2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing
Enhancing Condentiality and Privacy of Outsourced
Spatial Data
Ayesha M. Talha Ibrahim Kamel
University of Sharjah University of Sharjah
Email: atalha@sharjah.ac.ae Email: kamel@sharjah.ac.ae
AbstractThe increase of spatial data has led organizations to
upload their data onto third-party service providers. Cloud com-
puting allows data owners to outsource their databases, eliminat-
ing the need for costly storage and computational resources. The
main challenge is maintaining data condentiality with respect
to untrusted parties as well as providing efcient and accurate
query results to the authenticated users. We propose a dual
transformation scheme on the spatial database to overcome this
problem, while the service provider executes queries and returns
results to the users. First, our approach utilizes the space-lling
Hilbert curve to map each spatial point in the multidimensional
space to a one-dimensional space. This space transformation
method is easy to compute and preserves the spatial proximity.
Next, the order-preserving encryption algorithm is applied to the
clustered data. The user issues spatial range queries to the service
provider on the encrypted Hilbert index and then uses a secret
key to decrypt the query response returned. This allows data
protection and reduces the query communication cost between
the user and service provider.
KeywordsSpatial Data, Outsourced Database, Space-Filling
Curves, Order-Preserving Encryption, Database Security
I. I NTRODUCTION
Cloud computing has gained wide popularity in recent
times due to its attractive features. Database outsourcing is
a common cloud computing paradigm that allows data owners
to take advantage of its on-demand storage and computational
resources [1]. For a small cost, organizations with limited
resources can outsource their large volumes of data to a third-
party service provider and utilize their dynamically-scalable
storage as well as computational power. However, the fact
remains that the data is controlled by an untrusted third-party
and this raises critical security issues such as condentiality
and privacy. Data condentiality requires that data is not
disclosed to untrusted users and data privacy assures that data
is not altered before being processed by the server.
Recently, mobile devices and navigational systems have
become exceedingly common and this has created the need
for location-based services (LBSs) of various kinds. This in
turn has led to an increase in spatial data which has to be
managed and maintained effectively. Numerous users require
LBSs on a daily basis and would like to issue spatial queries in
an anonymous manner with guaranteed results. Also, the real
spatial data owners do not want to reveal the data to the service
provider in order to maintain the privacy of the data. A scenario
of such an exchange is where a data owner outsources its data
to a service provider like Google Maps. In the process, the data
owner does not want to expose the sensitive information to
978-1-4673-9300-3/15 $31.00 2015 IEEE
DOI 10.1109/CSCloud.2015.39
Zaher Al Aghbari
University of Sharjah
Email: zaher@sharjah.ac.ae
the server. The authenticated users send queries to the service
provider for relevant information, but do not want to reveal
their location to the server.
Thus, one has to consider the following requirements
when outsourcing spatial databases in the cloud environment.
First, the database content should be kept hidden from the
service provider and malicious attackers. Naturally, there exists
a straightforward solution to protect data owners privacy:
The data owner can encrypt all spatial data points and send
only encrypted objects to the service provider without any
other information. During the query phase, an authorized user
retrieves all the encrypted data from the server, decrypts it and
searches for required data points. This would provide perfect
security, but clearly it cannot be used in real-time applications
as the resulting communication cost will be extremely high,
especially if only a small portion of the data is required.
Furthermore, the attractive features of the cloud environment
such as scalability are ignored.
Another important issue to resolve is the development
of efcient query processing techniques for encrypted data
at the server. Several specialized encryption techniques have
been proposed, such as the order-preserving encryption (OPE)
technique by Agrawal et al. [2]. OPE hides the original dis-
tance values while allowing simple comparisons to be correctly
evaluated at the SP. A relatively new encryption scheme is
the Fully Homomorphic Encryption [3] technique proposed by
Gentry et al., which enables direct computation on encrypted
data which is stored in the service providers in the cloud.
