A common functionality of many location-based social networking applications is a location sharing service that allows a group of friends to share their locations. With a potentially un-trusted server, such a location sharing service may threaten the privacy of users. Existing solutions for Privacy-Preserving Location Sharing Services (PPLSS) require a trusted third party that has access to the exact location of all users in the system or rely on expensive algorithms or protocols in terms of computational or communication overhead. Other solutions can only provide approximate query answers. To overcome these limitations, we propose a new encryption notion, called Order-Retrievable Encryption (ORE), for PPLSS for social networking applications. The distinguishing characteristics of our PPLSS are that it allows a group of friends to share their exact locations without the need of any third party or leaking any location information to any server or users outside the group, achieves low computational and communication cost by allowing users to receive the exact location of their friends without requiring any direct communication between users or multiple rounds of communication between a user and a server, provides efficient query processing by designing an index structure for our ORE scheme, supports dynamic location updates, and provides personalized privacy protection within a group of friends by specifying a maximum distance where a user is willing to be located by his/her friends. Experimental results show that the computational and communication cost of our PPLSS is much better than the state-of-the-art solution.
Privacy preserving location sharing services for social networksNexgen Technology
This document proposes a new encryption scheme called Order-Retrievable Encryption (ORE) to enable privacy-preserving location sharing services for social networks. ORE allows a group of friends to share their exact locations with each other without revealing their locations to untrusted servers or outsiders. It achieves low computation and communication costs by allowing users to get friends' locations directly from the server without communicating with each other. The server can process queries to retrieve friends' locations within a specified distance of the user's location without learning the actual locations. Experimental results show ORE has better performance than existing cryptography-based techniques for spatial queries.
Exploiting Service Similarity for Privacy in Location Based Search QueriesMigrant Systems
This document proposes a privacy-supportive architecture for location-based services that allows users to make informed decisions about location privacy without significantly affecting service quality. The key aspects are:
1) Users first submit queries with generalized locations and receive a "service similarity profile" showing how results may vary across locations.
2) Users can then select a noisy location based on their privacy preferences while observing how it impacts results.
3) An example local search application is described to demonstrate how result set boundaries with no change can be identified, allowing large default privacy regions. Testing found users can add significant location noise while still getting accurate results.
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICESnexgentechnology
This document proposes a user-defined privacy grid system called Dynamic Grid System (DGS) to provide privacy-preserving location-based services. DGS uses a semi-trusted third party called a query server to process user requests while preserving the privacy of user locations. It divides query processing between the query server and service provider. Experimental results show DGS is more efficient than existing techniques requiring a fully-trusted third party, providing better privacy guarantees with lower communication and computation costs.
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES - IEE...Nexgen Technology
Nexgen Technology Address:
Nexgen Technology
No :66,4th cross,Venkata nagar,
Near SBI ATM,
Puducherry.
Email Id: praveen@nexgenproject.com.
www.nexgenproject.com
Mobile: 9751442511,9791938249
Telephone: 0413-2211159.
NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km
Privacy preserving relative location based services for mobile usersLeMeniz Infotech
Privacy preserving relative location based services for mobile users
Do Your Projects With Technology Experts
To Get this projects Call : 9566355386 / 99625 88976
Web : http://www.lemenizinfotech.com
Web : http://www.ieeemaster.com
Mail : projects@lemenizinfotech.com
Blog : http://ieeeprojectspondicherry.weebly.com
Blog : http://www.ieeeprojectsinpondicherry.blogspot.in/
Youtube:https://www.youtube.com/watch?v=eesBNUnKvws
Oruta: Privacy-Preserving Public Auditing for Shared Data in the CloudMigrant Systems
This document proposes a new mechanism called Oruta that allows privacy-preserving public auditing of shared data stored in the cloud. It utilizes ring signatures to construct homomorphic authenticators, allowing a third party auditor to verify the integrity of shared data for a group of users without revealing the identity of the signer on each data block. Oruta also supports batch auditing of multiple datasets and fully dynamic operations on shared data through the use of index hash tables. The mechanism aims to achieve public auditing, correctness, unforgeability, and identity privacy during the auditing process.
Privacy preserving optimal meeting location determination on mobile devicesAdz91 Digital Ads Pvt Ltd
The document proposes privacy-preserving algorithms for determining an optimal meeting location for a group of users. It aims to solve this fair rendezvous point (FRVP) problem in a way that protects users' location privacy from both other users and third-party service providers. The algorithms utilize homomorphic encryption to privately compute the meeting point from users' location preferences without revealing those preferences. The document evaluates the privacy and performance of the algorithms through both theoretical analysis and prototype implementation on mobile devices.
Privacy preserving location sharing services for social networksNexgen Technology
This document proposes a new encryption scheme called Order-Retrievable Encryption (ORE) to enable privacy-preserving location sharing services for social networks. ORE allows a group of friends to share their exact locations with each other without revealing their locations to untrusted servers or outsiders. It achieves low computation and communication costs by allowing users to get friends' locations directly from the server without communicating with each other. The server can process queries to retrieve friends' locations within a specified distance of the user's location without learning the actual locations. Experimental results show ORE has better performance than existing cryptography-based techniques for spatial queries.
Exploiting Service Similarity for Privacy in Location Based Search QueriesMigrant Systems
This document proposes a privacy-supportive architecture for location-based services that allows users to make informed decisions about location privacy without significantly affecting service quality. The key aspects are:
1) Users first submit queries with generalized locations and receive a "service similarity profile" showing how results may vary across locations.
2) Users can then select a noisy location based on their privacy preferences while observing how it impacts results.
3) An example local search application is described to demonstrate how result set boundaries with no change can be identified, allowing large default privacy regions. Testing found users can add significant location noise while still getting accurate results.
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICESnexgentechnology
This document proposes a user-defined privacy grid system called Dynamic Grid System (DGS) to provide privacy-preserving location-based services. DGS uses a semi-trusted third party called a query server to process user requests while preserving the privacy of user locations. It divides query processing between the query server and service provider. Experimental results show DGS is more efficient than existing techniques requiring a fully-trusted third party, providing better privacy guarantees with lower communication and computation costs.
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES - IEE...Nexgen Technology
Nexgen Technology Address:
Nexgen Technology
No :66,4th cross,Venkata nagar,
Near SBI ATM,
Puducherry.
Email Id: praveen@nexgenproject.com.
www.nexgenproject.com
Mobile: 9751442511,9791938249
Telephone: 0413-2211159.
NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km
Privacy preserving relative location based services for mobile usersLeMeniz Infotech
Privacy preserving relative location based services for mobile users
Do Your Projects With Technology Experts
To Get this projects Call : 9566355386 / 99625 88976
Web : http://www.lemenizinfotech.com
Web : http://www.ieeemaster.com
Mail : projects@lemenizinfotech.com
Blog : http://ieeeprojectspondicherry.weebly.com
Blog : http://www.ieeeprojectsinpondicherry.blogspot.in/
Youtube:https://www.youtube.com/watch?v=eesBNUnKvws
Oruta: Privacy-Preserving Public Auditing for Shared Data in the CloudMigrant Systems
This document proposes a new mechanism called Oruta that allows privacy-preserving public auditing of shared data stored in the cloud. It utilizes ring signatures to construct homomorphic authenticators, allowing a third party auditor to verify the integrity of shared data for a group of users without revealing the identity of the signer on each data block. Oruta also supports batch auditing of multiple datasets and fully dynamic operations on shared data through the use of index hash tables. The mechanism aims to achieve public auditing, correctness, unforgeability, and identity privacy during the auditing process.
Privacy preserving optimal meeting location determination on mobile devicesAdz91 Digital Ads Pvt Ltd
The document proposes privacy-preserving algorithms for determining an optimal meeting location for a group of users. It aims to solve this fair rendezvous point (FRVP) problem in a way that protects users' location privacy from both other users and third-party service providers. The algorithms utilize homomorphic encryption to privately compute the meeting point from users' location preferences without revealing those preferences. The document evaluates the privacy and performance of the algorithms through both theoretical analysis and prototype implementation on mobile devices.
Privacy preserving optimal meeting location determination on mobile devicesIGEEKS TECHNOLOGIES
This paper proposes privacy-preserving algorithms for determining an optimal meeting location for a group of users. It addresses the privacy issues in location-based services (LBS) that require sharing of user locations. Two algorithms are presented that allow each user to provide a single location preference to the solver while preserving privacy from other users and the service provider. The paper evaluates the security and privacy of the algorithms through theoretical analysis and implementation on mobile devices. A user study provides insights into privacy concerns with LBS and the usability of the proposed solutions.
Privacy - Preserving Reputation with Content Protecting Location Based Queriesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Privacy preserving optimal meeting location determination on mobile devicesAdz91 Digital Ads Pvt Ltd
The document proposes privacy-preserving algorithms for determining an optimal meeting location for a group of users. It aims to solve this problem, called the Fair Rendezvous Point (FRVP) problem, in a way that protects users' location privacy from both other users and third-party service providers. The algorithms take advantage of homomorphic cryptography to privately compute the optimal location based on users' encrypted location preferences. The document evaluates the privacy and performance of the proposed algorithms through both theoretical analysis and prototype implementation on mobile devices.
LocX is a system that provides location privacy in geo-social applications without adding uncertainty to location data or relying on assumptions about server security. It applies secure, user-specific coordinate transformations to location data before sharing with servers. Friends share the same transformation secrets, allowing location queries to be correctly evaluated by servers, while preventing servers from seeing actual location data. LocX guarantees privacy even against powerful adversaries, and prototypes show it provides privacy with little performance overhead for mobile devices.
LocX is a system that provides improved location privacy for users of geo-social applications. It decouples a user's real-world location from the location data shared with servers through the use of coordinate transformations and encryption. Users generate mappings between transformed locations and encrypted indexes (L2I) that are stored on an index server via proxies, as well as mappings between indexes and encrypted location data (I2D) stored directly on a data server. This allows users to query for friends' location data based on transformed coordinates while preserving the privacy of their real locations.
The document proposes a new broadcasting algorithm called Y-Hamiltonian Layers Broadcast (Y-HLB) for wormhole-routed 3D mesh networks. It divides the 3D mesh into layers that are modeled as Hamiltonian paths. The Y-HLB algorithm routes messages along these Hamiltonian paths in an efficient manner to broadcast to all nodes. Previous related work on broadcasting algorithms for wormhole-routed 3D meshes are also discussed, including how they divide the network and route messages. Simulation results show Y-HLB performs better than these previous algorithms in terms of reducing broadcast latency.
Location based spatial query processing in wireless broadcast environments(sy...Mumbai Academisc
This document discusses a novel approach for reducing latency in answering location-based spatial queries (LBSQs) in wireless broadcast environments. The approach uses peer-to-peer sharing to process queries using results cached in neighboring mobile peers, without requiring delay to communicate with a server. It maintains high scalability and accuracy while decreasing latency. The feasibility of the approach is demonstrated through probabilistic analysis and simulation results showing decreased latency as the number of clients increases.
The cloud user can remotely access software, services, application whenever they require over the
internet. The user can put their data remotely to the cloud storage. So, It is necessary that the cloud must have to
ensure data integrity and privacy of data of user.
The security is the major issue about cloud computing. The user may feel insecure for storing the data in
cloud storage. To overcome this issue, here we are giving public auditing mechanism for cloud storage. For this,
we studied Oruta system that providing public auditing mechanism. Revocation is all about the problems with
security occur in system. And we are revoked these many problems from the system. We are also revoking
existing members and adding new members in a group. In this way, we overcome the problem of static group. In
this system, TPA is Third Party Auditor which maintains all the log credentials of user and it verifies the proof of
data integrity and identity privacy of user. So, TPA plays a very important role in our system. Here we defining
statement of our model as,“Privacy Preserving using PAM in Cloud Computing ”.
.Keywords: Cloud Service Provider, Provable Data Possesion, Third Part Auditor, Public Auditing, Identity
Privacy, Shared Data, Cloud Computing.
Authentic Data Access Scheme for Variant Disruption- Tolerant NetworksEditor IJCATR
Mobile nodes in military environments such as a battlefield or a hostile region are likely to suffer from intermittent network
connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow
wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by
exploiting external storage nodes. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and
privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities.
In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage
their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the
confidential data distributed in the disruption-tolerant military network. Since some users may change their associated attributes at
some point (for example, moving their region), or some private keys might be compromised, key revocation (or update) for each
attribute is necessary in order to make systems secure. This implies that revocation of any attribute or any single user in an attribute
group would affect the other users in the group. It may result in bottleneck during rekeying procedure, or security degradation due to
the windows of vulnerability if the previous attribute key is not updated immediately.
With cloud storage services, it is commonplace for data to be not only stored in the cloud, but also shared across multiple users. However, public auditing for such shared data — while preserving identity privacy — remains to be an open challenge. In this paper, we propose the first privacy-preserving mechanism that allows public auditing on shared data stored in the cloud. In particular, we exploit ring signatures to compute the verification information needed to audit the integrity of shared data. With our mechanism, the identity of the signer on each block in shared data is kept private from a third party auditor (TPA), who is still able to publicly verify the integrity of shared data without retrieving the entire file. Our experimental results demonstrate the effectiveness and efficiency of our proposed mechanism when auditing shared data.
