a hybrid technique for private location-based queries with database protection gabriel ghinita 1...
TRANSCRIPT
![Page 1: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/1.jpg)
A Hybrid Technique for Private Location-Based Queries with
Database Protection
Gabriel Ghinita1 Panos Kalnis2
Murat Kantarcioglu3 Elisa Bertino1
1 Purdue University2 KAUST University
3 UT Dallas
![Page 2: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/2.jpg)
3
Location-Based Services (LBS) LBS users
Mobile devices with GPS capabilities
Spatial Queries E.g., NN Queries Location server is NOT trusted
“Find closest hospital to my present location”
Problem Statement:
How to protect the
identity and location
of the query source?
![Page 3: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/3.jpg)
4
Spatial Cloaking Privacy through Cloaking Regions (CRs)
Spatial Anonymity (e.g., CliqueCloak, Casper) Spatial Diversity (PROBE)
![Page 4: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/4.jpg)
6
Private Information Retrieval (PIR)
Computationally hard to find i from q(i) Bob can easily find Xi from r (trap-door)
![Page 5: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/5.jpg)
7
PIR Protocol for Binary Data
0 1 01
1 1 01
0 1 01
0 1 11
a
b
Get X10
a=2, b=3, N=35
QNR={3,12,13,17,27,33}
QR={1,4,9,11,16,29}
4 16 17 33
QNR
z 4
z 3
z 2
z 1
z2=QNR => X10=1
z2=QR => X10=0
4
1)1(4
jjiji yXz
[KO97 ]E. Kushilevitz and R. Ostrovsky. Replication is NOT needed: Single database, computationally-private
information retrieval. In IEEE Symposium on Foundations of Computer Science, pages 364–373, 1997.
X10
27
3
27
16
![Page 6: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/6.jpg)
8
Approximate Nearest Neighbor
Data organized as a square matrix Each column corresponds to index leaf An entire leaf is retrieved – the closest to the user
p4 p6
p5 p8
p1
p2
p7 p9 p3u
![Page 7: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/7.jpg)
9
Motivation Spatial Cloaking
Cheap, but vulnerable
PIR Secure, but expensive
Severe disclosure of POI information O(|D|), O(√|D|), respectively
![Page 8: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/8.jpg)
10
Hybrid Approach Overview
Apply PIR to a dynamic window Hide enclosure relationship Minimize leaf fragmentation
Dataspace
CR
POI Index
a b c d e f Leaf Nodes
CR
a b c
PIR Matrix
![Page 9: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/9.jpg)
11
Homomorphic Encryption (Paillier) plaintext space E[m1] * E[m2] = E[m1+m2] (mod N2) E[m]r = E[r*m] (mod N2)
Protocol to determine privately sign(b-a) Paillier encryption + random blinding
Private Point-Rectangle Enclosure
NΖ
![Page 10: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/10.jpg)
12
Private Evaluation of (b-a)
|a-b|<M, M << N
A: m1= N-a --- E[m1] -->
B: m2= b
<-- E[m1+m2] ---
A: res= D[E[m1+m2]]
0 N-1M N-M
a ≤ b a > b
res:
![Page 11: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/11.jpg)
13
Private Evaluation of sign(b-a)
|a-b|<M, M << N, r < M/N
A: m1= N-a --- E[m1] -->
B: m2= b
<-- E[m1+m2]^r ---
A: res= D[E[m1+m2]]
0 N-1M N-M
a ≤ b a > b
res:
N/2
![Page 12: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/12.jpg)
14
Fragmentation-aware Indexing
Assume Disclosure Threshold is 3 Median SplitOur Approach
![Page 13: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/13.jpg)
15
Experimental Settings Datasets
Sequoia dataset: 62K POI
Modulus up to 1280 bits
P4, 2.8GHz CPU
![Page 14: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/14.jpg)
16
POI Disclosure
![Page 15: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/15.jpg)
17
Execution Time
![Page 16: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/16.jpg)
18
Communication Overhead
![Page 17: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/17.jpg)
19
Conclusions Hybrid LBS privacy
Limit the amount of POI disclosure Reduce processing overhead
Future work Support more complex types of queries
Apply fully homomorphic functions Investigate less costly PIR protocols
![Page 18: A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1](https://reader035.vdocument.in/reader035/viewer/2022062805/5697bfc31a28abf838ca52b4/html5/thumbnails/18.jpg)
27
Spatial Cloaking Privacy through Cloaking Regions (CRs)
Spatial Anonymity (e.g., CliqueCloak, Casper) Spatial Diversity (PROBE)