Different types of queries can be processed without decrypting
the data. However, all known homomorphic schemes are too
inefcient for use in practice and suffer from high performance
overhead [4].
Most existing approaches protect the outsourced data us-
ing spatial transformation schemes [5][8] or conventional
cryptographic techniques [9], [10]. However, to the best of
our knowledge, with most schemes there is a trade-off be-
tween data condentiality and efcient query processing. To
overcome these limitations, we propose a two-layer encoding
approach HELP (Hilbert-curve transformed Encrypted List of
Packets), where the spatial points are transformed and then,
an encryption technique is applied to the transformed spatial
space. The cloud architecture model comprises of 3 main
entities, namely the Data Owner (DO), Service Provider (SP)
and Authenticated User (AU).
The DO guarantees security by transforming and encrypt-
ing the spatial database before outsourcing to the SP. To
13
transform the 2-D spatial data points, the DO employs Hilbert
space-lling curve. The DO forms a list of packets dened by
the Hilbert cells. Next, this list is encrypted using the OPE
technique, which allows spatial range queries to be performed
at the SP without additional communication cost overhead.
Additionally, the DO provides the Hilbert transformation key
as well as the encryption key to the AUs. The keys are used by
the AU to issue encoded range queries to the SP. The query is
processed on the encrypted database at the SP and the results
are returned to the user. Lastly, the AU decrypts the query
response using the OPE key to obtain the actual result.
To analyze the security provided by the HELP scheme,
we assume that the SP is trustworthy and the AUs are honest.
However, there are malicious attackers lurking around, waiting
to eavesdrop and compromise the data condentiality and
query privacy provided by the server. In spatial database
outsourcing applications, the attackers have to be prevented
from gaining illegal access to the data. Thus, in our approach
HELP, security is guaranteed by the dual encoding technique.
We show that using both keys provides condentiality and
privacy against known attacks dened in the literature.
The remainder of the paper is organized as follows. In
the next section, we present some existing work in the liter-
ature. Section III focuses on the dual transformation scheme
using the Hilbert curve and the order-preserving encryption,
while Section IV presents the spatial range query phase, i.e.,
processing queries at the service provider. Next, Section V
covers a short analysis provided by our approach. Lastly,
experiments are conducted on two datasets, and the results
with comparative and evaluation measures are illustrated and
explained in Section VI, followed by conclusions in Section
VII.
II. R ELATED W ORK
Database outsourcing has become common in recent times
due to the large amount of spatial data available. The main
goal of existing work is to provide a high level of data
condentiality and query privacy. With the excessive use of
mobile devices and navigational systems with GPS, location-
based services (LBSs) have become widely popular in this
domain. Hacigumus et al. [11] were the rst to propose
the notion of outsourcing databases to a third-party service
provider.
In order to handle the security aws posed by outsourcing
databases, several prior works [11], [12] resolved the issue by
adding a middleware or tamper-proof device at the SP to ensure
security. This device assists in query processing by encrypting
and decrypting the transmitted messages. Assuming a trusted
device exists at the server, Damiani et al. [12] propose a fast
searchable encryption technique for the non-order preserving
AES [13] encryption. The database owners start by building
a B-tree over one-dimensional values and encrypt each record
at the node level to protect the data from the untrusted SP.
However, with numerous users, it is not practical to have an
individual device for every AU at the SP. To overcome this, Yiu
et al. [9] present a cryptographic-based transformation scheme
(CRT) for two-dimensional data to enhance the security of
spatial data. The DO uses the R -tree structure to index the
database and encrypts each node using the AES encryption.
14
Query processing requires multiple rounds based on the depth
of the R -tree between the user and server, thus increasing
the communication cost. The SP sends the encrypted root
node to the AU and the AU decrypts the node using the key.
The AU then requests the child node overlapping with the
query region till a leaf node with the data points is reached.