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Eswar Publications
Cloud computing is an economical and effective solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-owner manner while protect data and identity privacy from an un trusted cloud is still a challenging issue, due to the recurrent change of the membership.The major aims of this method a secure multi-owner data sharing scheme.That is any user in the group can securely share data with others by un trusted cloud. Moreover, the real identities of data owners can be exposed by the group manager when disputes occur. User revocation can be achieved by a novel revocation list and no need to update the secret Keys of the
remaining users.The drawback of IBE is computation over head. To overcome the drawback introduces outsourcing computation.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
1) The document proposes a system model for secure data sharing in cloud environments using cryptography.
2) It aims to provide data confidentiality, access control of shared data, remove the burden of key management and file encryption/decryption for users, and support dynamic changes to user membership without requiring the data owner to always be online.
3) The proposed system addresses common challenges with secure data sharing in cloud computing like data security, access control, key management, and user revocation and rejoining.
JPD1435 Preserving Location Privacy in Geosocial Applicationschennaijp
We have best 2014 free dot not projects topics are available along with all document, you can easy to find out number of documents for various projects titles.
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/dot-net-projects/
User-Defined Privacy Grid System for Continuous Location-Based Services1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
IEEE 2014 DOTNET MOBILE COMPUTING PROJECTS Preserving location-privacy-in-geo...IEEEMEMTECHSTUDENTPROJECTS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Privacy preserving optimal meeting location determination on mobile devicesIGEEKS TECHNOLOGIES
This paper proposes privacy-preserving algorithms for determining an optimal meeting location for a group of users. It addresses the privacy issues in location-based services (LBS) that require sharing of user locations. Two algorithms are presented that allow each user to provide a single location preference to the solver while preserving privacy from other users and the service provider. The paper evaluates the security and privacy of the algorithms through theoretical analysis and implementation on mobile devices. A user study provides insights into privacy concerns with LBS and the usability of the proposed solutions.
Privacy - Preserving Reputation with Content Protecting Location Based Queriesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Privacy preserving optimal meeting location determination on mobile devicesAdz91 Digital Ads Pvt Ltd
The document proposes privacy-preserving algorithms for determining an optimal meeting location for a group of users. It aims to solve this problem, called the Fair Rendezvous Point (FRVP) problem, in a way that protects users' location privacy from both other users and third-party service providers. The algorithms take advantage of homomorphic cryptography to privately compute the optimal location based on users' encrypted location preferences. The document evaluates the privacy and performance of the proposed algorithms through both theoretical analysis and prototype implementation on mobile devices.
LocX is a system that provides location privacy in geo-social applications without adding uncertainty to location data or relying on assumptions about server security. It applies secure, user-specific coordinate transformations to location data before sharing with servers. Friends share the same transformation secrets, allowing location queries to be correctly evaluated by servers, while preventing servers from seeing actual location data. LocX guarantees privacy even against powerful adversaries, and prototypes show it provides privacy with little performance overhead for mobile devices.
LocX is a system that provides improved location privacy for users of geo-social applications. It decouples a user's real-world location from the location data shared with servers through the use of coordinate transformations and encryption. Users generate mappings between transformed locations and encrypted indexes (L2I) that are stored on an index server via proxies, as well as mappings between indexes and encrypted location data (I2D) stored directly on a data server. This allows users to query for friends' location data based on transformed coordinates while preserving the privacy of their real locations.
The document proposes a new broadcasting algorithm called Y-Hamiltonian Layers Broadcast (Y-HLB) for wormhole-routed 3D mesh networks. It divides the 3D mesh into layers that are modeled as Hamiltonian paths. The Y-HLB algorithm routes messages along these Hamiltonian paths in an efficient manner to broadcast to all nodes. Previous related work on broadcasting algorithms for wormhole-routed 3D meshes are also discussed, including how they divide the network and route messages. Simulation results show Y-HLB performs better than these previous algorithms in terms of reducing broadcast latency.
Location based spatial query processing in wireless broadcast environments(sy...Mumbai Academisc
This document discusses a novel approach for reducing latency in answering location-based spatial queries (LBSQs) in wireless broadcast environments. The approach uses peer-to-peer sharing to process queries using results cached in neighboring mobile peers, without requiring delay to communicate with a server. It maintains high scalability and accuracy while decreasing latency. The feasibility of the approach is demonstrated through probabilistic analysis and simulation results showing decreased latency as the number of clients increases.
The cloud user can remotely access software, services, application whenever they require over the
internet. The user can put their data remotely to the cloud storage. So, It is necessary that the cloud must have to
ensure data integrity and privacy of data of user.
The security is the major issue about cloud computing. The user may feel insecure for storing the data in
cloud storage. To overcome this issue, here we are giving public auditing mechanism for cloud storage. For this,
we studied Oruta system that providing public auditing mechanism. Revocation is all about the problems with
security occur in system. And we are revoked these many problems from the system. We are also revoking
existing members and adding new members in a group. In this way, we overcome the problem of static group. In
this system, TPA is Third Party Auditor which maintains all the log credentials of user and it verifies the proof of
data integrity and identity privacy of user. So, TPA plays a very important role in our system. Here we defining
statement of our model as,“Privacy Preserving using PAM in Cloud Computing ”.
.Keywords: Cloud Service Provider, Provable Data Possesion, Third Part Auditor, Public Auditing, Identity
Privacy, Shared Data, Cloud Computing.
Authentic Data Access Scheme for Variant Disruption- Tolerant NetworksEditor IJCATR
Mobile nodes in military environments such as a battlefield or a hostile region are likely to suffer from intermittent network
connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow
wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by
exploiting external storage nodes. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and
privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities.
In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage
their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the
confidential data distributed in the disruption-tolerant military network. Since some users may change their associated attributes at
some point (for example, moving their region), or some private keys might be compromised, key revocation (or update) for each
attribute is necessary in order to make systems secure. This implies that revocation of any attribute or any single user in an attribute
group would affect the other users in the group. It may result in bottleneck during rekeying procedure, or security degradation due to
the windows of vulnerability if the previous attribute key is not updated immediately.
With cloud storage services, it is commonplace for data to be not only stored in the cloud, but also shared across multiple users. However, public auditing for such shared data — while preserving identity privacy — remains to be an open challenge. In this paper, we propose the first privacy-preserving mechanism that allows public auditing on shared data stored in the cloud. In particular, we exploit ring signatures to compute the verification information needed to audit the integrity of shared data. With our mechanism, the identity of the signer on each block in shared data is kept private from a third party auditor (TPA), who is still able to publicly verify the integrity of shared data without retrieving the entire file. Our experimental results demonstrate the effectiveness and efficiency of our proposed mechanism when auditing shared data.
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Eswar Publications
Cloud computing is an economical and effective solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-owner manner while protect data and identity privacy from an un trusted cloud is still a challenging issue, due to the recurrent change of the membership.The major aims of this method a secure multi-owner data sharing scheme.That is any user in the group can securely share data with others by un trusted cloud. Moreover, the real identities of data owners can be exposed by the group manager when disputes occur. User revocation can be achieved by a novel revocation list and no need to update the secret Keys of the
remaining users.The drawback of IBE is computation over head. To overcome the drawback introduces outsourcing computation.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
1) The document proposes a system model for secure data sharing in cloud environments using cryptography.
2) It aims to provide data confidentiality, access control of shared data, remove the burden of key management and file encryption/decryption for users, and support dynamic changes to user membership without requiring the data owner to always be online.
3) The proposed system addresses common challenges with secure data sharing in cloud computing like data security, access control, key management, and user revocation and rejoining.
JPD1435 Preserving Location Privacy in Geosocial Applicationschennaijp
We have best 2014 free dot not projects topics are available along with all document, you can easy to find out number of documents for various projects titles.
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/dot-net-projects/
User-Defined Privacy Grid System for Continuous Location-Based Services1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
IEEE 2014 DOTNET MOBILE COMPUTING PROJECTS Preserving location-privacy-in-geo...IEEEMEMTECHSTUDENTPROJECTS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
The document proposes a privacy-preserving reputation system for location-based queries. It aims to allow users to query a database of location data (points of interest) while protecting their location information and preventing unauthorized access. The system uses an adaptive oblivious transfer protocol for secure data transmission between the user and location server. It also establishes a secure communication mechanism using encryption and decryption during the data retrieval process. Additionally, the system incorporates a privacy-preserving reputation technique using authorization rules and data integrity checks to control misleading data and ensure data accuracy. The experimental results show that the proposed system using elliptic curve cryptography encryption has lower overhead and delay than existing systems using RSA encryption for private information retrieval.
This document proposes a user-centric approach called MobiCrowd to improve location privacy in location-based services. MobiCrowd allows mobile users to collaborate by storing each other's location information and responding to queries, hiding users from the location server unless no collaborative peers have the requested information. An epidemic model is developed to analyze how parameters like query rates and data lifetime affect privacy. Results show MobiCrowd hides a high fraction of queries, significantly enhancing privacy, and implementation shows it is lightweight with negligible collaboration costs.
Securing Location of User in Geo Social NetworkingIRJET Journal
The document describes a technique called LocX that aims to improve location privacy in geo-social networks without adding uncertainty to query results. LocX works by having each user apply a secret coordinate transformation to their actual locations before sharing them with the server. This allows queries to be evaluated correctly by the user while preventing servers from seeing users' actual location data. The technique is designed to provide strong location privacy even against powerful attackers and to be efficient enough for use on mobile devices.
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
A survey on hiding user privacy in location based services through clusteringeSAT Journals
Abstract Smartphone’s are being more and more popular as the technology being evolve. The Smartphone’s are capable of providing the location aware services like GPS. They share all the location information with the central location server. When user submit any query then these query also carries some personal information of the user. This query and information is then submitted to the LGS server. At the LBS server this information is not much confidential. Someone can use this information to make user panic. To overcome this we are proposing the new collaborative approach to hide user’s personal data from the LBS server. Our approach does not lead to make changes in the architecture of the LBS server. And we are also not going to use the third party server. Here we are going to use the other user’s device to search other users query so that other user can be get hide from the LBS server. Keywords: Mobile networks, location-based services, location privacy, Bayesian inference attacks, epidemic models
LPM: A DISTRIBUTED ARCHITECTURE AND ALGORITHMS FOR LOCATION PRIVACY IN LBSIJNSA Journal
Recent advances in mobile communication and development of sophisticated equipments lead to the wide spread use of Location Based Services (LBS). A major concern for large-scale deployment of LBSs is the potential abuse of their client location data, which may imply sensitive personal information. Protecting location information of the mobile user is challenging because a location itself may reveal user identity. Several schemes have been proposed for location cloaking. In our paper, we propose a generic Enhanced Location Privacy Model (LPM), which describes the concept, the architecture, algorithms and the functionalities for location privacy in LBS. As per the architecture, the system ensures location privacy, without trusting anybody including the peers or LBS servers. The system is fully distributed and evaluation shows its efficiency and high level of privacy with QoS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Need a project proposal for my computer science 3 course. I dont eve.pdfaristogifts99
Need a project proposal for my computer science 3 course. I dont even know where to start.
Need a unique program proposal as well as the program itself with all header files,
implementation files, and source files. Also need it commented.
In the proposal, describe what you intend to do for your project in terms of:
-general description of the problem you will be solving
-itemized list of use cases
-list of parameters that will be part of the user interface
-what structures and algorithms will you be using
Your proposal should be submitted as a Word document giving your name, project title and four
sections for each of the bulleted items listed above. Each section should have one paragraph
summarizing the section, followed by text or bullets detailing them. At the end should be a
References section that lists any outside sources (such as a particular implementation or problem
or code library) you plan on using.
Solution
HIDING IN THE MOBILE CROWD LOCATION PRIVACY THROUGH COLLABORATION
ABSTRACT
Location-aware smartphones support various location-based services (LBSs): users query the
LBS server and learnon the fly about their surroundings. However, such queries give away
private information, enabling the LBS to track users. A user-collaborative privacy-preserving
approach is proposed for LBSs. This solution does not requirechanging the LBS server
architecture and does not assume third party servers; yet, it significantly improves users’
locationprivacy. The gain stems from the collaboration of mobile devices: they keep their context
information in a buffer and pass it toothers seeking such information. Thus, a user remains
hidden from the server, unless all the collaborative peers in the vicinity lackthe sought
information. A novel epidemic model is developed to capture possibly time-dependent,dynamics
of information propagation among users. Used in the Bayesian inference framework, this model
helps analyze theeffects of various parameters, such as users’ querying rates and the lifetime of
context information, on users’ location privacy.The results show that our scheme hides a high
fraction of location-based queries, thus significantly enhancing users’ locationprivacy. Finally,
implementation indicates that it is lightweight and the cost of collaboration is negligible.
EXISTING SYSTEM
To enhance privacy for LBS users several solutions have been proposed and two main
categories are
Centralizedand
User-centric
Centralized approaches
Centralized approaches introduce a third party inthe system, which protects users’ privacy by
operatingbetween the user and the LBS. Such an intermediaryproxy server could anonymize
queriesby removing any information that identifies the useror her device.
It could blend a user’squery with those of other users, so that the LBS serveralways sees a group
of queries.
User-centric approaches
User-centric approaches operate on the device. Typicallythey aim to blur the location
information by,for example, having the user’s s.
The document discusses privacy-preserving algorithms for determining an optimal meeting location for a group of users. It proposes two algorithms that take advantage of homomorphic cryptosystems to privately compute a fair rendezvous point from user location preferences, without revealing the actual locations. The algorithms are evaluated through a prototype implementation on mobile devices and a user study to analyze usability and privacy protections.
