Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud

Meng Li; Mingwei Zhang; Jianbo Gao; Chhagan Lal; Mauro Conti; Mamoun Alazab

doi:10.1007/978-3-031-15777-6_15

Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud

Meng Li, Mingwei Zhang, Jianbo Gao, Chhagan Lal, Mauro Conti, Mamoun Alazab

CDU College of Engineering, IT and Environment

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › peer-review

Abstract

Location-Based Services (LBSs) depend on a Service Provider (SP) to store data owners’ geospatial data and to process data users’ queries. For example, a Yelp user queries the SP to retrieve the k nearest Starbucks by submitting her/his current location. It is well-acknowledged that location privacy is vital to users and several prominent Secure k Nearest Neighbor (SkNN) query processing schemes are proposed. We observe that no prior work addresses the requirement of repetitive query after index update and its privacy issue, i.e., how to match a data item from the cloud repetitively in an oblivious and unlinkable manner. Meanwhile, a malicious SP may skip some data items and recommend others due to unfair competition. In this work, we formally define the repetitive query and its privacy objectives and present an Repetitive, Oblivious, and Unlinkable SkNN scheme ROU. Specifically, we design a multi-level structure to organize locations to further improve search efficiency. Second, we integrate data item identity into the framework of existing SkNN query processing. Data owners encrypt their data item identity and location information into a secure index, and data users encrypt a customized identity range of a previously retrieved data item and location information into a token. Next, the SP uses the token to query the secure index to find the specific data item via privacy-preserving range querying. We formally prove the privacy of ROU in the random oracle model. We build a prototype based on a server to evaluate the performance with a real-world dataset. Experimental results show that ROU is efficient and practical in terms of computational cost, communication overhead, and result verification.

Original language	English
Title of host publication	Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings
Editors	Cristina Alcaraz, Liqun Chen, Shujun Li, Pierangela Samarati
Place of Publication	Germany
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	261-280
Number of pages	20
Edition	1
ISBN (Electronic)	9783031157776
ISBN (Print)	9783031157769
DOIs	https://doi.org/10.1007/978-3-031-15777-6_15
Publication status	Published - 2022
Event	24th International Conference on Information and Communications Security, ICICS 2022 - Canterbury, United Kingdom Duration: 5 Sep 2022 → 8 Sep 2022 Conference number: 24 https://icics2022.cyber.kent.ac.uk/

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13407 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	24th International Conference on Information and Communications Security, ICICS 2022
Abbreviated title	ICICS 2022
Country/Territory	United Kingdom
City	Canterbury
Period	5/09/22 → 8/09/22
Internet address	https://icics2022.cyber.kent.ac.uk/

Access to Document

10.1007/978-3-031-15777-6_15

Cite this

Li, M., Zhang, M., Gao, J., Lal, C., Conti, M., & Alazab, M. (2022). Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud. In C. Alcaraz, L. Chen, S. Li, & P. Samarati (Eds.), Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings (1 ed., pp. 261-280). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13407 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-15777-6_15

Li, Meng ; Zhang, Mingwei ; Gao, Jianbo et al. / Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud. Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings. editor / Cristina Alcaraz ; Liqun Chen ; Shujun Li ; Pierangela Samarati. 1. ed. Germany : Springer Science and Business Media Deutschland GmbH, 2022. pp. 261-280 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{b324ca037fb04969bb67dfa04cc0a977,

title = "Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud",

abstract = "Location-Based Services (LBSs) depend on a Service Provider (SP) to store data owners{\textquoteright} geospatial data and to process data users{\textquoteright} queries. For example, a Yelp user queries the SP to retrieve the k nearest Starbucks by submitting her/his current location. It is well-acknowledged that location privacy is vital to users and several prominent Secure k Nearest Neighbor (SkNN) query processing schemes are proposed. We observe that no prior work addresses the requirement of repetitive query after index update and its privacy issue, i.e., how to match a data item from the cloud repetitively in an oblivious and unlinkable manner. Meanwhile, a malicious SP may skip some data items and recommend others due to unfair competition. In this work, we formally define the repetitive query and its privacy objectives and present an Repetitive, Oblivious, and Unlinkable SkNN scheme ROU. Specifically, we design a multi-level structure to organize locations to further improve search efficiency. Second, we integrate data item identity into the framework of existing SkNN query processing. Data owners encrypt their data item identity and location information into a secure index, and data users encrypt a customized identity range of a previously retrieved data item and location information into a token. Next, the SP uses the token to query the secure index to find the specific data item via privacy-preserving range querying. We formally prove the privacy of ROU in the random oracle model. We build a prototype based on a server to evaluate the performance with a real-world dataset. Experimental results show that ROU is efficient and practical in terms of computational cost, communication overhead, and result verification.",

keywords = "Cloud computing, Privacy, Repetitive query, SkNN",

author = "Meng Li and Mingwei Zhang and Jianbo Gao and Chhagan Lal and Mauro Conti and Mamoun Alazab",

note = "Funding Information: The work described in this paper is supported by National Natural Science Foundation of China (NSFC) under the grant No. 62002094 and Anhui Provincial Natural Science Foundation under the grant No. 2008085MF196. It is partially supported by EU LOCARD Project under Grant H2020-SU-SEC-2018-832735. ; 24th International Conference on Information and Communications Security, ICICS 2022, ICICS 2022 ; Conference date: 05-09-2022 Through 08-09-2022",

