A hybrid technique for private location-based queries with database protection

Handle URI:
http://hdl.handle.net/10754/564234
Title:
A hybrid technique for private location-based queries with database protection
Authors:
Ghinita, Gabriel; Kalnis, Panos ( 0000-0002-5060-1360 ) ; Kantarcioǧlu, Murât; Bertino, Elisa
Abstract:
Mobile devices with global positioning capabilities allow users to retrieve points of interest (POI) in their proximity. To protect user privacy, it is important not to disclose exact user coordinates to un-trusted entities that provide location-based services. Currently, there are two main approaches to protect the location privacy of users: (i) hiding locations inside cloaking regions (CRs) and (ii) encrypting location data using private information retrieval (PIR) protocols. Previous work focused on finding good trade-offs between privacy and performance of user protection techniques, but disregarded the important issue of protecting the POI dataset D. For instance, location cloaking requires large-sized CRs, leading to excessive disclosure of POIs (O(|D|) in the worst case). PIR, on the other hand, reduces this bound to , but at the expense of high processing and communication overhead. We propose a hybrid, two-step approach to private location-based queries, which provides protection for both the users and the database. In the first step, user locations are generalized to coarse-grained CRs which provide strong privacy. Next, a PIR protocol is applied with respect to the obtained query CR. To protect excessive disclosure of POI locations, we devise a cryptographic protocol that privately evaluates whether a point is enclosed inside a rectangular region. We also introduce an algorithm to efficiently support PIR on dynamic POI sub-sets. Our method discloses O(1) POI, orders of magnitude fewer than CR- or PIR-based techniques. Experimental results show that the hybrid approach is scalable in practice, and clearly outperforms the pure-PIR approach in terms of computational and communication overhead. © 2009 Springer Berlin Heidelberg.
KAUST Department:
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division; Computer Science Program
Publisher:
Springer Science + Business Media
Journal:
Advances in Spatial and Temporal Databases
Conference/Event name:
11th International Symposium on Spatial and Temporal Databases, SSTD 2009
Issue Date:
2009
DOI:
10.1007/978-3-642-02982-0_9
Type:
Conference Paper
ISSN:
03029743
ISBN:
3642029817; 9783642029813
Appears in Collections:
Conference Papers; Computer Science Program; Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division

Full metadata record

DC FieldValue Language
dc.contributor.authorGhinita, Gabrielen
dc.contributor.authorKalnis, Panosen
dc.contributor.authorKantarcioǧlu, Murâten
dc.contributor.authorBertino, Elisaen
dc.date.accessioned2015-08-04T06:20:03Zen
dc.date.available2015-08-04T06:20:03Zen
dc.date.issued2009en
dc.identifier.isbn3642029817; 9783642029813en
dc.identifier.issn03029743en
dc.identifier.doi10.1007/978-3-642-02982-0_9en
dc.identifier.urihttp://hdl.handle.net/10754/564234en
dc.description.abstractMobile devices with global positioning capabilities allow users to retrieve points of interest (POI) in their proximity. To protect user privacy, it is important not to disclose exact user coordinates to un-trusted entities that provide location-based services. Currently, there are two main approaches to protect the location privacy of users: (i) hiding locations inside cloaking regions (CRs) and (ii) encrypting location data using private information retrieval (PIR) protocols. Previous work focused on finding good trade-offs between privacy and performance of user protection techniques, but disregarded the important issue of protecting the POI dataset D. For instance, location cloaking requires large-sized CRs, leading to excessive disclosure of POIs (O(|D|) in the worst case). PIR, on the other hand, reduces this bound to , but at the expense of high processing and communication overhead. We propose a hybrid, two-step approach to private location-based queries, which provides protection for both the users and the database. In the first step, user locations are generalized to coarse-grained CRs which provide strong privacy. Next, a PIR protocol is applied with respect to the obtained query CR. To protect excessive disclosure of POI locations, we devise a cryptographic protocol that privately evaluates whether a point is enclosed inside a rectangular region. We also introduce an algorithm to efficiently support PIR on dynamic POI sub-sets. Our method discloses O(1) POI, orders of magnitude fewer than CR- or PIR-based techniques. Experimental results show that the hybrid approach is scalable in practice, and clearly outperforms the pure-PIR approach in terms of computational and communication overhead. © 2009 Springer Berlin Heidelberg.en
dc.publisherSpringer Science + Business Mediaen
dc.titleA hybrid technique for private location-based queries with database protectionen
dc.typeConference Paperen
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Divisionen
dc.contributor.departmentComputer Science Programen
dc.identifier.journalAdvances in Spatial and Temporal Databasesen
dc.conference.date8 July 2009 through 10 July 2009en
dc.conference.name11th International Symposium on Spatial and Temporal Databases, SSTD 2009en
dc.conference.locationAalborgen
dc.contributor.institutionPurdue University, West Lafayette, IN 47907, United Statesen
dc.contributor.institutionUniversity of Texas at Dallas, Richardson, TX 75080, United Statesen
kaust.authorKalnis, Panosen
All Items in KAUST are protected by copyright, with all rights reserved, unless otherwise indicated.