Location Provider with Privacy Using Localized Server and GPS Editor IJCATR
Maps are an essential part of any handheld device and use constantly used for navigation and other resources by application for providing location based data which can be used for customized examination outcomes, however these data are conservatively stowed on a L.B.S Server which are susceptible to attacks and misuse as these data’s are not usually have any significant security so these data’s can be sold or misused by some other parties. We try to eliminate the problem as well as provided added functionality to the conventional maps by providing a customizable map which has the added functionality of offline use mode in addition to the online mode
An Efficient User Privacy and Protecting Location Content in Location Based S...IJRST Journal
In location-based query a user wants to query a database of location data, known as Points Of Interest (POIs), and does not want to reveal his/her location to the server due to privacy concerns; (ii) the owner of the location data, that is, the location server, do Abstract: Nowadays, it is very easy for a person to learn his/her location with the help of a Global Positioning System (GPS) enabled device. A location s not want to simply distribute its data to all users. The location server desires to have some control over its data, since the data is its asset. A major enhancement upon previous solutions by introducing a two stage approach, the first step is based on Oblivious Transfer using homomorphic encryption and the second step is based on Private Information Retrieval, to achieve a secure solution for both parties. Introduce a security model and analyse the security in the context of our protocol. To highlight a security weakness of our previous work and present a solution using efficient homomorphic system.
Similar to Privacy preserving location sharing services for social networks(1) (20)
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Sinan KOZAK
Sinan from the Delivery Hero mobile infrastructure engineering team shares a deep dive into performance acceleration with Gradle build cache optimizations. Sinan shares their journey into solving complex build-cache problems that affect Gradle builds. By understanding the challenges and solutions found in our journey, we aim to demonstrate the possibilities for faster builds. The case study reveals how overlapping outputs and cache misconfigurations led to significant increases in build times, especially as the project scaled up with numerous modules using Paparazzi tests. The journey from diagnosing to defeating cache issues offers invaluable lessons on maintaining cache integrity without sacrificing functionality.
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
Applications of artificial Intelligence in Mechanical Engineering.pdfAtif Razi
Historically, mechanical engineering has relied heavily on human expertise and empirical methods to solve complex problems. With the introduction of computer-aided design (CAD) and finite element analysis (FEA), the field took its first steps towards digitization. These tools allowed engineers to simulate and analyze mechanical systems with greater accuracy and efficiency. However, the sheer volume of data generated by modern engineering systems and the increasing complexity of these systems have necessitated more advanced analytical tools, paving the way for AI.
AI offers the capability to process vast amounts of data, identify patterns, and make predictions with a level of speed and accuracy unattainable by traditional methods. This has profound implications for mechanical engineering, enabling more efficient design processes, predictive maintenance strategies, and optimized manufacturing operations. AI-driven tools can learn from historical data, adapt to new information, and continuously improve their performance, making them invaluable in tackling the multifaceted challenges of modern mechanical engineering.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
artificial intelligence and data science contents.pptxGauravCar
What is artificial intelligence? Artificial intelligence is the ability of a computer or computer-controlled robot to perform tasks that are commonly associated with the intellectual processes characteristic of humans, such as the ability to reason.
› ...
Artificial intelligence (AI) | Definitio
An improved modulation technique suitable for a three level flying capacitor ...IJECEIAES
This research paper introduces an innovative modulation technique for controlling a 3-level flying capacitor multilevel inverter (FCMLI), aiming to streamline the modulation process in contrast to conventional methods. The proposed
simplified modulation technique paves the way for more straightforward and
efficient control of multilevel inverters, enabling their widespread adoption and
integration into modern power electronic systems. Through the amalgamation of
sinusoidal pulse width modulation (SPWM) with a high-frequency square wave
pulse, this controlling technique attains energy equilibrium across the coupling
capacitor. The modulation scheme incorporates a simplified switching pattern
and a decreased count of voltage references, thereby simplifying the control
algorithm.
Privacy preserving location sharing services for social networks(1)
1. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
1
Privacy-Preserving Location Sharing Services
for Social Networks
Roman Schlegel, Member, IEEE, Chi-Yin Chow, Member, IEEE, Qiong Huang, Member, IEEE,
and Duncan S. Wong, Member, IEEE
Abstract—A common functionality of many location-based social networking applications is a location sharing service that allows a
group of friends to share their locations. With a potentially untrusted server, such a location sharing service may threaten the privacy of
users. Existing solutions for Privacy-Preserving Location Sharing Services (PPLSS) require a trusted third party that has access to the
exact location of all users in the system or rely on expensive algorithms or protocols in terms of computational or communication
overhead. Other solutions can only provide approximate query answers. To overcome these limitations, we propose a new encryption
notion, called Order-Retrievable Encryption (ORE), for PPLSS for social networking applications. The distinguishing characteristics of
our PPLSS are that it (1) allows a group of friends to share their exact locations without the need of any third party or leaking any
location information to any server or users outside the group, (2) achieves low computational and communication cost by allowing
users to receive the exact location of their friends without requiring any direct communication between users or multiple rounds of
communication between a user and a server, (3) provides efficient query processing by designing an index structure for our ORE
scheme, (4) supports dynamic location updates, and (5) provides personalized privacy protection within a group of friends by
specifying a maximum distance where a user is willing to be located by his/her friends. Experimental results show that the
computational and communication cost of our PPLSS is much better than the state-of-the-art solution.
Index Terms—Location privacy, location sharing services, order-retrievable encryption, location-based social networking,
spatio-temporal query processing
✦
1 INTRODUCTION
Many location-based service providers today provide users with
services related to their locations by making use of GPS-enabled
mobile devices, wireless communication and spatial database
management systems. A popular type of such services is for a
user to search for points of interest in the vicinity (e.g., dining and
shopping). Recently, location-based services have been combined
with online social networks, where user-generated, geo-tagged
information is shared among people who are part of a social
network. A common functionality of many existing location-based
social networking systems is location sharing services that allow
users to discover the current location of their friends and notify the
users when a friend is in the vicinity or within a certain distance,
e.g., Facebook’s Places [1], Foursquare [2], Google Plus [3], and
Loopt [4].
Existing location-based social networking systems with lo-
cation sharing services rely on a central server which receives
location information from all users in the system. The prob-
lem with this approach is that the central server can generate
a detailed movement profile of each user (e.g., the location,
time and frequency of each place which has been visited by
each user) and that raises privacy concerns [5]–[7]. Existing
privacy-preserving location sharing schemes aim to protect the
• R. Schlegel is with Corporate Research, ABB Switzerland Ltd., Baden-
D¨attwil, Switzerland. ∗C.-Y. Chow and ∗D. S. Wong are with the
Department of Computer Science, City University of Hong Kong,
Kowloon, Hong Kong. ∗Q. Huang is with College of Informatics,
South China Agricultural University, China. (∗Authors are ordered
alphabetically).
E-mails: rs@ione.ch, chiychow@cityu.edu.hk, csqhuang-
c@my.cityu.edu.hk, and duncan@cityu.edu.hk
user location privacy against the central server, but they still
allow the server to provide the user with the necessary services.
However, in some existing schemes, the central server still knows
the user’s approximate location [8]–[11]. Other schemes require
several messages to be exchanged not only between the user
and the central server but also directly between the user and the
user’s friends [12], [13], increasing the communication cost and
making those schemes less practical. Other schemes only return
approximate results [14], making them less useful. Peer-to-peer
(P2P) systems, where users’ devices would directly communicate
without an intermediate server are inherently difficult to realize
in mobile phone networks as they typically make use of NAT
(network address translation), restricting direct communication
between devices in the process [15].
In this paper, we propose a new encryption notion, called
Order-Retrievable Encryption (ORE); a new cryptographic proto-
col that realizes our Privacy-Preserving Location Sharing Services
(PPLSS) for social networking systems. In particular, our ORE
scheme enables users to browse their friends’ exact locations
within a certain distance without revealing any information about
their locations to any other users or a social networking service
provider. The framework of our PPLSS consists of a database
server (which is maintained by the social networking service
provider) and users. The users send their location information
in encrypted form to the database server according to our ORE
scheme. When a user wants to locate his/her friends in the vicinity,
the user logs onto the social networking system, sends a location
query (e.g., “Q1: Send me the location of my friends within 2 km
of my current location”) to the database server, and obtains the
requested location information in encrypted form based on our
ORE scheme. The user then recovers the actual location of his/her
2. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
2
friends from the encrypted information returned by the database
server.
The key distinguishing characteristics of our PPLSS based on
the proposed ORE scheme are: (1) Secure location privacy. PPLSS
does not disclose any location information of its users to a central
server or an eavesdropper, not even an approximate location, and
does not require any third party. (2) Low computational and com-
munication cost. It allows a user to receive the exact location infor-
mation of his/her friends without requiring direct communication
between users or multiple rounds of communication between a
user and a server. (3) Index structure. We design an index structure
for our ORE scheme to index encrypted locations of a group of
friends to improve the efficiency of location query processing.
(4) Efficient data updates. Our scheme supports highly dynamic
location updates from individual users efficiently. (5) Personalized
privacy within a group of friends. Each user is able to specify a
maximum distance defining a personalized privacy region so that
only those friends who are within the region can locate the user.
The rationale behind such personalized privacy is that users may
not want to share their locations with far-away friends as it might
not be practical or necessary to share their location with friends at
large distances.
Regarding security requirements, we consider the database
server to be honest-but-curious, namely, the database server han-
dles queries, stores data received from users and sends data to
users who are making queries without tampering with the data.
However, the database server also attempts to find out the location
of users in the system. Note that the term “privacy-preserving”
refers to the location privacy of users rather than keeping their
identities private. In addition to the security analysis of our
PPLSS, we also compare the performance of our scheme to that
of the state-of-the-art cryptography-based scheme [16] through
experiments. The results show that our PPLSS outperforms the
work [16] in terms of both communication cost and query pro-
cessing performance.
The rest of this paper is organized as follows: Section 2 gives
an overview of our PPLSS and the ORE scheme. The details
of our PPLSS are presented in Section 3. Section 4 extends the
PPLSS to support personalized privacy. Section 5 discusses the
security requirements of the ORE scheme and Section 6 gives an
ORE construction which is implemented in our experiment and
also provides its security analysis. Section 7 covers the security
analysis of our PPLSS. Section 8 presents experimental results.
Section 9 surveys related work and Section 10 concludes this
paper.
2 OVERVIEW OF PPLSS AND ORE
In this section, we first describe the system model of our Privacy-
Preserving Location Sharing Services (PPLSS) for social net-
working applications, and then give the definition of our Order-
Retrievable Encryption (ORE) scheme.
2.1 System Model
Our PPLSS framework consists of a database server and a
set of (mobile) users. The database server is maintained by a
social networking service provider. Fig. 1 illustrates the PPLSS
framework, in which each user sends his/her location in encrypted
form according to our ORE scheme to the database server. When
a user wants to query the exact location of his/her friends who are
within a distance specified by the user, the user sends a location
Users
Encrypted location
queries (or locations)
Friends’ encrypted
locations
Database Server
Encrypted
Locations
Social Networking Service Provider
. . .
Fig. 1. The System Model of PPLSS.
query in the form of a private location-based range query, like Q1
given in Section 1, to the database server. The database server is
equipped with a privacy-aware query processor that has the ability
to provide an exact query answer for the user based on the user’s
encrypted location and his/her friends’ encrypted locations without
knowing any location information about the query and the users.
Finally, the user decrypts the query answer and browses his/her
friends’ locations displayed on a road map. It is important to note
that all user locations and location queries are encrypted using
our ORE scheme (its definition will be described in Section 2.2)
before they are sent to the database server.
In PPLSS, we assume that the database server is honest-but-
curious, i.e., it follows our designed protocol, but it attempts to
infer the user’s location. On the other hand, the user trusts his/her
friends (i.e. other users in his/her friend list in the social network
context). The user constructs a trusted group in which they share
their locations through private location queries according to our
ORE scheme. The security threat models and the security analysis
of PPLSS will be given in Sections 6 and 7, respectively.
2.2 Order-Retrievable Encryption
As mentioned above, user locations (i.e., points) in the database
server are always in encrypted form. When an “encrypted” query
location of Q1 for a group of friends is received by the database
server, the database server should determine for any two friends’
encrypted locations within the group which of them is closer to
the encrypted query location. To achieve this, we use our proposed
encryption notion ORE for geographical data.
An ORE scheme is a symmetric key encryption scheme with
two additional functions: one is for generating encrypted query
locations and the other one is for the database server to determine
which one between two encrypted user locations is closer to an
encrypted query location. The scheme is called ORE because the
order of the encrypted user locations in terms of their distances
from any given encrypted query location can be retrieved. Note
that the actual distance information is not retrievable.
In the formal definition of ORE below, we assume that each
distinct location in PPLSS can be represented uniquely using an
element in a d-dimensional space and without loss of generality,
suppose that R is the space of each dimension. One additional
remark is that the ORE scheme defined below can be viewed as
a collection of one-way functions [17] and this one-way function
has the order retrievability property. In other words, our PPLSS
framework does NOT need the decryption algorithm of the ORE
scheme. Below are the details.
Definition 1. An Order-Retrievable Encryption (ORE) scheme
consists of four probabilistic polynomial-time (PPT) algo-
rithms.
3. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
3
• SKG ← KGen(1λ
, R). The symmetric key generation
algorithm KGen takes a security parameter λ ∈ N and
the dimensional space R defined above, and outputs a
symmetric key.
• C ← Enc(SKG, P). The encryption algorithm takes
SKG and a d-dimensional point P ∈ Rd
, and outputs
a ciphertext as an “encrypted” location.
• ξ ← QGen(SKG, Q). The query generation algorithm
takes SKG and a query point Q ∈ Rd
, outputs an
“encrypted” query location.
• Cb ← Cmp(ξ, C0, C1). The comparison algorithm takes
an encrypted query location ξ and two encrypted locations
C0 and C1, outputs Cb for b ∈ {0, 1} if
dist(Q, Pb) ≤ dist(Q, P1−b) (1)
where ξ ← QGen(SKG, Q) and Ci ← Enc(SKG, Pi)
for i = 0, 1, and dist(P, Q) represents the actual distance
between two locations P and Q. We stress that the
function Cmp neither has SKG as input nor has to output
any further information about the evaluation of dist other
than which of P0 and P1 is closer to Q.
We note that there are two distinct encryption algorithms, Enc
and QGen. Our ORE scheme uses different encryption algorithms
for locations used as query locations (QGen) and for locations
encrypted to compare them to a given query locations (Enc), hence
these two distinct algorithms.
Optionally, a decryption algorithm can be defined as P/⊥ ←
Dec(SKG, C), which takes SKG and a ciphertext C, and outputs
a d-dimensional point P ∈ Rd
or ⊥ indicating the failure of
decryption. We do not require the domain of ciphertexts C to be
in any special form related to the plaintext space Rd
. Also note
that our PPLSS framework does NOT need the decryption function
Dec. The pair (KGen, Enc) can be viewed as a one-way function
collection indexed by SKG. The security parameter λ relates the
security strength of the ORE scheme to the security level of a
secure symmetric key encryption scheme. For example, λ = 80
refers to the 80-bit security level [18]. Section 5 discusses the
security requirements of the ORE scheme, and Section 6 provides
an ORE construction, based on a scheme proposed by Wong et al.
[19], and its security analysis.
ORE vs. Order-Preserving Encryption. A related work called
Order-Preserving Encryption (OPE) [20], [21] preserves the nu-
merical ordering of the plaintexts in the ciphertexts. Formally,
for any A, B ⊆ N with |A| ≤ |B|, an encryption family
E : K × A → B is order preserving if for all i, j ∈ A,
E(k, i) > E(k, j) if and only if i > j, for any k ∈ K,
where K is the key space of the encryption family. OPE is
different from ORE. The OPE maintains the order information in
encryption while ORE destroys the order information so that given
any two ciphertexts encrypted using ORE, the order information
is not preserved. Instead, the ORE ciphertexts can be used with
an auxiliary function called Cmp which gets an encrypted query
location involved, and the function Cmp can tell which of the two
ciphertexts contain a location which is closer to the query location,
i.e., the ordering is with respect to the distance to a query location.
Though OPE has been used for many other applications such as
efficient range queries, indexing and query processing, OPE does
not have the function of Cmp as we defined in ORE, and therefore,
is not known if it is possible to use OPE for constructing a privacy-
preserving location sharing system. More discussions are given in
Sec. 9.
3 PPLSS: PRIVACY-PRESERVING LOCATION
SHARING SERVICES
In this section, we describe our PPLSS for social networking
applications based on our Order-Retrievable Encryption (ORE)
scheme. We will first present the ORE scheme for PPLSS, and
then propose an index structure that makes use of the relative
distance information provided by the ORE scheme to improve
query processing efficiency.
3.1 The ORE Scheme
The main idea of our PPLSS is that a user or a group initiator
registers with the system to create a user group. The group initiator
then adds friends to the user group and creates a shared group key
SKG according to our ORE scheme and another shared data key
SKD for AES [22] encryption of location data (this is needed as
our ORE scheme does not require a decryption function, and the
actual location data exchanged between users is therefore AES-
encrypted). It is important to note that users or group initiators
are not required to register with their real identity. They can
use pseudonyms as long as their friends are able to recognize
them (friends can also communicate their pseudonyms out-of-
band, e.g., through email). After the shared group key SKG and
the shared data key SKD are securely delivered to all group
members, each member periodically reports his/her encrypted
location to the database server. When a user logs onto the system
and wants to browse the location of his/her friends within a certain
user-specified distance, the user issues a location query with an
encrypted query location and an encrypted location marker to the
database server. The database server is able to provide an exact
answer for the user without knowing any location information of
the user and his/her friends. In general, the ORE scheme involves
seven major message exchanges for three operations among a
group initiator u, the database server, and u’s friends, as depicted
in Fig. 2. The algorithms used in the ORE scheme are defined in
Section 2.2, the symbols used in the ORE scheme are summarized
in Table 1, and the three operations are explained in more detail
below.
3.1.1 User Group Formation
A user u registers with the database server with an identity (or
pseudonym) IDu and creates a user group G that includes u,
i.e., u is the group initiator. The group initiator can manage the
members of G. Upon creation of G, a random group identifier
IDG (e.g., a random 128-bit string) is created. The group initiator
can then invite users to join G, and invited users can either
accept or decline to join G. The group initiator generates two
random shared keys: a shared group key SKG and a shared
data key SKD for G and sends the shared keys to each new
group member through a secure channel. The establishment of
the secure channel can be done using conventional two-party
authenticated key establishment protocols [23], [24]. To enable
the removal of users from a group, e.g., defriending, the shared
keys (SKG, SKD) can be re-generated by the group initiator
or any legitimate member in G. A user who is part of several
groups will obtain the required keys for each group the user is
4. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
4
TABLE 1
Key symbols in the ORE or ORE-Index protocol.
Symbol Description Algorithm
Locu Plaintext location of user u -
Locmarker Plaintext query marker point for ORE -
LocRi
Plaintext location marker point of -
index ring Ri for ORE-Index -
(Locmin, Plaintext query marker points for -
Locmax) ORE-Index
distu User-specified distance for a -
location query
distmax User-specified maximum distance -
for ORE-Index
distpriv User-specified privacy distance -
for a personalized privacy region
SKG Shared group key for ORE ORE.KGen
SKD Shared data key for AES AES.KGen
C Encrypted user location using ORE ORE.Enc
D Encrypted user location using AES AES.Enc
ξ Encrypted query location or ORE.QGen
reference point using ORE
ψ Encrypted location marker using ORE ORE.Enc
κ Encrypted privacy marker using ORE ORE.Enc
for personalized privacy region
a part of. Fig. 2 shows that this step involves Messages 1 to 3,
where a group initiator u registers with the database server to
create a group G (Message 1) and adds five members to G,
i.e., G = {IDu, IDm1 , IDm2 , . . . , IDm5 } (Message 2). After u
generates the shared keys (SKG, SKD) for G, u sends the keys
directly to each member in G through a secure communication
channel (Message 3).
3.1.2 User Location Update
After invited users agree to join the group G and receive the shared
keys (SKG, SKD) from the group initiator u, each member m
in G periodically sends IDG, Cm, Dm to the database server,
where IDG is the group identity, Cm is the ORE encryption of
m’s location Locm, that is, Cm ← ORE.Enc(SKG, Locm),
and Dm ← AES.Enc(SKD, Locm IDm rm) is the AES en-
cryption of m’s location, the identity IDm (or pseudonym)
of m in G, and a random number rm. If m belongs to n
different groups, i.e., G1, . . . , Gn, m will encrypt its location
using ORE.Enc under each of SKG1 , . . . , SKGn and AES.Enc
under each of SKD1 , . . . SKDn to generate Cmi and Dmi ,
respectively, for each group Gi, where 1 ≤ i ≤ n, and send
(IDG1 , Cm1 , Dm1 ), . . . , (IDGn , Cmn , Dmn ) to the database
server. The location sent to the database server is always en-
crypted, so at no point is the server able to determine the actual
location of a user. Fig. 2 illustrates the two messages exchanged
in this step, where the encrypted location of the group initiator u
(Message 4) and that of other members in the group G (Message 5)
are reported to the database server.
Notice that besides ORE, we also use AES to encrypt each
group member’s location. The purpose of including the AES
encryption is to improve the communication efficiency of the
next step, namely, location query processing. We will see in
Section 6 that the ciphertext of ORE is about 40 times bigger in
size than that of AES. Hence, we use an additional AES module
for sending encrypted locations when answering a location query
below. This is also the reason why the ORE scheme does not need
the decryption algorithm (see Section 2.2).
User u Database Server Each member
mi in G
LocationQuery
Processing
UserLocation
Update
UserGroup
Formation
1. Create group G
2. Add five members to G
G={IDu, IDm1 , . . . , IDm5 }
3. Send shared group keys SKG and
SKD to each group member
in G through a secure channel
4. Compute
Cu ←ORE.Enc(SKG, Locu),
Du ←AES.Enc(SKD,
Locu IDu ru),
and send IDG, Cu, Du
5. mi computes
Ci ←ORE.Enc(SKG, Loci),
Di ←AES.Enc(SKD,
Loci IDi ri),
and sends IDG, Ci, Di
6. Select query marker
Locmarker, compute
ξu ←ORE.QGen(SKG, Locu),
ψu ←ORE.Enc(SKG, Locmarker),
and send IDu, IDG, ξu, ψu
7. Return answer {D2, D5}
Fig. 2. Message flows in the ORE Scheme for PPLSS.
3.1.3 Location Query Processing
Location query generation (by user). If a user u logs onto the
system and wants to view the exact location of his/her friends
within a user-specified distance distu, u generates a location
query by (1) encrypting its current location Locu using the query
encryption ORE.QGen under SKG to generate an encrypted
query location, that is, ξu ← ORE.QGen(SKG, Locu), (2) ran-
domly selecting a query marker Locmarker which is a point on the
circle centered at Locu with a radius of distu, and (3) encrypting
Locmarker using the location encryption ORE.Enc under SKG, that
is, ψu ← ORE.Enc(SKG, Locmarker). Then, u sends the location
query IDu, IDG, ξu, ψu to the database server.
Query processing (by server). Given the location query from
the user u, the database server first finds all the members in
G with group identifier IDG. Suppose there are n members in
G = {m1, m2, . . . , mn}. The database server then performs
a sequential scan of G by executing the comparison algorithm
ORE.Cmp for the encrypted location of each member in G based
on u’s encrypted query location ξu and query marker ψu. If
Cmi ← ORE.Cmp(ξu, Cmi , ψu) for some 1 ≤ i ≤ n, it means
that the actual location of the member mi is located within the
distance distu of u; Dmi is added to an answer set A (note
that only the AES encryption of member mi’s location Dmi
is included, but Cmi is not). After performing the comparison
algorithm for each member in G, the answer A is sent to u.
Finally, u uses AES.Dec to decrypt the location of each friend
in A under the shared data key SKD locally and u can browse
their location information displayed on an underlying road map.
Fig. 3 depicts u’s specified distance distu and the exact
locations of u and other members in u’s group G. Locmarker is
a point on the circle centered at u with a radius of distu. After u
generates a location query, the query is sent to the database server
(Message 6 in Fig. 2). Our ORE scheme enables the database
server to compute that there are two members m2 and m5 within
distance distu from u without letting the database server know
any location information of u or any other member in G. In
Message 7, the AES encrypted locations of m2 and m5, i.e., D2
and D5, respectively, are returned to u.
5. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
5
replacements
(Query Marker)
Locmarker
distu
(Query Location)
m1
m2
m3
m4
m5
u
Fig. 3. A location query example.
3.2 ORE-Index: The ORE Scheme with an Index Struc-
ture
In a typical location-based social networking system (e.g., Google
Latitude [25]), when a user u logs onto the system, a location
query is automatically sent to the database server. Then, the
database server periodically evaluates the query answer to allow
u to keep track of the exact location of his/her friends within u’s
specified distance distu. The ORE scheme using the sequential
scan proposed above takes O(n) time to evaluate the location
query answer, where n is the number of members in u’s group
G, because the database server has to perform the comparison
algorithm ORE.Cmp for each member in G.
Although the number of friends of each user is usually not
large1
, using the sequential scan approach to process a large
number of location queries at a high frequency, i.e., with a small
evaluation time interval, would put a considerable computational
burden on the database server. In fact, many users would be
subscribing to the location sharing service through their mobile
devices2
, and the evaluation period for their location queries
should therefore be as small as possible to provide more accurate
location information of their friends. To avoid sequential scan of
the members in G for each query evaluation, in the following
we propose a tree-like index structure for managing the ORE
encrypted data. We call the structure ORE-Index and it aims to
improve the efficiency of processing location queries. Although
index structures have previously been proposed for location-based
queries [27], they rely on the assumption that the database server
knows the location information of all users; they are not applicable
to PPLSS where the database server does not have the location
information of users or queries.
3.2.1 Basic Idea
When a user u generates an initial location query, u estimates a
circular region in which it will be located for a certain time period,
e.g., one hour. A simple way to calculate the radius of the region
distmax is multiplying the time period by the maximum legal
speed in the system area. More sophisticated ways can be used
to compute distmax, as the index structure does not have any
assumption on how distmax is computed. The index structure
is built based on a set of encrypted location markers and an
encrypted reference point generated by u to index the members
in u’s group G. Once established, the index structure will be
1. Average Facebook user has 130 friends [26].
2. There are more than 200 million active users currently accessing Face-
book through their mobile devices [26].
used to evaluate u’s location queries. Note that the estimation
of distmax will not affect the answer accuracy; it only influences
the frequency of rebuilding the index, which becomes necessary
whenever the required search area of u’s location query is outside
the region defined by distmax. In general, our PPLSS using
the ORE-Index scheme has two major phases, namely, index
construction and location query processing.
