With the abundance of location-aware portable devices such as cellphones and PDAs, a new emerging application is to use this pervasive computing platform for a variety of location-based services. With these services, users create and share geospatial content online or query points of interest information (such as locations of nearby restaurants) from the location servers to which they subscribe. However, issues of trust, security and privacy have hindered the popularity and safety of the systems developed for this purpose. In particular, these services might not be trustworthy to handle user "data" and "location" information or the query results might be tempered by untrusted service providers and not be trusted by information consumers. Hence, protecting the privacy of information outsourced and the user location information shared with these potentially untrusted services can greatly affect the popularity of these services.


Outsourcing data to third party data providers is becoming a common practice for data owners to avoid the cost of managing and maintaining databases. Meanwhile, due to the popularity of locationbased- services (LBS), the need for spatial data (e.g., gazetteers, vector data) is increasing exponentially. Consequently, we are witnessing a new trend of outsourcing spatial datasets by data collectors. Two main challenges with outsourcing datasets is to keep the data private (from the data provider) and ensure the integrity of the query result (for the clients). Unfortunately, most of the techniques proposed for privacy and integrity do not extend to spatial data in a straightforward manner. Hence, recent studies proposed various techniques to support either privacy or integrity (but not both) on spatial datasets.


In this project, we identify and address the key challenges of enabling privacy-aware querying of private spatial data using an untrusted server model and trustworthy database outsourcing model. We have proposed a range of techniques such as space encoding and private information retrieval to protect the privacy of user location data in location based services. Additionally, to enable a trustworthy database outsourcing paradigm, we proposed a dual spatial encryption system to provide the end users the ability to perform query auditing and authenticating. Please see the research section for more details on these research problems and our approaches.









This research has been funded in part by NSF grants IIS-0742811 and CNS-0831505 (CyberTrust). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.





Sponsors :