However, both the HELP and CRT indexes are built for static
data and therefore cannot handle dynamic updates. In case
of modications or additions, the indexes would have to be
rebuilt, encrypted and sent again to the SP.
Data transformation methods provide a stronger notion of
privacy despite being slightly more computationally intensive
due to the encoding and decoding operations. In another solu-
tion, the data owner encodes the database prior to transmitting
it to the service provider. An authorized user that possesses
the secret keys, issues an encoded query to the SP. Both the
database and the queries are not accessible by the SP and thus,
privacy is assured. The main idea is to provide the SP with
searching capabilities over the encoded data. Khoshgozaran et
al. [6] transform the points using the Hilbert mapping using
parameters such as curve order, scale, orientation, etc. as the
secret key. Their technique allows approximate search directly
on the transformed points.
Based on the current research in the eld [7], the Hilbert-
curve does not take the distribution of spatial points into
consideration when transforming the original space. In fact,
it divides the space using the same granularity and generates
Hilbert values to construct the Hilbert index. Tian et al. [8]
resolve this issue by proposing an index modication method
for the standard Hilbert curve, which compresses the null
value segments to improve the security of the Hilbert curve.
Moreover, they also formulate the privacy disclosure risk
metric to help analyze the security risks posed by space-lling
curves. Whereas in our approach HELP, we assign Hilbert
index values to each spatial point and then divide the points
into packets based on the packet size. We store the spatial
points in a packet list along with the starting and ending Hilbert
index of each packet.
Efcient query processing is a key requirement of LBSs for
the user and therefore database outsourcing techniques have to
achieve a low communication cost. This requires schemes that
encode the spatial data and query regions, and then processes
spatial range queries over the transformed data at the service
provider. Most of the existing techniques do not utilize the
computational power of the SP and thus, we plan to overcome
this shortcoming by performing efcient range queries on the
encrypted data at the server.
Khoshgozaran et al. [14] propose a system to maintain an
encrypted index on the server and efciently update it. The
system supports encrypted spatial queries, hence it is used to
offer proximity based services. However, the system requires
users to be organized in groups, with each group sharing a
secret key, and all the users in a group must trust each other.
Moreover, the queries are processed at the user-side and thus,
the AUs require secure communication with the untrusted SP.
In contrast to the approaches mentioned above, Hore et al.
[4] investigated the problem of supporting multidimensional
range queries on encrypted data, and proposed a solution based
on bucketization. The DO indexes the data and retains the
indexes, while sending the data to the SP. The scheme proves
to be inefcient as the buckets are not hierarchically structured
and this demands a linear search on the number of buckets.
Agrawal et al. [2] point out that bucketing is vulnerable to the
estimation attack, where the attacker can infer the approximate
values of the encrypted data. Motivated by this, they were the
rst ones to propose an order-preserving encryption scheme
for one-dimensional numeric data.
The OPE scheme in [2] allows the server to execute range
queries directly on the encrypted representation. While their
technique supports efcient processing of range queries at the
SP, it assumes that an attacker cannot stage a known plaintext
attack. Additionally, the rst formal study of security provided
by OPE schemes was conducted by Boldyreva et al. in [15].
In contrast, our approach supports the general case where an
attacker knows a sample of the data points as well as their
encrypted values (i.e. known-plaintext attack). Furthermore, in
our transformation scheme HELP, we utilize the more secure
OPE protocol proposed by Boldyreva et al. in [16].
III. S PACE T RANSFORMATION AND E NCRYPTION
To preserve the privacy of spatial data, we propose to hide
the original spatial data points in two-ways. First, we transform
the space by converting the 2-D points to 1-D using the Hilbert
Space Key [6]. Next, we encrypt the resulting Hilbert indices
and data points using an order-preserving encryption technique
[16]. Both the transformation key and the encryption key
are transmitted by the DO to the trusted AUs over a secure
communication channel using SSL without the need for any
costly tamper-resistant devices.