3.2.2 Index Construction
Index construction request (by user). The generation of an index
construction request requires a querying user u to determine a
radius distmax for a circular area A in which u will be located
for a certain time period. The database server only needs to build
the requested index once and then u can reuse the index as long
as the required search areas of u’s subsequent location queries
are within A. A is then divided into N non-overlapping rings
(or donut shapes), i.e., R1, R2, . . . , RN , (note that the innermost
shape is in fact a circle). For each ring Ri, a point with the
maximum distance to u’s location Locu is randomly selected
as a location marker LocRi . Then, Locu is encrypted using the
query encryption ORE.QGen as an encrypted reference point of
an index, i.e., ξu ← ORE.QGen(SKG, Locu), and each LocRi
is encrypted using the location encryption ORE.Enc, i.e., ψi ←
ORE.Enc(SKG, LocRi ) as the encrypted location of a node in
the index. u sends an index construction request along with the
encrypted reference point and the set of encrypted location mark-
ers to the database server, i.e., IDu, IDG, ξu, ψ1, ψ2, . . . , ψN .
Notice that our scheme has no assumption about N and the
width of each ring, i.e., the rings of an index can have different
widths. In practice, N can be a user or system parameter. A larger
N requires u to generate a larger set of encrypted location markers
which incurs a higher cost of generating an index construction re-
quest. However, a larger set of encrypted location markers results
in an index with more levels which improves query processing
efficiency by reducing the number of false positives in a candidate
answer. The detail of the query processing step will be discussed
in Section 3.2.3. Thus, N can be adjusted as a trade-off between
the cost of generating an index construction request on the client
side and the query processing efficiency. For simplicity, we adjust
N relative to u’s specified search range distu in a location query,
i.e., N=⌊distmax/(distu × α)⌋, where α (α > 0) is a system
parameter to tune the performance trade-off. A smaller α leads to
an index with more levels, and vice versa.
Index construction (by server). When the database server
receives the index construction request from the user u, ξu is used
as the encrypted reference point ξIu for an index structure Iu and
the server uses a top-down approach to build Iu based on the (one-
dimensional) relative distance information between the encrypted
reference point and each encrypted location marker. Starting from
the root node, the 1-st to N-th ring are split into two groups with
respect to a key computed as ψi, where i=⌊(1 + N)/2⌋; hence,
one group contains the 1-st to the i-th ring and the other group
contains the (i + 1)-st to the N-th ring. The root node keeps
ψi as a key. Then, these two groups are recursively split until
each leaf node contains only one ring. Each leaf node maintains
a member list of the members in G located within the area of
the corresponding ring. The database server also maintains a hash
table, where an entry contains a member identity with a pointer
to the leaf node whose member list contains the member. A
singularly linked list is built on these member lists to facilitate
range searches.
6. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
6
R1R2R3R4
Locu
LocR1
LocR2
LocR3
LocR4
(a) Index request
ψ2
ψ1 ψ3
R1 R2 R3 R4
Member Lists
(b) Index structure
Fig. 4. Index construction.
Fig. 4 shows an index structure Iu for a querying user u,
where u’s location Locu (represented by a cross) is encrypted
using ORE.QGen as an encrypted reference point ξu and u’s
specified region A is divided into four rings R1 to R4. On the
outer boundary of each ring Ri (1 ≤ i ≤ 4), a point is randomly
selected as a location marker LocRi (represented by a triangle),
which is encrypted using ORE.Enc as ψi. To construct Iu, the
key of the root node is ψ2, as ⌊(1 + 4)/2⌋ = 2. The key of its
left child is ψ1, as ⌊(1 + 2)/2⌋ = 1. The key of its right child is
ψ3, as ⌊(3 + 4)/2⌋ = 3. Since each leaf node corresponds to one
ring, the construction of Iu is complete (Fig. 4b).
Index maintenance (by server). Since Iu is constructed
based on u’s set of encrypted location markers, no split and merge
operations are necessary on insertion and deletion, respectively.
Three operations are required to maintain Iu. (1) Insertion. To
insert a member m with an encrypted location Cm into Iu, we
first check whether m is located in u’s specified region A. If
ORE.Cmp(ξIu , ψN , Cm) returns ψN , m is outside A and m
will not be inserted into Iu. Otherwise, the server navigates Iu
recursively from the root node to insert m. Starting from the root
node with a key ψi, if ORE.Cmp(ξIu , ψi, Cm) returns Cm, we
search its left subtree; otherwise, we search its right subtree. This
procedure is repeated until a leaf node is reached where m’s AES
and ORE encrypted locations (Dm, Cm) are added to the member
list. Then the hash table is updated accordingly. (2) Deletion.
When a member m logs off from the system or moves outside the
user’s specified region A, m will be deleted from Iu. To do so,
we access the hash table to find the leaf node whose member list
contains m, and then remove m from the member list. (3) Update.
When a member m moves from ring Ri to ring Rj, where i = j,
we perform the deletion operation to remove m from Ri and then
perform the insertion operation to insert m to Rj.
Fig. 5a shows that five members, m1 to m5, in user u’s group
G are within u’s specified region A. These five members are in-
serted into Iu. For member m1, since ORE.Cmp(ξIu , ψ2, Cm1 )
returns Cm1 , we descend to the left child. Then, since
ORE.Cmp(ξIu , ψ1, Cm1 ) returns ψ1, we descend to the right
child. As a leaf node R2 is reached, m1’s AES and ORE encrypted
locations (D1, C1) are added to its member list. Similarly, other
members m2 to m5 are inserted into Iu (Fig. 5b).
3.2.3 Location Query Processing
Location query generation (by user). A location query is
periodically sent to the database server by the user u to keep track
of the locations of his/her friends within u’s specified distance
distu. To generate a location query, u computes a required search
area as a circle with a radius of distu centered at its location
R1R2R3R4
Locum1
m2
m3 m4
m5m6
Locmin
Locmax
(a) Location query
ψ2
ψ1 ψ3
ψmin ψmax
ψmin ψmax
R1 R2 R3 R4
(D1,C1)
(D3,C3)
(D2,C2) (D4,C4)
(D5,C5)
Member Lists
(b) Query processing
Fig. 5. Location query processing.
Locu. Note that u can reuse the index built by the database
server (i.e., no index construction request is needed) as long as
the required search area is within the region A of the index.
u finds two points Locmin and Locmax that are the closest
and farthest points, respectively, within the required search area
compared to the original query point which was encrypted as a
reference point when its index construction request was generated.
Then, Locmin and Locmax are encrypted by using the location
encryption as ψmin ← ORE.Enc(SKG, Locmin) and ψmax ←
ORE.Enc(SKG, Locmax), respectively, and Locu is encrypted
using the query encryption as ξu ← ORE.QGen(SKG, Locu).
The location query IDu, IDG, ξu, ψmin, ψmax is sent to the
database server.
Query processing (by server). When the database server
receives a location query, it searches the index structure Iu of
u for ψmin and ψmax with respect to its encrypted reference
point. For ψmin, the search starts from the root node with key
ψi, if ORE.Cmp(ξIu , ψi, ψmin) returns ψmin, we search its
left subtree; otherwise, we search its right subtree. This process
is repeated until a leaf node nmin is reached. Likewise, a leaf
node nmax is found for ψmax. The server then goes through the
member list of every node between nmin and nmax (inclusive)
and adds their members to a candidate answer set A. Since
Iu only considers one-dimensional relative distance information,
there may be some false positives in A. Thus, for each member
m in A, the server performs a filtering step by using the compar-
ison algorithm in the ORE scheme. If ORE.Cmp(ξu, ψmin, Cm)
returns ψmin, m is removed from A. After that, a set of the AES
encrypted locations of the members in A is returned to u as a
query answer.
Fig. 5 depicts a location query of u with a location Locu in our
running example, where the shaded circle indicates the required
search area defined by distu. Locmin and Locmax are represented
by triangles. Since the required search area is within the region
A of the index (Fig. 4), u can reuse the index to process the
location query without requesting the database server to construct
a new index. The database server finds a leaf node nmin for the
encrypted form of Locmin, ψmin, i.e., nmin = R2, and a leaf
node nmax for ψmax, i.e., nmax = R3. All the members in the
member list of every leaf node from R2 to R3 are added to A,
i.e., A = {(D1, C1), (D2, C2), (D3, C3)}. After removing false
positives from A, one member remains in A = {(D1, C1)} and a
query answer {D1} is returned to u.
4 PERSONALIZED PRIVACY REGIONS
In this section, we further improve the privacy of individual
users in our PPLSS using the ORE or ORE-Index scheme by
7. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
7
allowing them to define their personalized privacy regions. In the
ORE and ORE-Index schemes described in Sections 3.1 and 3.2,
respectively, the querying user u is theoretically free to choose a
location marker at a considerably larger distance than is practical
(e.g., 1000 km). The database server would return all friends in u’s
group within that distance, allowing u to learn their location even
though there is no practical need to know their location at such
large distances. Personalized privacy regions are an extension to
the PPLSS which help prevent this situation, by allowing individ-
ual users to specify a maximum distance distpriv up to which
members of their groups are allowed to locate them. distpriv is
chosen by each individual user and it is applied whenever other
users of the group run location queries. This means that even when
a user runs a location query with a location marker at a distance
of 1000 km, if all other users of the group have defined a privacy
region of 1 km, the query will only return people at most 1 km
away from the location of the querying user (because for all other
users their privacy region requirements would not be met).
The main idea of personalized privacy regions is exemplified in
Fig. 6, where user Q runs a location query with friend y at location
Py as one of Q’s group members. User y has defined a privacy
region with a maximum distance disty
priv, which is represented
by a circle centered at y with a radius of disty
priv, by randomly
selecting a privacy marker Loc
y
priv on the boundary of y’s privacy
region. Consider that Q runs a location query with a range distance
distQ which includes y, but Q is outside the privacy region of y
(Fig. 6a), the database server will not return the location of y in
the answer set. If, on the other hand, Q is inside the privacy region
of y (Fig. 6b), the database server will return the location of y as
part of the answer to Q.
Q
Py
disty
priv
Loc
y
priv
(a)
Q
Py
Loc
y
priv
(b)
Fig. 6. In (a) the privacy region requirement of y is not satisfied, while
in (b) it is satisfied.
In the following, we will describe our ORE and ORE-Index
schemes for PPLSS when extended with personalized privacy
regions.
4.1 Extension to the ORE Scheme
We will discuss how to extend our ORE scheme to support
personalized privacy regions.
4.1.1 User Group Formation
The user group formation step is identical to the group formation
for the ORE scheme in Section 3.1.1.
4.1.2 User Location Update
When having personalized privacy regions, the difference to the
location update of the ORE scheme described in Section 3.1.2
is that a user not only updates its own location but also sends
information about his/her privacy region. To this effect, each
user decides on his/her personal privacy region by choosing
a distance distpriv. When doing a location update, a user u
picks a privacy marker Locu
priv by randomly selecting a point
on the circle with radius distu
priv centered at u’s location
Locu. u then encrypts Locu
priv using the location encryption
ORE.Enc under SKG, i.e., κu ← ORE.Enc(SKG, Locu
priv).
In addition to calculating Cu ← ORE.Enc(SKG, Locu) and
Du ← AES.Enc(SKD, Locu IDu ru) (where ru is a random
number), u encrypts its location Locu using the query encryption
ORE.QGen under SKG, i.e., ξu ← ORE.QGen(SKG, Locu). u
will then send the location update IDG, Cu, Du, κu, ξu to the
database server.
Notice that if u belongs to multiple groups G1, . . . , Gn, u is
able to specify a different distpriv for each group based on u’s
desired privacy requirements, e.g., u is willing to always disclose
location information to his/her family, i.e., distpriv = ∞, but
only a small privacy region, e.g., distpriv = 1 km, for his/her
colleagues. When u generates a location update, u encrypts a
privacy marker for each group Gi under the corresponding
shared group key SKGi and sends the location update
(IDG1 , Cu1 , Du1 , κu1 , ξu1 ), . . . , (IDGn , Cun , Dun , κun , ξun )
to the database server.
4.1.3 Location Query Processing
When using personalized privacy regions, the location query
processing is divided into two parts. In the first part, the database
server checks which members in the group are within the distance
specified by the querying user, as described in Section 3.1.3. In
the second part, for each member mi in an answer set A, the
database server checks whether the querying user is within the
privacy region of mi. If this is not the case (i.e., the privacy
requirement of mi is not met), mi is removed from the answer
set A.
The generation of a location query is similar to the ORE
scheme in Section 3.1.3. When requesting location sharing ser-
vices, a user u will send a location query along with his/her
encrypted location using the ORE scheme IDu, IDG, Cu, ξu, ψu
to the database server, where ξu ← ORE.QGen(SKG, Locu)
and ψu ← ORE.Enc(SKG, Locu
marker). In the first part, for each
member mi of the group with identity IDG except u, the database
server runs the comparison algorithm ORE.Cmp(ξu, Ci, ψu).