year = "2022",

doi = "10.1007/978-3-031-15777-6_15",

language = "English",

isbn = "9783031157769",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "261--280",

editor = "Cristina Alcaraz and Liqun Chen and Shujun Li and Pierangela Samarati",

booktitle = "Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings",

address = "Germany",

edition = "1",

url = "https://icics2022.cyber.kent.ac.uk/",

}

Li, M, Zhang, M, Gao, J, Lal, C, Conti, M & Alazab, M 2022, Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud. in C Alcaraz, L Chen, S Li & P Samarati (eds), Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings. 1 edn, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13407 LNCS, Springer Science and Business Media Deutschland GmbH, Germany, pp. 261-280, 24th International Conference on Information and Communications Security, ICICS 2022, Canterbury, United Kingdom, 5/09/22. https://doi.org/10.1007/978-3-031-15777-6_15

Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud. / Li, Meng; Zhang, Mingwei; Gao, Jianbo et al.

Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings. ed. / Cristina Alcaraz; Liqun Chen; Shujun Li; Pierangela Samarati. 1. ed. Germany : Springer Science and Business Media Deutschland GmbH, 2022. p. 261-280 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13407 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › peer-review

TY - GEN

T1 - Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud

AU - Li, Meng

AU - Zhang, Mingwei

AU - Gao, Jianbo

AU - Lal, Chhagan

AU - Conti, Mauro

AU - Alazab, Mamoun

N1 - Conference code: 24

PY - 2022

Y1 - 2022

N2 - Location-Based Services (LBSs) depend on a Service Provider (SP) to store data owners’ geospatial data and to process data users’ queries. For example, a Yelp user queries the SP to retrieve the k nearest Starbucks by submitting her/his current location. It is well-acknowledged that location privacy is vital to users and several prominent Secure k Nearest Neighbor (SkNN) query processing schemes are proposed. We observe that no prior work addresses the requirement of repetitive query after index update and its privacy issue, i.e., how to match a data item from the cloud repetitively in an oblivious and unlinkable manner. Meanwhile, a malicious SP may skip some data items and recommend others due to unfair competition. In this work, we formally define the repetitive query and its privacy objectives and present an Repetitive, Oblivious, and Unlinkable SkNN scheme ROU. Specifically, we design a multi-level structure to organize locations to further improve search efficiency. Second, we integrate data item identity into the framework of existing SkNN query processing. Data owners encrypt their data item identity and location information into a secure index, and data users encrypt a customized identity range of a previously retrieved data item and location information into a token. Next, the SP uses the token to query the secure index to find the specific data item via privacy-preserving range querying. We formally prove the privacy of ROU in the random oracle model. We build a prototype based on a server to evaluate the performance with a real-world dataset. Experimental results show that ROU is efficient and practical in terms of computational cost, communication overhead, and result verification.

AB - Location-Based Services (LBSs) depend on a Service Provider (SP) to store data owners’ geospatial data and to process data users’ queries. For example, a Yelp user queries the SP to retrieve the k nearest Starbucks by submitting her/his current location. It is well-acknowledged that location privacy is vital to users and several prominent Secure k Nearest Neighbor (SkNN) query processing schemes are proposed. We observe that no prior work addresses the requirement of repetitive query after index update and its privacy issue, i.e., how to match a data item from the cloud repetitively in an oblivious and unlinkable manner. Meanwhile, a malicious SP may skip some data items and recommend others due to unfair competition. In this work, we formally define the repetitive query and its privacy objectives and present an Repetitive, Oblivious, and Unlinkable SkNN scheme ROU. Specifically, we design a multi-level structure to organize locations to further improve search efficiency. Second, we integrate data item identity into the framework of existing SkNN query processing. Data owners encrypt their data item identity and location information into a secure index, and data users encrypt a customized identity range of a previously retrieved data item and location information into a token. Next, the SP uses the token to query the secure index to find the specific data item via privacy-preserving range querying. We formally prove the privacy of ROU in the random oracle model. We build a prototype based on a server to evaluate the performance with a real-world dataset. Experimental results show that ROU is efficient and practical in terms of computational cost, communication overhead, and result verification.

KW - Cloud computing

KW - Privacy

KW - Repetitive query

KW - SkNN

UR - http://www.scopus.com/inward/record.url?scp=85137025760&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-15777-6_15

DO - 10.1007/978-3-031-15777-6_15

M3 - Conference Paper published in Proceedings

AN - SCOPUS:85137025760

SN - 9783031157769

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 261

EP - 280

BT - Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings

A2 - Alcaraz, Cristina

A2 - Chen, Liqun

A2 - Li, Shujun

A2 - Samarati, Pierangela

PB - Springer Science and Business Media Deutschland GmbH

CY - Germany

T2 - 24th International Conference on Information and Communications Security, ICICS 2022

Y2 - 5 September 2022 through 8 September 2022

ER -

Li M, Zhang M, Gao J, Lal C, Conti M, Alazab M. Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud. In Alcaraz C, Chen L, Li S, Samarati P, editors, Information and Communications Security - 24th International Conference, ICICS 2022, Proceedings. 1 ed. Germany: Springer Science and Business Media Deutschland GmbH. 2022. p. 261-280. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-15777-6_15