A. Hilbert Space-Filling Curve
Space-lling curves are used to map multidimensional
data to one-dimensional data where they pass through every
point in a given space. Since there is no natural order in a
multidimensional space with spatial points, a key requirement
of these continuous curves is that they should be able to
preserve the spatial proximity of the original space. The
mapping has to be distance-preserving such that points closer
in space are mapped onto nearby points on the curve. Also,
no two points in the space should be mapped to the same
point on the curve i.e. one-to-one. Curves such as Z-order,
Gray code and Hilbert curve can be distinguished based on
the order in which they traverse the data points. One of the
widely used curves is the Hilbert curve due to its superior clus-
tering properties [17], [18]. Fine-grained Hilbert curves can
be recursively constructed to achieve the desired granularity.
Since our motivating application is location security, we are
interested in two-dimensional space and therefore only deal
with 2-D Hilbert curves.
B. Hilbert Packet List Construction
The process starts with static spatial data points distributed
in the grid. Spatial points are traversed and indexed based
on the order in which they are visited by the curve. Next,
the points are assigned Hilbert cell index values based on the
curve. The grid is spanned according to the curve using the
Hilbert Space Key (HSK) [19]. The HSK = {x0 , y0 , , n},
where (x0 , y0 ) is the curves starting point, is the curves
15
orientation and n is the curve order. Based on the HSK, it is
possible for two or more points to have the same cell index
value in the curve.
Fig. 1. Hilbert Space Transformation and Encryption
The Hilbert Packet List (HPL) construction process at the
DO is as follows. Each spatial point in the space is assigned
a Hilbert cell index in the grid. Next, data points are stored in
packets based on their index value. Each packet is represented
as: Ps which is the starting Hilbert index for that packet, Pe
is the ending Hilbert index and Pc is a list of a xed number
of original spatial points in the packet. Ps and Pe represent
the location of the rst and last data points in the packet,
respectively. The Pc size is determined by c, the number of
points stored per packet.
For clarity, Figure 1 illustrates a simple example of the
proposed approach where the Hilbert curve order is 3 and Pc
size is 4. For the rst packet, the grid is spanned from Ps = 0
lling Pc for c points and Pe is the cell index of the cth object
in the packet. The rest of the HPL is lled in a similar manner
till all the points have been stored. The DO sends the HSK to
the AU for mapping the spatial range query to cell indices.
C. Order-Preserving Encryption
To add another layer of privacy to the spatial data, the
DO encrypts the HPL before sending it to the SP since it
is not a trusted entity. This protects the sensitive data from
being leaked by the SP (i.e. to third-party vendors). The
SP should not have the ability to decrypt the data. For our
approach HELP, we utilize a relatively more efcient and
secure implementation of Agrawal et al.s [2] order-preserving
encryption (OPE) scheme proposed by Boldyreva et al. [16],
which allows range queries to be evaluated on the numeric
data ensuring that the order of plaintext data is preserved in the
ciphertext domain. They allow efcient access to the encrypted
data by maintaining a set of indexes for simple operations such
as, comparisons between numeric values in a spatial range
query. Additionally, the DO sends the OPE key to the AU for
decrypting the query results returned by the SP.
D. Attack Model
The key requirements of a secure database outsourcing
scheme demand that: 1) data condentiality is maintained on
the server and 2) queries are efciently processed by the SP
and results are returned to the user without any alteration.
Since our approach provides a dual layer of security, we
analyze the security of the Hilbert space-lling curve based on
the brute-force attack and the location approximation attack.
Furthermore, the popular known-plaintext attack for the order-
preserving encryption is presented.
 1) Brute-Force Attack: If an attacker is aware of the
space-transformation technique used (i.e. Hilbert curve in our
method), as well as a subset of the original spatial data points
along with their transformed Hilbert cell values, the attacker
can determine the key of the transformation technique. The
study by [6] suggests that it is infeasible for a malicious
adversary to infer the exact transformation key being used.