Whenever the comparison returns Ci, mi is added to an answer set
A. In the second part, for each member mj in the answer set A,
the database server runs the comparison algorithm again, this time
for the privacy marker, by calculating ORE.Cmp(ξj, Cu, κj).
Whenever the algorithm returns Cu, the querying user u is inside
the privacy region of mj, and thus, mj remains in the answer set
A. However, if the comparison returns κj, mj is removed from A.
Finally, a query answer that contains the AES encrypted location
of each remaining member in A is returned to u.
Fig. 7 shows an example where a group of user u contains four
friends m1 to m4 and u’s specified distance distu is represented
by a dotted circle. The first part of the query processing uses the
comparison algorithm ORE.Cmp to find that two members with
C2 and C4 are within distu of u, and thus, they are added to
an answer set A, i.e., {m2, m4}. The second part of the query
processing removes C2 from A because u is outside the privacy
region of m2. Finally, m4’s AES encrypted location, {D4}, is
returned to u.
8. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
8
(Cu, ξu)
(D4, C4, ξ4)
(D2, C2, ξ2)
(D1, C1, ξ1)
ψu
(D3, C3, ξ3)
κ2
κ4
Fig. 7. The ORE scheme with personalized privacy regions.
4.2 Extension to the ORE-Index Scheme
The extension of the ORE-Index scheme to support personalized
privacy regions is very similar to the ORE scheme. The only
difference is that the database server first searches the index
constructed for a querying user u to find a candidate answer set
A. For each member mi in A, if the ORE comparison algorithm
ORE.Cmp indicates that (1) mi is a false positive as in the original
ORE-Index scheme (Section 3.2.3) or (2) the querying user is
outside mi’s privacy region, mi is removed from A. After that a
set of the AES encrypted location of each remaining member in
A constitutes a query answer returned to u.
5 SECURITY REQUIREMENTS OF ORE
In addition to the correctness requirement below, a secure ORE
encryption should satisfy two additional requirements, confiden-
tiality of encrypted points and confidentiality of query points. We
start with the correctness requirement as follows.
1. Correctness. For all shared group key
SKG ← KGen(1λ
, R) and P0, P1, Q ∈ Rd
,
where P0 and P1 are two plaintext location points
and Q is a plaintext query location point, we have
Cb ← Cmp(QGen(SKG, Q), Enc(SKG, P0), Enc(SKG, P1))
if and only if dist(Q, Pb) ≤ dist(Q, P1−b) where b ∈ {0, 1} and
dist(P, Q) represents the actual distance between two locations
P and Q.
2. Data Confidentiality. We require that an adversary A
should not be able to recover the plaintext points from their
encrypted form. More precisely, there are two levels to consider
for the data confidentiality requirement:
• Level 1: A observes a set of ciphertext points {Ci}1≤i≤n
and also knows a set of plaintext points {Pj}1≤j≤n,
but does not know which ciphertext point in {Ci}1≤i≤n
corresponds to which plaintext point in {Pj}1≤j≤n. Now
given a new ciphertext point C∗
, A is to output the
corresponding plaintext point P∗
∈ Rd
.
• Level 2: A knows the correspondence of plaintext points
in {Pi}1≤i≤n and ciphertext points in {Ci}1≤i≤n. Now
given a new ciphertext point C∗
, A is to output the
corresponding plaintext point P∗
∈ Rd
.
The adversary A above can be considered as a malicious
Social Network Service Provider (SNSP) which has access to the
encrypted locations of users when the users update their locations.
The malicious SNSP may also obtain the plaintext locations of
some of the users.
3. Query Confidentiality. This requirement concerns the
confidentiality of the query location, namely, an adversary A
should not be able to find out a query location Q from its encrypted
form ξ ← QGen(SKG, Q). We may also consider the adversary
as a malicious SNSP which tries to recover the location of a user
making a query. In particular, given a set of ciphertext points
{Ci}1≤i≤n, a set of encrypted query locations {ξj}1≤j≤ℓ, and
a challenging encrypted query location ξ∗
← QGen(SKG, Q∗
)
for a randomly picked query Q∗
, A is to find out Q∗
.
In the next section (Section 6), we will describe how to
construct a secure ORE scheme.
6 AN ORE CONSTRUCTION
We now describe a construction of the Order-Retrievable Encryp-
tion (ORE) defined in Section 2.2. The construction is based on an
encryption scheme recently proposed by Wong et al. [19]. We
call their scheme the WCKM encryption scheme. The WCKM
encryption scheme matches our definition of an ORE scheme. The
rest of this section contains the following three aspects.
1) Review the WCKM basic encryption scheme according
to the ORE definition given in Section 2.2
2) Describe a new attack showing that the basic scheme
does not satisfy Level 1 of Data Confidentiality given
in Section 5
3) Describe the final extended WCKM encryption scheme
Below is the review of the WCKM basic encryption scheme
according to our ORE definition (Section 2.2):
Symmetric Key Generation. Suppose that all the points are
in a d-dimensional space and R is the space of each dimension.
Given a security parameter λ ∈ N and dimension space R, KGen
outputs a symmetric key SKG as a randomly chosen invertible
(d + 1) × (d + 1) matrix where each element is in R. In the
following, we assume that all elements in matrices and vectors are
in R, and R is of integers in a certain range, which will be defined
in each concrete scheme.
Encryption. Given SKG and a point P, which is a d-element
vector (p1, p2, · · · , pd) ∈ Rd
, the encryption algorithm Enc
prepares a (d+1)-element vector ˆP as follows:
ˆP =
p1
p2
...
pd
−0.5||P||2
(2)
and calculates a ciphertext point C = SKT
G
ˆP, where ||P||
represents the Euclidean norm of point P. Note that ||P||2
can
be represented by P · P where · represents the scalar product.
Decryption. Given SKG and a ciphertext point C which is a
(d+1)-element vector (c1, c2, · · · , cd+1) ∈ Rd+1
, the decryption
algorithm Dec recovers the original point P by computing
P = πdSKT −1
G C (3)
where SKT −1
G is the inverse of SKT
G and πd removes the (d+1)-
th dimension by setting πd = (Id, 0) with Id the d-dimensional
9. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
9
identity matrix and “0” a column vector of zeros. πd is thus a
d × (d + 1) matrix.
Query Generation. Given SKG and a query point Q =
(q1, q2, · · · , qd) ∈ Rd
, the query generation algorithm QGen
picks a random r > 0 and creates a (d + 1)-dimensional point ˆQ
as
ˆQ = r
q1
...
qd
1
(4)
and calculates a ciphertext query point Y = SK−1
G
ˆQ.
Comparison. Given two ciphertext location points C0 and
C1 and one ciphertext query point Y , suppose that Ci ←
Enc(SKG, Pi) for i = 0, 1 and Y ← QGen(SKG, Q) where
P0, P1, Q ∈ Rd
. The comparison algorithm Cmp calculates the
following to determine which ciphertext location point is closer to
the encrypted point Y :
(C0 − C1) · Y > 0 (5)
If so, the output is set to C0; otherwise, the output is set to C1.
In the following, we analyze the security of the WCKM
encryption scheme and show that besides the settings suggested in
[19], additional conditions have to be introduced in order to ensure
its security against Level 1 of Data Confidentiality requirement
defined in Section 5.
6.1 Security Analysis
In [19], the authors described a bruteforce attack which entails
a total of nPd+1 = O(nd+1
) trials of potential symmetric keys
that an adversary needs to try if a set of n ciphertexts {Ci}1≤i≤n
and plaintext points {Pj}1≤j≤n are given but the correspondence
between the ciphertexts and plaintexts are not known. In each
trial, the adversary performs no more than n decryptions. Hence
as stated in [19], if n = 10K and d = 2 (i.e. a 2-dimensional
geographical data set), the adversary has to spend more than 310
years to test out all trial symmetric keys if the adversary can
perform 1M decryptions per second. This bruteforce attack falls
in the setting of Level 1 of Data Confidentiality given in Section 5.
We observe, however, that the setting (n = 10K, d = 2) may
not be secure enough for achieving 80-bit security (i.e. λ = 80)
which is considered as the minimum security requirement for
symmetric key security [18]. First of all, we can see that the
number of trial symmetric keys is 10KP3 < 240
. The estimation
given in [19] relies on the assumption that the adversary can
perform at most 1M decryptions per second. This might be the
case if the adversary can unleash the computational power of only
a few machines. However, as finding the symmetric key SKG
will enable the adversary to access the entire database, there is
a strong incentive to devote more resources to the cracking task.
One example is to make use of a botnet which usually contains
hundreds of thousands of nodes [28]. Some botnets even have
more than one million computers that can be utilized by an
adversary to launch a bruteforce attack. Suppose 100K computers
in a botnet are involved in the cracking task and each of them can
run 10K decryptions per second, then the time required for finding
SKG in the example above will be significantly reduced to just
four months.
A New Bruteforce Attack. We propose a new bruteforce
attacking technique which is different from the one described in
[19], while it will be more effective in recovering the key SKG
when the value of d is small, as in the example above. For each
row of πdSKT −1
G (in Equation 3), there are d+1 elements and each
element is in R. The scalar product of row i of πdSKT −1
G and
the (d+1)-element vector C (in Equation 3) is the i-th element
of the corresponding plaintext point P. A bruteforce attack can
be launched which can find out the i-th row of πdSKT −1
G . The
bruteforce attack can be launched independently for each row of
πdSKT −1
G . Once all the d rows of πdSKT −1
G are found, the
adversary is then able to decrypt all the other ciphertexts by
following the decryption algorithm (in Equation 3).
Let (ei,1, ei,2, . . . , ei,d+1) ∈ Rd+1
be the d + 1 ele-
ments on i-th row of πdSKT −1
G . For each trial sequence of
(ei,1, ei,2, . . . , ei,d+1), the adversary performs a decryption for
each ciphertext in {Ci}1≤i≤n and checks if the i-th element in
the decrypted point is equal to the i-th element of any plaintext
in {Pj}1≤j≤n. This is carried out for all the n ciphertexts in
{Ci}1≤i≤n. If all the checks are passed, then the adversary finds
the correct (ei,1, ei,2, . . . , ei,d+1).
The total number of trial values for (ei,1, ei,2, . . . , ei,d+1) is
|R|d+1
for each row of πdSKT −1
G . Since the bruteforce attack
can be launched independently for each row, the total number
of attempts that the adversary needs to try for finding the values
of all the d rows of πdSKT −1
G is d|R|d+1
. Depending on the
cardinality of R, the adversary may spend less effort to crack the
system. Suppose that d = 2 and R = [−1K, 1K]. Then the total
number of possible candidates for SKG is 2 ·20003
≤ 234
which
does not satisfy 80-bit symmetric key security.
6.2 The Final ORE Construction
To defend against the new bruteforce attack above, the dimension
d of the scheme can be augmented, for example, by setting d ≥
80. In this way, even if SKG is a binary matrix, the scheme can
still provide at least 80-bit symmetric key security against the
bruteforce attack above.
For Level 2 of Data Confidentiality (Section 5), dimension
augmentation is not enough as the adversary knows the corre-
spondence between the ciphertexts in {Ci}1≤i≤n and the plaintext
points in {Pi}1≤i≤n. Hence the adversary can recover SKG after
getting d + 1 pairs of plaintext points Pi and their encrypted
counterparts Ci. In the following, we review a technique called
secret splitting configuration which was proposed in [19]. The
technique can be used to achieve Level 2 of Data Confidentiality.
Instead of generating one transformation matrix, we now
choose two matrices for the ORE scheme, e.g. SKG0 and SKG1 .
For every extended location point p (i.e., a point augmented with
random dimensions) to be encrypted, we split it into two parts
pa, pb so that p = pa + pb. Note that for any query point q it
holds that p · q = pa · q + pb · q. We then encrypt pa and pb
under SKG0 and SKG1 , respectively, e.g. Ca ← SKT
G0
pa and
Cb ← SKT
G1
pb. A query point q is also encrypted twice, namely,
we compute Ya ← SK−1
G0
q and Yb ← SK−1
G1
q. We then have
Ca · Ya + Cb · Yb = pa · q + pb · q = p · q = C · Y . The same
technique can also be applied to the query point. That is, we can
choose to split a query point to two parts, e.g. q = qa + qb, and
encrypt each part under the corresponding secret key.
However, as analyzed in [19], the split technique alone does
not improve the security. Therefore, we consider the secret split-
ting configuration. Specifically, we choose a secret configura-
tion, which is a vector of bits, e.g. b ← (b1, · · · , bd)T
where
10. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
10
bi ∈ {0, 1} for i = 1, 2, · · · , d. If bi = 1, we split pi (the i-th
entry of a location point p) to two parts, e.g. pi = pa,i + pb,i,
and copy qi (the i-th entry of a query point q) twice, e.g.
qa,i = qb,i = qi; otherwise, we split the qi to two parts, e.g.
qi = qa,i + qb,i, and copy pi twice. The configuration is secretly
shared among all the users in the same group. We then have
d
i=1(pa,iqa,i + pb,iqb,i) = p · q. Since the configuration is
unknown to the adversary and there are in total 2d
many possible
choices, the enhanced scheme is 2d
more costly for the adversary
to break than the original ORE scheme.
7 THE SECURITY ANALYSIS OF OUR PPLSS US-
ING ORE AND ORE-INDEX
There are different security aspects to consider in our Privacy-
Preserving Location Sharing Services (PPLSS) for social network-
ing appliations. In the following, we start with a security model.
