With the abundance of location-aware portable
devices such as cellphones and PDAs, a new emerging application is to use
this pervasive computing platform for a variety of location-based services.
With these services, users create and share geospatial content online or
query points of interest information (such as locations of nearby
restaurants) from the location servers to which they subscribe. However,
issues of trust, security and privacy have hindered the popularity and
safety of the systems developed for this purpose. In particular, these
services might not be trustworthy to handle user "data" and "location"
information or the query results might be tempered by untrusted service providers and not be trusted by information consumers. Hence, protecting the privacy of information outsourced and the
user location information shared with these potentially untrusted services
can greatly affect the popularity of these services.
Outsourcing data to third party data providers is becoming
a common practice for data owners to avoid the cost of managing and
maintaining databases. Meanwhile, due to the popularity of locationbased-
services (LBS), the need for spatial data (e.g., gazetteers, vector
data) is increasing exponentially. Consequently, we are witnessing a
new trend of outsourcing spatial datasets by data collectors. Two main
challenges with outsourcing datasets is to keep the data private (from
the data provider) and ensure the integrity of the query result (for the
clients). Unfortunately, most of the techniques proposed for privacy and
integrity do not extend to spatial data in a straightforward manner.
Hence, recent studies proposed various techniques to support either privacy
or integrity (but not both) on spatial datasets.
In this project, we identify and address the key challenges of
enabling privacy-aware querying of
private spatial data using an untrusted server model and trustworthy database outsourcing model. We have proposed
a range of techniques such as space encoding and private information
retrieval to protect the privacy of user location data in location
based services. Additionally, to enable a trustworthy database outsourcing
paradigm, we proposed a dual spatial encryption system to provide the
end users the ability to perform query auditing and authenticating. Please see the research section for more details on these research problems and our approaches.
This research has been funded in part by NSF grants IIS-0742811 and CNS-0831505 (CyberTrust). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.