2) Location Approximation Attack: The spatial data points
are stored along with their indices in the HPL. Each packet
in the HPL (cf. Figure 1) consists of the starting Hilbert
index, ending Hilbert index and the set of points in that range.
The encrypted HPL is stored at the SP. The security of the
Hilbert space transformation can be exposed if the attacker can
gather limited background knowledge about the data without
the HSK. We assume that the passive attacker has: 1) a subset
of the original spatial points, S SD, as well as the 2)
corresponding subset of their Hilbert index ranges in the HPL,
S  R. Thus, the attacker can try to approximate the original
locations of the spatial points in SD S by making use of
Hilbert index ranges in R S  , but not knowing the actual
Hilbert index value of the point.
3) Known-Plaintext Attack: The attacker is required to
obtain the plaintexts for the encrypted data. Order-preserving
encryption schemes are deterministic such that they ensure
that the numerical ordering of plaintext data is preserved in
the ciphertext domain. The one-wayness property of encryp-
tion was proven to hold by Boldyreva et al. in [16], where
the adversary is unable to invert the encryption without the
knowledge of the key. But the adversary may be able to gain
information about the order of encrypted values revealed by the
OPE scheme and predict the plaintext values (i.e. if (p1 , c1 ) and
(p2 , c2 ) are known for p1 < p2 and no other known plaintext-
ciphertext pairs occur between these two). The more plaintext
and ciphertext pairs known by the adversary, the weaker the
security provided by OPE.
IV. S PATIAL R ANGE Q UERY
Our approach deals with two-dimensional spatial range
queries due to their popularity. When a query request is
initiated by the AU, the range query is converted to a set of
1-D numbers, and this includes all Hilbert cells that partially
or completely overlap with the query region. Since some of
these cells only partially overlap with the query, the set of
indices might retrieve extra data points (i.e. false positives) in
the query response. The SP is responsible for processing the
query request. The data points in the original space are encoded
and their Hilbert cell values are stored in the HPL, which is
then encrypted and stored at the SP. Figure 2 shows the range
query process on the example given in Figure 1. Given the
coordinates of opposite corner points of a range query, the
AU converts the query into a set of Hilbert cell values that
belong to the region. The mapping of a query is made possible
using the HSK provided by the DO, without any knowledge
of the original space distribution. Next, the AU encrypts the
query request using the OPE key and then sends it to the
SP. In Figure 2, the values sent correspond to the last two
packets of the HPL. The SP makes simple comparisons over
the encrypted HPL given the encrypted Hilbert cell indices and
returns the relevant encrypted Pc s to the AU. Even though
eight data points (i j k l m n o p) are returned, only four
16
points (l m n o) are contained in the query area (cf. Figure
1). The AU then decrypts the retrieved data points using the
OPE key and generates the actual query response.
Algorithm 1 shows the complete spatial range query pro-
cedure. Lines 1 5 list the process at the AU. First, the query
region is converted into a set of Hilbert cell values (Line 1).
Next, this set of values is encrypted using the OPE key and sent
to the SP. Lines 613 represent the processing at the SP side.
Each Hilbert cell value is checked to see if it belongs within
the start and end range of the packet. The packet contents
are added to the query response if the packet qualies (Lines
8 9). Lastly, the result is returned to the AU.
Fig. 2. Spatial Range Query Execution
Algorithm 1 Spatial Range Query
Input: [(cx0 , cy0 ), (cx1 , cy1 )]: opposite corners of Query
Region
Output: Result: Spatial data points covered by the query
response
1) QR = using (cx0 , cy0 ) and (cx1 , cy1 ), obtain cells
contained in query
2) Hilbert Cell Indices = {}
3) for all (c QR)
4) Hilbert Cell Indices = Hilbert Cell Indices
(encrypted) computed Hilbert Cell Index of c
5) end for
6) for all (P HPL)
7) while (Hilbert Cell Indices Ps )
8) if (Hilbert Cell Indices [Ps , Pe ])
9) Result = Result Pc
10) end if
11) end while
12) end for
13) Return Result to AU
V. S ECURITY A NALYSIS
Before showing the experimental results, we rst analyze
the security of our transformation and encryption scheme.