7.1 Security Model
In our security model, we consider the database server as an
adversary which tries to locate one user in a group of n users,
all of which are mutually friends with each other. The group is
denoted as G = {u1, u2, · · · , un} where the secret keys shared
by the group members are (SKG, SKD). The adversary (i.e. the
database server) has access to data received from all the members
in G. It can also collude with eavesdroppers and all other users
in the system who are not in G. We say that the adversary is
considered to have broken our PPLSS if the adversary is able
to find out the location of any user in G solely from the data
received from the n group members u1 to un. We do not consider
physical or side-channel attacks such as the adversary finding out
a user’s location through other means, for example, by tracking
the cell towers that are communicating with the user. Once again,
a privacy-preserving location sharing system is for protecting the
location privacy of users. The adversary knows the identity (or
pseudonym) of each user in the system.
We also assume that the database server is curious but honest.
It might try to determine the locations of users as described above,
but it will run the algorithms honestly without denying service
to any user. We also assume that no user in G colludes with
the adversary. A user possesses the secret keys for encryption
and decryption and would thus be able to decrypt all location
information from other users if he/she colluded with the database
server. Therefore, users are assumed not to share the secret keys
SKG and SKD with the server. However, the database server can
have secret keys of all other users in the system who are not in G.
7.2 Location Privacy against Service Provider
In our PPLSS, all the points sent to the server by users in the
system are encrypted either using our ORE scheme introduced in
Section 2.2 (i.e., Ci, ξi, ψi and κi) or using AES [22] encryption
(i.e., Di). Because the encryption does not preserve distance, the
server cannot gain any information from the encrypted points
alone. Furthermore, the only operation possible on the encrypted
points is relative distance comparisons, but without knowing the
corresponding actual location of at least two points even distance
comparisons do not reveal useful information. In the following,
we consider the correlation of several types of encrypted points.
Query/Normal Points. In general, the database server can
only run following distance comparisons:
Fig. 8. The road network of Hennepin County, MN, USA.
1) An encrypted location query point ξ and an encrypted
query marker ψ or an encrypted user location point Cu
2) An encrypted user location point ξu (for the personalized
privacy region scheme) and an encrypted privacy marker
κu or an encrypted location query point ξ
3) An encrypted location query point ψmin (or ψmax) and
an encrypted reference point ξIu or the encrypted key ψi
of a node in index Iu
Because distances are not preserved for encrypted points, the
database server can only run comparisons between points. For
an arbitrary user at location Locu (given as Cu), the database
server can only determine if Locu is closer to Q (given as ξ)
than Locmarker (given as ψ). The case of Locu farther away than
Locmarker does not reveal any additional information, and the
case of Locu being closer than Locmarker does not narrow down
the possible region of a user either as the database server does not
know the value of dist. However, in practice users tend to choose
dist in some predictable way, for example, 1 km for users who
are walking. In this way, the database server may be able to tell
whether a user x is in proximity of the querying user while another
user, say user y is not. Nevertheless, the database server may only
find out their relative proximity rather than their exact locations.
8 EXPERIMENTAL RESULTS
To evaluate the performance of our Privacy-Preserving Location
Sharing Services (PPLSS) using the Order-Retrievable Encryption
with the sequential scan (ORE) scheme and ORE with the pro-
posed index structure (ORE-Index), and also to compare them to
the state-of-the-art cryptography-based privacy-preserving query
processing technique for spatial data, namely, the CRT scheme
described in [16], we implemented a simulator in Java to run both
our ORE and ORE-Index schemes and the CRT scheme [16]. CRT
is an interactive protocol for location queries over spatial data,
making use of R*-trees and cryptography-based transformations
on location data to protect the privacy of the data. In all experi-
ments, we generated a set of moving users on the road network
of Hennepin County, Minnesota, USA, as illustrated in Fig. 8.
The input road network is extracted from the Tiger/Line files that
are publicly available3
. The total area of the Hennepin County is
3. U.S. Census Bureau. Topologically Integrated Geographic Encoding and
Referencing system (TIGER). http://www.census.gov/geo/www/tiger/.
11. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
11
CRT
ORE
Query Distance [km]
Data[KB]
0
10
15
20
1 2 3 4 5
5
6 7 8 9
(a) Group size of 1,000 Users
CRT
ORE
Query Distance [km]
Data[KB]
0
100
200
300
400
500
600
700
1 2 3 4 5 6 7 8 9
(b) Group size of 50,000 Users
Fig. 9. Communication cost of CRT and ORE (dist).
# of Users (in thousands)
Data[KB]
ORE
CRT
0
10
20
30
40
50
60
1 2 5 10 50 100
(a) dist = 1 km
# of Users (in thousands)
Data[KB]
ORE
CRT
0
100
200
300
400
500
600
700
1 2 5 10 50 100
(b) dist = 5 km
Fig. 10. Communication cost of CRT and ORE (group size).
1,571 km2
. The road map has 57,020 edges and 42,135 vertices.
Users are initially distributed among the vertices, and then move
along the roads at speeds between 50 and 70 miles per hour. Unless
mentioned otherwise, the default number of friends per user (the
user group size) is 5,000, and users issue location queries with a
query range distance dist of 1 km and an index area with a radius
distmax of 10 km. For the ORE-Index scheme, the default index
height is three, i.e., an index contains eight rings. With the default
distmax and index height, the default index ring width is 1.25 km,
and hence, the default ratio of the query range distance dist to the
index ring width is 1/1.25 = 0.8. All experiments were run on a
machine with an Intel Core 2 Duo 3.16GHz CPU and 3.25GB of
RAM.
8.1 Comparing ORE and CRT
We first compared our ORE scheme with the CRT scheme.
Although several schemes were proposed in [16], CRT is the
only one which offers the same strong privacy guarantees as
our ORE scheme. Because both CRT and ORE target the mobile
environment, we focused on comparing their communication cost.
Our ORE scheme only returns the exact results to the user,
while CRT requires the user to run several rounds (navigating
an encrypted R-tree) and filter the returned results locally.
Comparing ORE and CRT when varying the range distance
of location queries, i.e., dist, gives the results shown in Fig. 9a
and 9b for group sizes of 1,000 users and 50,000 users, respec-
tively. The result shows that our ORE scheme typically needs
to transfer less than half the amount of data than CRT for
small groups, and about two thirds of the amount of data as the
group size grows larger. ORE is especially more efficient if the
query range distance is comparatively small. Fig. 10a shows the
comparison of the communication cost for dist = 1 km where up
to a group size of 100,000 users the cost of ORE is a small fraction
# of Users
QueryTime[ms]
ORE
ORE-Index
0
20
40
60
80
100
1000 2000 5000 10000 50000
(a) dist = 1 km
# of Users
QueryTime[ms]
ORE
ORE-Index
0
20
40
60
80
100
1000 2000 5000 10000 50000
(b) dist = 5 km
Fig. 11. Query time of ORE and ORE-Index (group size).
Tree Height [Levels]
QueryTime[ms]
ORE-Index
2 3 4 5
0
0.1
0.2
0.3
0.4
0.5
0.6
(a) dist = 1 km
Tree Height [Levels]
QueryTime[ms]
ORE-Index
2 3 4 5
0
0.5
1.5
1
2
2.5
3
(b) dist = 5 km
Fig. 12. ORE-Index scheme (index levels).
of the cost of CRT. The difference gets smaller as the query range
distance increases to 5 km (Fig. 10b), but ORE still requires only
half to two thirds of the data transmitted compared to CRT.
8.2 Comparing ORE and ORE-Index
The second experiment was designed to compare the efficiency
of the ORE scheme with the ORE-Index scheme. Because both
schemes return the exact result to the user, the amount of data
transmitted is identical. We therefore focused the comparison on
the query time, i.e., the processing time required by the database
server to run a query. The result shown in Fig. 11a confirms that
the ORE-Index scheme is indeed an order of magnitude more
efficient in terms of query processing time than the ORE scheme
for relatively small query range distances dist, i.e., 1 km. This
is due to the fact that the ORE scheme always has to search
sequentially through all users in a group, while the ORE-Index
scheme only compares the users in the relevant rings of the index.
For larger query distances, i.e., 5 km, ORE-Index still requires
only half the processing time, or even less than half as the number
of users increases (Fig. 11b).
8.3 Effect of Parameters of ORE-Index
The ORE-Index scheme has a number of parameters which in-
fluence its performance. We looked at the two most important
parameters among them. The first parameter is the height of an
index structure. If the area covered by an index, i.e., distmax,
remains constant, varying the index tree height means varying
the width of the index rings. Increasing the height of the index
results in thinner rings (with a smaller total area) and vice versa.
Fig. 12 shows how the required query processing time for the
database server varies with the index height from two to five
levels, where the group size is 5,000 users. For smaller query
range distances (Fig. 12a), increasing the height from two to three
12. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
12
Ratio
QueryTime[ms]
ORE-Index
0
0.2
0.4
0.6
0.8
1
1.2
0.25 0.5 0.75 1 1.5 2 2.5
(a) dist = 1 km
Ratio
QueryTime[ms]
ORE-Index
0
2
4
6
8
10
12
0.25 0.5 0.75 1 1.5 2 2.5
(b) dist = 5 km
Fig. 13. ORE-Index scheme (the ratio of the query range distance to the
index ring width).
(corresponding to going from three to seven rings) will yield
significant improvement, while deeper trees result in somewhat
smaller gains. For larger query range distances (Fig. 12b), the
performance continues to improve as the index structure contains
more levels.
Another important parameter of the ORE-Index scheme that
influences the query processing time required by the database
server is a ratio between the query range distance dist and the
ring width, as the ratio below one signifies that it is more likely
that only one index ring has to be searched, while the ratio larger
than one means that always at least two or even more index rings
have to be searched. However, if the query range distance remains
fixed, a smaller ratio results in a much larger area being covered
by the index, resulting in more users per index ring.
Fig. 13 shows the evolution of the query processing time as
the ratio varies from 0.25 to 2.5 with the same number of index
rings, for 1 km and 5 km queries. For a ratio of 0.25 (meaning
that the width of an index ring is 4 times the query range distance),
the query processing time required by the database server is the
highest, due to the fact that the index area is large, with each ring
containing many users. As the ratio increases, the query processing
time drops, most significantly until it reaches 0.75. Larger ratios
only marginally decrease the query processing time. For larger
query range distances (Fig. 13b) there is a special effect for a
ratio of one, resulting in longer query processing time than a ratio
of 0.75 or 1.5. On the other hand, increasing the ratio has as a
consequence that the index has to be rebuilt more often because
the total index area is proportionally smaller and a querying user
will leave the index area of a previously built index sooner. 0.75
therefore seems to be an acceptable compromise between good
query performance (in terms of query processing time) and the
frequency with which the index has to be rebuilt.
9 RELATED WORK
In this section, we survey the privacy-preserving techniques for
conventional location-based services, spatial data outsourcing, and
location sharing services.
Location-based services. The problem of user location pri-
vacy in location-based services has been addressed from several
angles before. For example techniques such as k-anonymity or
location cloaking, where the location of a user is expanded
to include k − 1 other users [8]–[11]. Another approach uses
oblivious transfer or private information retrieval to allow a user
to retrieve points of interest without the server knowing what
was retrieved [29]–[31]. In conventional location-based services,
the information held by the server (points of interest) is static,
while the information held by the user (i.e., the user location) is
dynamic. If location-based services are used for locating friends,
on the other hand, then all information is dynamic, i.e., both
the information held by the user (his/her own location) and the
information held by the server (the location of all users). Privacy-
preserving query processing schemes designed for conventional
location-based services (such as store finders, etc.) are therefore
usually not directly applicable to location-based services for
locating friends, i.e., location sharing services for social networks.
Spatial data outsourcing. An order-preserving encryption
scheme [20], [21] protects outsourcing data by using a bucket-
based encryption E such that E(x) < E(y) for every pair of
values for which x < y. However, since the order-preserving
encryption scheme can only protect data in simple numerical
domains, it cannot easily be extended to protect spatial data.
Another approach described in [32] for outsourcing data uses
homomorphic encryption4
to enable aggregate SQL queries over
encrypted databases. The scope is very limited, though, focusing
only on simple numerical domains and aggregate queries in SQL.
Furthermore, the scheme has been shown to be insecure in [33].
For spatial data, one approach to preserve privacy in spatial
datasets is to transform or perturb data in a way which still
allows making meaningful operations on the transformed data.
Both [34] and [35] suggest such kinds of distance-recoverable
transformations, where the distance between points is preserved.
Wong et al. showed in [19] that distance-recoverable or gen-
eral scalar-product-preserving encryption schemes are not secure
against certain attacks and in [36], Liu et al. demonstrated how the
original data can be recovered in schemes such as [34] and [35]. In
[19], Wong et al. introduced a scheme which is asymmetric scalar-
product-preserving instead of general scalar-product-preserving,
making it immune to such attacks.
A similar paper on outsourcing location data to an untrusted
third party is by Yiu et al. [16]. Similar to Wong et al. [19] it
transforms a database before outsourcing it to a service provider.
Authorized users share a private key so they can send queries
to the service provider, who can work on the transformed data
to generate a response without learning any location information.
Both those schemes [16], [19], however, are for outsourcing static
data. For applications where the location of points is updated
continuously, [16] for example would require the whole database
to be re-transformed for each update, which is impractical.
