Abstract
With the trend of cloud computing, outsourcing databases to third party service providers is becoming a common practice for data owners to decrease the cost of managing and maintaining databases in-house. In conjunction, due to the popularity of location-based-services (LBS), the need for spatial data (e.g., gazetteers, vector data) is increasing dramatically. Consequently, there is a noticeably new tendency of outsourcing spatial datasets by data collectors. Two main challenges with outsourcing datasets are to keep the data private (from the data provider) and to ensure the integrity of the query result (for the clients). Unfortunately, most of the techniques proposed for privacy and integrity do not extend to spatial data in a straightforward manner. Hence, recent studies proposed various techniques to support either privacy or integrity (but not both) on spatial datasets. In this paper, for the first time, we propose a technique that can ensure both privacy and integrity for outsourced spatial data. In particular, we first use a one-way spatial transformation method based on Hilbert curves, which encrypts the spatial data before outsourcing and, hence, ensures its privacy. Next, by probabilistically replicating a portion of the data and encrypting it with a different encryption key, we devise a technique for the client to audit the trustworthiness of the query results. We show the applicability of our approach for both k-nearest-neighbor queries and spatial range queries, which are the building blocks of any LBS application. We also design solutions to guarantee the freshness of outsourced spatial databases. Finally, we evaluate the validity and performance of our algorithms with security analyses and extensive simulations.
Similar content being viewed by others
References
Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order-preserving encryption for numeric data. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 563–574
Butz AR (1971) Alternative algorithm for Hilbert’s space-filling curve. IEEE Trans Comput 20(4):424–426
Cachin C, Schunter M (2011) A cloud you can trust. IEEE Spectrum 48(12):28–51
Devanbu PT, Gertz M, Martel CU, Stubblebine SG (2000) Authentic third-party data publication. In: Proceedings of the 14th annual working conference on Database Security (DBSec), pp 101–112
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
Dolan B (2011) 10 reasons why Google Health failed. Mobihealth News
Ferdowsi A (2011) Yesterday’s Authentication Bug. http://blog.dropbox.com/?p=821. Accessed 5 Mar 2012
Ghinita G, Kalnis P, Skiadopoulos S (2007) Prive: anonymous location-based queries in distributed mobile systems. In: WWW, pp 371–380
Hacigümüs H, Iyer BR, Li C, Mehrotra S (2002) Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 216–227
Hacigümüs H, Mehrotra S, Iyer BR (2002) Providing database as a service. In: Proceedings of the 18th International Conference on Data Engineering (ICDE), p 29
Hilbert D (1891) Ueber die stetige Abbildung einer Linie auf ein Flchenstck. Math Ann 38:459–460
Jagadish HV (1990) Linear clustering of objects with multiple atributes. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 332–342
Khoshgozaran A, Shahabi C (2007) Blind evaluation of nearest neighbor queries using space transformation to preserve location privacy. In: Proceedings of the 10th international Symposium on Spatial and Temporal Databases (SSTD), pp 239–257
Ku W-S, Hu L, Shahabi C, Wang H (2009) Query integrity assurance of location-based services accessing outsourced spatial databases. In: Proceedings of the 11th international Symposium on Spatial and Temporal Databases (SSTD), pp 80–97
Ku W-S, Zimmermann R, Wang H (2007) Location-based spatial queries with data sharing in wireless broadcast environments. In: ICDE, pp 1355–1359
Ku W-S, Zimmermann R, Wang H (2008) Location-based spatial query processing in wireless broadcast environments. IEEE Trans Mob Comput 7(6):778–791
Lawder JK, King PJH (2001) Querying multi-dimensional data indexed using the Hilbert space-filling curve. SIGMOD Record 30(1):19–24
Merkle RC (1989) A certified digital signature. In: Proceedings of the 9th annual international cryptology conference (CRYPTO), pp 218–238
Moon B, Jagadish HV, Faloutsos C, Saltz JH (2001) Analysis of the clustering properties of the Hilbert space-filling curve. IEEE Trans Knowl Data Eng 13(1):124–141
Mouratidis K, Sacharidis D, Pang H (2009) Partially materialized digest scheme: an efficient verification method for outsourced databases. VLDB J 18(1):363–381
Mykletun E, Narasimha M, Tsudik G (2004) Authentication and integrity in outsourced databases. In: Proceedings of the Network and Distributed System Security Symposium (NDSS)
Orenstein JA (1986) Spatial query processing in an object-oriented database system. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 326–336
Pang H, Jain A, Ramamritham K, Tan K-L (2005) Verifying completeness of relational query results in data publishing. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 407–418
Pang H, Zhang J, Mouratidis K (2009) Scalable verification for outsourced dynamic databases. Proceedings of the VLDB Endowment (PVLDB) 2(1):802–813
Papadopoulos S, Papadias D, Cheng W, Tan K-L (2009) Separating authentication from query execution in outsourced databases. In: Proceedings of the 25th International Conference on Data Engineering (ICDE)
PlayStation Network hack: why it took Sony seven days to tell the world (2011) http://www.guardian.co.uk/technology/gamesblog/2011/apr/27/playstation-network-hack-sony. Accessed 5 Mar 2012
Schneier B (1994) Description of a new variable-length key, 64-bit block cipher (Blowfish). In: Fast Software Encryption, Cambridge Security Workshop, pp 191–204. Springer, London, UK
Schneier B (1996) Applied cryptography (2nd ed). Protocols, algorithms, and source code in C. Wiley, New York, NY, USA
Sion R (2005) Query execution assurance for outsourced databases. In: Proceedings of the 31st international conference on Very Large Data Bases (VLDB), pp 601–612
Sommerville I (2006) Software engineering (8th edn). Addison Wesley
Wang H, Yin J, Perng C-S, Yu PS (2008) Dual encryption for query integrity assurance. In: Proceedings of the 17th ACM Conference on Information and Knowledge Management (CIKM), pp 863–872
Xie M, Wang H, Yin J, Meng X (2008) Providing freshness guarantees for outsourced databases. In: Proceedings of the 11th international conference on Extending Database Technology (EDBT), pp 323–332
Yang Y, Papadopoulos S, Papadias D, Kollios G (2008) Spatial outsourcing for location-based services. In: Proceedings of the 24th International Conference on Data Engineering (ICDE), pp 1082–1091
Yiu ML, Ghinita G, Jensen CS, Kalnis P (2009) Outsourcing of private spatial data for search services. In: Proceedings of the 25th International Conference on Data Engineering (ICDE)
Yiu ML, Ghinita G, Jensen CS, Kalnis P (2010) Enabling search services on outsourced private spatial data. VLDB J 19(3):363–384
Acknowledgements
This research has been funded in part by the US National Science Foundation (NSF) grants IIS-0238560 (PECASE), IIS-0534761, IIS-0742811, CNS-0831502 (CT), and CNS-0831505 (CT), CNS-0855251 (CRI), UT-Battelle grant (UT-B-4000087151), and in part from the METRANS Transportation Center, under grants from USDOT and Caltrans. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ku, WS., Hu, L., Shahabi, C. et al. A query integrity assurance scheme for accessing outsourced spatial databases. Geoinformatica 17, 97–124 (2013). https://doi.org/10.1007/s10707-012-0156-9
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10707-012-0156-9