Having described the attack model in Section III-D, here we
quantify the attackers background knowledge and empirically
measure the security of the Hilbert-curve and the order-
preserving encryption.
A. Hilbert Packet List
Starting with the brute-force attack, the attackers entire
search space will have 2b 2b 2b elements for x0 , y0 and .
Let us denote the number of possibilities for the curve order n
as N . Since N  2b , the complexity of the brute-force attack
to nd the transformation key is O(23b ), where b is the number of 123, 593 points. The datasets are obtained from [20]. We
of bits used to represent each parameter in the HSK. Choosing normalize the domain of each dataset to the unit square [0, 1]2 .
a large enough value for b will make the Hilbert mapping
irreversible. To accurately nd the curves starting point, it B. Index Construction Time
should lie on the intersection of two edges. Using b bits for
each x0 and y0 , the attacker can generate 2b values on each
axis and this will require an exhaustive search over the grid.
Likewise, for the curve orientation, the entire continuous 360
space should be discretized to generate 2b values. Assuming
that b is chosen to be 16 bits, the resulting complexity of
nding the HSK parameters would be O(2316 ) for different
possibilities of the curve order n.
For the location approximation attack, the estimation will
simply reveal the Hilbert index range of the spatial point
and not the Hilbert index value itself. The Hilbert start and
end ranges in each HPL tuple are determined by the packet
size value, c. Moreover, in the transformed Hilbert space, Fig. 3. Dataset vs. Index Construction Time (s)
the distance between original points and transformed index
range values is not proportional. We can measure the privacy Figure 3 shows the amount of time it takes to build the
disclosure risk (PDR) of the Hilbert curve using the denition index with the proposed approach for both datasets and a
provided in [8]. For any given dataset, we compute the PDR as comparison with the CRT technique is also done. In HELP,
follows: 1/N T , where N T = totalSpatialP oints/c denotes we rst build the HPL using the HSK and encrypt it using
the number of tuples in the HPL. Based on the selected the OPE key. While in the CRT, the R -tree index structure
packet size and curve order shown in the experimental analysis is built and encrypted using AES [13]. For either approach,
(Section VI), the resulting PDR is low such that P DR  the construction trend for both datasets is quite identical. The
c/totalSpatialP oints. proposed HELP shows better performance as it can be built
in approximately 5% of the time it takes to construct the R -
In the worst-case, if the HPL packet encrypted using OPE tree for both OL and NE. However, both the HELP and CRT
is decrypted, the adversary can only determine the range of indexes are built for static data and therefore cannot handle
Hilbert Cells the spatial point belongs to and not the exact point dynamic updates. In case of modications or additions, the
location. Thus, this proves that the proposed HELP approach indexes would have to be rebuilt, encrypted and sent again to
is secure from attackers. the service provider.
B. Order-Preserving Encryption C. Packet Size
When the adversary knows a certain number of plaintext-
ciphertext pairs, the scheme splits the plaintext and ciphertext
spaces into subspaces. On each subspace, the analysis under
each one-wayness denition reduces to that of the random
order-preserving function (ROPF) domain and range of the
subspace. Boldyreva et al. [16] show that the attacker cannot
forward-evaluate ROPF since that would require knowledge
of the OPE key. For their analysis to apply to our approach,
the ciphertext space must be at least twice the size of the
plaintext space. Thus, in the OPE approach adapted by the
HELP scheme, the OPE parameters are chosen in such a way
that subspaces are unlikely to violate this condition.