Location sharing services. One paper proposing three dif-
ferent algorithms for a privacy-preserving location-based service
for locating friends is by Zhong et al. [37]. Their algorithms use
an additive homomorphic cryptosystem to perform secure multi-
party computation. Their first scheme, Louis, allows two users
to determine whether they are in proximity if and only if they are
nearby, using a semi-trusted third party. Lester, the second scheme,
does not need any third party and relies instead on letting a user
solve a computational puzzle to determine whether another user
is nearby. Each user determines the hardness of the puzzle and
consequently, the amount of work is necessary for other users to
find out whether they are in proximity. The third scheme, Pierre,
makes use of a grid structure and encrypted grid coordinates
to determine whether two users are in the same or in adjacent
grid cells. There are other grid-based schemes, but they usually
4. Homomorphic encryption allows to perform addition and/or multiplica-
tion over ciphertexts such that it corresponds to the same operation over the
plaintext, i.e., ε(x) + ε(y) = ε(x + y), and/or ε(x) · ε(y) = ε(x · y).
13. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
13
have the drawback that locations and proximity calculations are
approximate because the distance between grid cells does not
capture exactly the distance between users within those cells.
Another approach by Mascetti et al. in [14] uses three different
protocols called SP-Filtering, Hide&Seek and Hide&Crypt. SP-
Filtering computes the proximity between users with a certain
degree of approximation. It requires a third party which does
the computation. The third party compares so-called granules,
which obfuscate the exact location of users to determine the
approximate distance between them. If more precision is needed,
Hide&Seek or Hide&Crypt is run as a second step. Hide&Seek
starts a direct interaction between two users to get a more precise
distance measurement. Hide&Crypt also requires direct interaction
between users but uses secure computation to leak less information
about the respective position of users. Nevertheless, the first step,
SP-Filtering, will still leak the approximate location of each user
to the third party.
In [13], ˇSikˇsnys et al. present an approach based on encrypted
grid indices. Users share a list of grids with different levels (or
resolutions). Each cell in a grid of a specific resolution can be
mapped to a unique number through a one-to-one function such as
AES. A server can then determine proximity by comparing these
numbers, asking users to switch to a finer resolution if necessary.
This requires several rounds of communication when two users
are close, making it more expensive in terms of communication.
A recent paper also by ˇSikˇsnys et al. [12] introduces Vicinity
Locator which is similar to the Friend Locator in [13] but allows
arbitrarily shaped regions of interest.
Another privacy-preserving location-sharing service proposed
by Herrmann et al. [38] makes use of identity-based broadcast
encryption (IBE) to realize a location-sharing service that affords
location privacy with respect to the central server. One version
of the scheme shares the location with friends irrespective of
their relative location, leading to more data being transferred than
necessary. An updated version maps locations to discrete regions
to counteract this problem, but the mapping is approximate as it
depends on the definition of the regions, while our scheme is exact
in defining within which range to share locations. Furthermore,
our scheme also provides personalized privacy regions, while their
scheme has no such provisions.
Similarly, Freudiger et al. [39] also make use of broadcast
encryption (albeit not identity-based) to distribute locations among
friends, augmenting the system with dummy queries and caching
of information required for localization to minimize leaking in-
formation through the geo-location process. In contrast, while
our scheme is also cryptography-based, our scheme minimzes
overhead by enabling the server to only send relevant locations
as the response to a query of a user, and our scheme also provides
privacy from overly curious friends.
To summarize, our PPLSS using the proposed ORE scheme
can distinguish itself from existing solutions in that it (1) provides
secure location privacy by not disclosing any location information
about users and queries, not even approximate location informa-
tion, to a database server, (2) does not require any third party,
(3) achieves low communication and computational overhead by
not requiring any direct communication between users or multiple-
round communication between a user and a database server,
(4) designs an index structure for our ORE scheme to improve
query processing efficiency, (4) supports highly dynamic location
updates from individual users efficiently, and (5) introduces a new
privacy notion, called a personalized privacy region, to further
improve user privacy within a group of friends.
10 CONCLUSION
In this paper, we introduce an Order-Retrievable Encryption
(ORE) scheme; a new encryption notion for Privacy-Preserving
Location Sharing Services (PPLSS) in social networking applica-
tions. ORE is designed to answer location queries that allow a user
to view the exact location of his/her friends within a user-specified
distance without revealing any location information about the user
and his/her friends to the database server and any other users in
the system. The distinguishing characteristics of ORE compared to
existing algorithms are that ORE provides secure location privacy,
achieves low communication and computational cost, and supports
dynamic location updates. To improve query processing efficiency,
we propose a tree-like index structure for our ORE scheme (ORE-
Index) to facilitate range searches over the encrypted locations
of a group of friends. In addition, a personalized privacy region
scheme is proposed to further improve user privacy within a group
of friends by enabling a user to specify a maximum distance up
to which his/her friends are allowed to locate the user. We also
perform experiments to evaluate ORE and ORE-Index and show
that their performance is much better compared to the state-of-the-
art cryptography-based technique designed for spatial queries.
REFERENCES
[1] Facebook Places, “http://www.facebook.com/places/.”
[2] Foursquare, “http://www.foursquare.com.”
[3] Google Plus, “https://plus.google.com.”
[4] Loopt, “http://www.loopt.com.”
[5] L. Barkhuus, B. Brown, M. Bell, S. Sherwood, M. Hall, and
M. Chalmers, “From awareness to repartee: Sharing location within
social groups,” in Proceedings of the ACM Conference on Human Factors
in Computing Systems, 2008.
[6] E. Toch et al., “Empirical models of privacy in location sharing,”
in Proceedings of the ACM International Conference on Ubiquitous
Computing, 2010.
[7] S. Consolvo et al., “Location disclosure to social relations: Why, when,
& what people want to share,” in Proceedings of the ACM Conference on
Human Factors in Computing Systems, 2005.
[8] C.-Y. Chow, M. F. Mokbel, and W. G. Aref, “Casper*: Query processing
for location services without compromising privacy,” ACM Transactions
on Database Systems, vol. 34, no. 4, pp. 1–48, 2009.
[9] M. Gruteser and D. Grunwald, “Anonymous usage of location-based
services through spatial and temporal cloaking,” in Proceedings of the
ACM International Conference on Mobile Systems, Applications, and
Services, 2003.
[10] M. F. Mokbel, C.-Y. Chow, and W. G. Aref, “The new casper: Query
processing for location services withoutcompromising privacy,” in Pro-
ceedings of the International Conference on Very Large Data Bases,
2006.
[11] T. Wang and L. Liu, “Privacy-aware mobile services over road networks,”
in Proceedings of the International Conference on Very Large Data
Bases, 2009.
[12] L. Siksnys, J. R. Thomsen, S. Saltenis, and M. L. Yiu, “Private and
flexible proximity detection in mobile social networks,” in Proceedings
of the International Conference on Mobile Data Management, 2010.
[13] L. Siksnys, J. R. Thomsen, S. Saltenis, M. L. Yiu, and O. Andersen, “A
location privacy aware friend locator,” in Proceedings of the International
Symposium on Spatial and Temporal Databases, 2009.
[14] S. Mascetti, C. Bettini, and D. Freni, “Longitude: Centralized privacy-
preserving computation of users’ proximity,” in the International Work-
shop on Secure Data Management, 2009.
[15] S. Triukose, S. Ardon, A. Mahanti, and A. Seth, “Geolocating ip
addresses in cellular data networks,” in Passive and Active Measurement,
ser. Lecture Notes in Computer Science, 2012, vol. 7192, pp. 158–167.
[16] M. L. Yiu, G. Ghinita, C. S. Jensen, and P. Kalnis, “Enabling search
services on outsourced private spatial data,” The International Journal
on Very Large Data Bases, vol. 19, no. 3, pp. 363–384, 2010.
14. 1939-1374 (c) 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TSC.2016.2514338, IEEE
Transactions on Services Computing
14
[17] O. Goldreich, Foundations of Cryptography, volume I, Basic Tools.
Cambridge University Press, 2007.
[18] B. Kaliski, “TWIRL and RSA key size,” 2003, CryptoBytes Technical
Newsletter, http://www.rsa.com/rsalabs/node.asp?id=2004.
[19] W. K. Wong, D. W.-L. Cheung, B. Kao, and N. Mamoulis, “Secure
kNN computation on encrypted databases,” in Proceedings of the ACM
International Conference on Management of Data, 2009.
[20] R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, “Order-preserving en-
cryption for numeric data,” in Proceedings of the ACM International
Conference on Management of Data, 2004.
[21] A. Boldyreva, N. Chenette, Y. Lee, and A. O’Neill, “Order-preserving
symmetric encryption,” in Eurocrypt, 2009.
[22] “Specification for the advanced encryption standard (AES),” Federal
Information Processing Standards Publication 197, 2001, http://csrc.nist.
gov/publications/fips/fips197/fips-197.pdf.
[23] C. Boyd and A. Mathuria, Protocols for Authentication and Key Estab-
lishment. Springer-Verlag, 2003.
[24] IEEE, P1363 - 2000: Standard Specifications For Public Key Cryptogra-
phy, 2000.
[25] Google Latitude, “http://www.google.com/latitude.”
[26] Facebook Statistics, “http://www.facebook.com/press/info.php?
statistics.”
[27] S. Chen, C. S. Jensen, and D. Lin, “A benchmark for evaluating moving
object indexes,” Proceedings of the International Conference on Very
Large Data Bases, 2008.
[28] P. Barford and V. Yegneswaran, An Inside Look at Botnets. Springer,
2007, pp. 171–191.
[29] G. Ghinita, P. Kalnis, A. Khoshgozaran, C. Shahabi, and K.-L. Tan, “Pri-
vate queries in location based services: Anonymizers are not necessary,”
in Proceedings of the ACM International Conference on Management of
Data, 2008.
[30] M. Kohlweiss et al., “Efficient oblivious augmented maps: Location-
based services with a payment broker,” in Proceedings of the Privacy
Enhancing Technologies Symposium, 2007.
[31] R. Vishwanathan and Y. Huang, “A two-level protocol to answer private
location-based queries,” in IEEE International Conferences on Intelli-
gence and Security Informatics, 2009.
[32] H. Hacig¨um¨us, B. R. Iyer, and S. Mehrotra, “Efficient execution of
aggregation queries over encrypted relational databases,” in Proceedings
of the International Conference on Database Systems for Advanced
Applications, 2004.
[33] E. Mykletun and G. Tsudik, “Aggregation queries in the database-as-a-
service model,” in Proceedings of the Annual IFIP Conference on Data
and Applications Security, 2006.
[34] K. Chen and L. Liu, “Privacy preserving data classification with rotation
perturbation,” in Proceedings of the IEEE International Conference on
Data Mining, 2005.
[35] S. R. M. Oliveira and O. R. Zaane, “Achieving privacy preservation when
sharing data for clustering,” in Proceedings of the SIAM International
Conference on Data Mining, 2004.
[36] K. Liu, C. Giannella, and H. Kargupta, “An attacker’s view of distance
preserving maps for privacy preserving data mining,” in Proceedings
of the European Conference on Principles and Practice of Knowledge
Discovery in Databases, 2006.
[37] G. Zhong, I. Goldberg, and U. Hengartner, “Louis, lester and pierre:
Three protocols for location privacy,” in Proceedings of the Privacy
Enhancing Technologies Symposium, 2007.
[38] M. Herrmann, A. Rial, C. Diaz, and B. Preneel, “Practical privacy-
preserving location-sharing based services with aggregate statistics,” in
Proceedings of the 2014 ACM Conference on Security and Privacy in
Wireless & Mobile Networks, 2014, pp. 87–98.
[39] J. Freudiger, R. Neu, and J.-P. Hubaux, “Private sharing of user location
over online social networks,” in HotPETs, 2010.
Roman Schlegel has an MSc from EPFL in
Switzerland in Communication Systems and a
PhD in Computer Science from City University in
Hong Kong. During his doctoral studies he also
spent a year as a research assistant at Indiana
University Bloomington in the US. After finishing
his PhD he joined ABB Corporate Research as a
research scientist for security in industrial control
systems. His research interests include privacy,
network security and applied cryptography.
Chi-Yin Chow received the M.S. and Ph.D.
degrees from the University of Minnesota-Twin
Cities in 2008 and 2010, respectively. He is
currently an assistant professor in Department
of Computer Science, City University of Hong
Kong. His research interests include spatio-
temporal data management and analysis, GIS,
mobile computing, and location-based services.
He was the co-organizer of ACM SIGSPATIAL
MobiGIS 2012 and 2013.
Qiong Huang got his B.S. and M.S. degrees
from Fudan University in 2003 and 2006 re-
spectively, and got his PhD degree from City
University of Hong Kong in 2010. Now he is a
professor at South China Agricultural University.
His research interests include cryptography and
information security, in particular, cryptographic
protocols design and analysis.
Duncan S. Wong received the B.Eng. degree
from the University of Hong Kong in 1994, the
M.Phil. degree from the Chinese University of
Hong Kong in 1998, and the Ph.D. degree from
Northeastern University, Boston, MA, in 2002.
He is currently an associate professor in the De-
partment of Computer Science at the City Uni-
versity of Hong Kong. His primary research inter-
est is cryptography; in particular, cryptographic
protocols, encryption and signature schemes,
and anonymous systems.