over encrypted data on cloud. Inf Commun Secur 62:350–365
Gaikwad VS, Walse KH, Thakare VM (2022) Privacy preserving outsourced k nearest neighbors classification: comprehensive study. Springer, Singapore
Sun F, Yu J, Ge X et al (2021) Constrained top-k nearest fuzzy keyword queries on encrypted graph in road network. Comput Secur 111:102456. https://doi.org/10.1016/j.cose.2021.102456
Yang Y, Miao Y, Choo KKR, Deng RH (2022) Lightweight privacy-preserving spatial keyword query over encrypted cloud data. In: Proceedings—International Conference on Distributed Computing Systems 2022-July, pp 392–402. https://doi.org/10.1109/ICDCS54860.2022.00045
Song Z, Ren Y, He G (2022) Privacy-preserving KNN classification algorithm for smart grid. Secur Commun Netw. https://doi.org/10.1155/2022/7333175
Oded G (2004) Foundations of cryptography: basic applications, vol 2. Cambridge University Press, Cambridge
Mohassel P, Zhang Y (2017) SecureML: a system for scalable privacy-preserving machine learning. In: Proceedings—IEEE Symposium on Security and Privacy, pp 19–38. https://doi.org/10.1109/SP.2017.12
Data61 C (2018) Python Paillier documentation
Openstreetmap. https://www.openstreetmap.org
Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol 1592, pp 223–238. https://doi.org/10.1007/3-540-48910-X_16
Cai C, Awano H, Ikeda M (2019) High-speed ASIC implementation of Paillier cryptosystem with homomorphism. In: IEEE 13th International Conference on ASIC, pp 1–4
Jost C, Lam H, Maximov A, Smeets B (2015) Encryption performance improvements of the Paillier cryptosystem. IACR Cryptol Int Assoc Cryptol Res 8:864
Harerimana R, Tan SY, Yau WC (2017) A Java implementation of Paillier homomorphic encryption scheme. In: 2017 5th International Conference on Information and Communication Technology, ICoIC7 2017 0. https://doi.org/10.1109/ICoICT.2017.8074646
Xue K, Li S, Hong J et al (2017) Two-cloud secure database for numeric-related SQL range queries with privacy preserving. IEEE Trans Inf Forensics Secur 12:1596–1608. https://doi.org/10.1109/TIFS.2017.2675864
Hsu YC, Hsueh CH, Wu JL (2020) A privacy preserving cloud-based K-NN search scheme with lightweight user loads. Computers 9:1–27. https://doi.org/10.3390/computers9010001
Li M, Zhang M, Gao J et al (2022) Repetitive, oblivious, and unlinkable SkNN over encrypted-and-updated data on cloud. Inf Commun Secur 1:261–280. https://doi.org/10.1007/978-3-031-15777-6
D’Arco P, De Prisco R (2016) Secure computation without computers. Theor Comput Sci 651:11–36. https://doi.org/10.1016/j.tcs.2016.08.003
Zhu Y, Zhang Y, Yuan J, Wang X (2018) FTP: an approximate fast privacy-preserving equality test protocol for authentication in Internet of Things. Secur Commun Netw 2018:1–9. https://doi.org/10.1155/2018/6909703
Biryukov A (2011) Chosen plaintext and chosen ciphertext attack. In: van Tilborg HCA, Jajodia S (eds) Encyclopedia of cryptography and security. Springer, Boston, p 205
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
Tasneem Ghunaim, Ibrahim Kamel, and Zaher Al Aghbari conceived and designed the proposed algorithms. Tasneem Ghunaim wrote the main manuscript text, implemented the proposed algorithms, executed the performance analysis, and concluded the results. Ibrahim Kamel and Zaher Al Aghbari outlined and modeled the different versions of the proposed protocols and studied the final results. All authors reviewed the manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Ethical approval
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ghunaim, T., Kamel, I. & Al Aghbari, Z. Secure kNN query of outsourced spatial data using two-cloud architecture. J Supercomput 79, 21310–21345 (2023). https://doi.org/10.1007/s11227-023-05495-7
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-023-05495-7