Fig. 4. Packet Size vs. Redundant Data (%)
VI. E XPERIMENTAL R ESULTS
We have conducted several experiments to evaluate the The value of packet size (c), which is the number of
performance of the proposed approach. Moreover, we empir- data points per packet, dictates how the HPL is built. An
ically compare the HELP technique with the Cryptographic optimal value thus reduces the amount of redundant data points
Transformation (CRT) method proposed by Yiu et al. [9]. transmitted. Figure 4 shows the effect of the packet size on
Experiments were performed on an Intel Core i7-3770 CPU the data redundancy for different query sizes. The redundant
@ 3.40 GHz with 16 GB of RAM running the 64-bit Ubuntu data percentage is given with respect to the total amount of
operating system and are implemented in C++. data returned. We vary the packet size values from 5 to 25 for
spatial range query sizes 1%, 2% and 5%, where the query size
is measured as a % of the domain space extent. Using HELP,
A. Datasets
the amount of redundant data returned stops uctuating when
Our experiments are performed on two real-world spatial packet size, c = 20 . The experiments were performed on
datasets: (1) City of Oldenburg (OL) Road Network compris- the NE dataset and a similar trend was observed for the OL
ing of 6, 104 points and (2) North East USA (NE) consisting dataset.

17
D. Range Query Communication Cost
Fig. 5. Query Size vs. Communication Cost (KBytes)
In this experiment, we generate random spatial range
queries of varying sizes and measure the amount of data (i.e.
communication cost in Kilobytes) entailed in this exchange
between the service provider and authenticated user. The
communication cost includes: 1) the AU transforms the query
region into a set of Hilbert index values using the HSK and
transmits these to the server, 2) the SP searches the HPL for
corresponding spatial points and returns the encrypted result.
We experiment with query sizes ranging from 0.005% to 0.1%,
where each range query is a randomly distributed region in
the normalized domain space. We represent each Hilbert index
value by 4 bytes and each spatial point in double precision with
16 bytes. Figure 5 shows the resulting average communication
cost for the NE over 100 query runs for 5 varying query sizes.
It is clear that the communication cost increases linearly as
the query size increases due to the increase in number of
points returned. The OL dataset results in a similar trend.
We compare our HELP approach with the CRT technique and
demonstrate that our method is at least twice as fast. Moreover,
for query sizes greater than 0.05%, there is a sharp increase in
the communication cost of CRT due to the amount of messages
transferred between the user and server, which is dominated
by the depth of the R -tree utilized. This is due to the fact
that in CRT, the query is processed at both the user and server
side, whereas in HELP, the SP processes the query and returns
the result to the AU.
VII. C ONCLUSION
Database outsourcing is a popular paradigm of cloud com-
puting. Cloud computing virtualizes storage and computing
resources at the server and provides data to trusted users. In
this work, we are trying to achieve a balance between data con-
dentiality at the server and integrity of query results returned.
We propose to transform the spatial database by applying the
Hilbert-curve with the Hilbert Space Key. Next, we make it
more secure by applying the order-preserving encryption to the
transformed data. We dene several attack models and show
that our scheme provides strong security against them. Lastly,
we perform experiments and demonstrate that our HELP
approach is superior to the existing cryptographic approaches.
Thus, we conclude that our dual transformation method not
only protects the data but also enables the authenticated users
to retrieve spatial range query responses efciently.
18
R EFERENCES
[1] Z. Xiao and Y. Xiao, Security and privacy in cloud computing, IEEE
Communications Surveys & Tutorials,, vol. 15, no. 2, pp. 843859,
2013.
[2] R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, Order preserving
encryption for numeric data, in Proceedings of the 2004 ACM SIGMOD
international conference on Management of data. ACM, 2004, pp.
563574.
[3] C. Gentry et al., Fully homomorphic encryption using ideal lattices.
in STOC, vol. 9, 2009, pp. 169178.
[4] B. Hore, S. Mehrotra, M. Canim, and M. Kantarcioglu, Secure multidi-
mensional range queries over outsourced data, The VLDB JournalThe
International Journal on Very Large Data Bases, vol. 21, no. 3, pp.
333358, 2012.
[5] J. K. Lawder and P. J. H. King, Querying multi-dimensional data
indexed using the Hilbert space-lling curve, ACM Sigmod Record,
vol. 30, no. 1, pp. 1924, 2001.
[6] A. Khoshgozaran and C. Shahabi, Blind evaluation of nearest neighbor
queries using space transformation to preserve location privacy, in
Advances in Spatial and Temporal Databases. Springer, 2007, pp.
239257.
[7] W.-S. Ku, L. Hu, C. Shahabi, and H. Wang, A query integrity assurance
scheme for accessing outsourced spatial databases, Geoinformatica,
vol. 17, no. 1, pp. 97124, 2013.
[8] F. Tian, X. Gui, P. Yang, X. Zhang, and J. Yang, Security analysis for
Hilbert curve based spatial data privacy-preserving method, in 2013
IEEE 10th International Conference on High Performance Computing
and Communications & 2013 IEEE International Conference on Em-
bedded and Ubiquitous Computing. IEEE, 2013, pp. 929934.
[9] M. L. Yiu, G. Ghinita, C. S. Jensen, and P. Kalnis, Enabling search
services on outsourced private spatial data, The VLDB Journal, vol. 19,
no. 3, pp. 363384, 2010.
[10] P. Wang and C. V. Ravishankar, Secure and efcient range queries on
outsourced databases using R-trees, in 2013 IEEE 29th International
Conference on Data Engineering (ICDE). IEEE, 2013, pp. 314325.
[11] H. Hacigumus, B. Iyer, and S. Mehrotra, Providing database as a
service, in 18th International Conference on Data Engineering, 2002.
Proceedings. IEEE, 2002, pp. 2938.
[12] E. Damiani, S. Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati,
Balancing condentiality and efciency in untrusted relational dbmss,
in Proceedings of the 10th ACM conference on Computer and Commu-
nications Security. ACM, 2003, pp. 93102.
[13] N. F. Pub, 197: Advanced Encryption Standard (AES), Federal
Information Processing Standards Publication, vol. 197, pp. 4410311,
2001.
[14] A. Khoshgozaran and C. Shahabi, Private Buddy Search: Enabling
private spatial queries in social networks, in International Conference
on Computational Science and Engineering, 2009 (CSE09)., vol. 4.
IEEE, 2009, pp. 166173.
[15] A. Boldyreva, N. Chenette, Y. Lee, and A. ONeill, Order-preserving
symmetric encryption, in Advances in Cryptology-EUROCRYPT 2009.
Springer, 2009, pp. 224241.
[16] A. Boldyreva, N. Chenette, and A. ONeill, Order-preserving encryp-
tion revisited: Improved security analysis and alternative solutions, in
Advances in CryptologyCRYPTO 2011. Springer, 2011, pp. 578595.
[17] B. Moon, H. V. Jagadish, C. Faloutsos, and J. H. Saltz, Analysis
of the clustering properties of the Hilbert space-lling curve, IEEE
Transactions on Knowledge and Data Engineering,, vol. 13, no. 1, pp.
124141, 2001.
[18] M. F. Mokbel, W. G. Aref, and I. Kamel, Analysis of multi-dimensional
space-lling curves, GeoInformatica, vol. 7, no. 3, pp. 179209, 2003.
[19] W.-S. Ku, L. Hu, C. Shahabi, and H. Wang, Query integrity assurance
of location-based services accessing outsourced spatial databases, in
Advances in Spatial and Temporal Databases. Springer, 2009, pp.
8097.
[20] Real spatial datasets, http://www.cs.fsu.edu/ lifeifei/SpatialDataset.htm.