, Volume 17, Issue 1, pp 97–124 | Cite as

A query integrity assurance scheme for accessing outsourced spatial databases

  • Wei-Shinn KuEmail author
  • Ling Hu
  • Cyrus Shahabi
  • Haixun Wang


With the trend of cloud computing, outsourcing databases to third party service providers is becoming a common practice for data owners to decrease the cost of managing and maintaining databases in-house. In conjunction, due to the popularity of location-based-services (LBS), the need for spatial data (e.g., gazetteers, vector data) is increasing dramatically. Consequently, there is a noticeably new tendency of outsourcing spatial datasets by data collectors. Two main challenges with outsourcing datasets are to keep the data private (from the data provider) and to ensure the integrity of the query result (for the clients). Unfortunately, most of the techniques proposed for privacy and integrity do not extend to spatial data in a straightforward manner. Hence, recent studies proposed various techniques to support either privacy or integrity (but not both) on spatial datasets. In this paper, for the first time, we propose a technique that can ensure both privacy and integrity for outsourced spatial data. In particular, we first use a one-way spatial transformation method based on Hilbert curves, which encrypts the spatial data before outsourcing and, hence, ensures its privacy. Next, by probabilistically replicating a portion of the data and encrypting it with a different encryption key, we devise a technique for the client to audit the trustworthiness of the query results. We show the applicability of our approach for both k-nearest-neighbor queries and spatial range queries, which are the building blocks of any LBS application. We also design solutions to guarantee the freshness of outsourced spatial databases. Finally, we evaluate the validity and performance of our algorithms with security analyses and extensive simulations.


Outsourcing Privacy Query integrity Spatial databases 



This research has been funded in part by the US National Science Foundation (NSF) grants IIS-0238560 (PECASE), IIS-0534761, IIS-0742811, CNS-0831502 (CT), and CNS-0831505 (CT), CNS-0855251 (CRI), UT-Battelle grant (UT-B-4000087151), and in part from the METRANS Transportation Center, under grants from USDOT and Caltrans. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.


  1. 1.
    Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order-preserving encryption for numeric data. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 563–574Google Scholar
  2. 2.
    Butz AR (1971) Alternative algorithm for Hilbert’s space-filling curve. IEEE Trans Comput 20(4):424–426CrossRefGoogle Scholar
  3. 3.
    Cachin C, Schunter M (2011) A cloud you can trust. IEEE Spectrum 48(12):28–51CrossRefGoogle Scholar
  4. 4.
    Devanbu PT, Gertz M, Martel CU, Stubblebine SG (2000) Authentic third-party data publication. In: Proceedings of the 14th annual working conference on Database Security (DBSec), pp 101–112Google Scholar
  5. 5.
    Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654CrossRefGoogle Scholar
  6. 6.
    Dolan B (2011) 10 reasons why Google Health failed. Mobihealth NewsGoogle Scholar
  7. 7.
    Ferdowsi A (2011) Yesterday’s Authentication Bug. Accessed 5 Mar 2012
  8. 8.
    Ghinita G, Kalnis P, Skiadopoulos S (2007) Prive: anonymous location-based queries in distributed mobile systems. In: WWW, pp 371–380Google Scholar
  9. 9.
    Hacigümüs H, Iyer BR, Li C, Mehrotra S (2002) Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 216–227Google Scholar
  10. 10.
    Hacigümüs H, Mehrotra S, Iyer BR (2002) Providing database as a service. In: Proceedings of the 18th International Conference on Data Engineering (ICDE), p 29Google Scholar
  11. 11.
    Hilbert D (1891) Ueber die stetige Abbildung einer Linie auf ein Flchenstck. Math Ann 38:459–460CrossRefGoogle Scholar
  12. 12.
    Jagadish HV (1990) Linear clustering of objects with multiple atributes. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 332–342Google Scholar
  13. 13.
    Khoshgozaran A, Shahabi C (2007) Blind evaluation of nearest neighbor queries using space transformation to preserve location privacy. In: Proceedings of the 10th international Symposium on Spatial and Temporal Databases (SSTD), pp 239–257Google Scholar
  14. 14.
    Ku W-S, Hu L, Shahabi C, Wang H (2009) Query integrity assurance of location-based services accessing outsourced spatial databases. In: Proceedings of the 11th international Symposium on Spatial and Temporal Databases (SSTD), pp 80–97Google Scholar
  15. 15.
    Ku W-S, Zimmermann R, Wang H (2007) Location-based spatial queries with data sharing in wireless broadcast environments. In: ICDE, pp 1355–1359Google Scholar
  16. 16.
    Ku W-S, Zimmermann R, Wang H (2008) Location-based spatial query processing in wireless broadcast environments. IEEE Trans Mob Comput 7(6):778–791CrossRefGoogle Scholar
  17. 17.
    Lawder JK, King PJH (2001) Querying multi-dimensional data indexed using the Hilbert space-filling curve. SIGMOD Record 30(1):19–24CrossRefGoogle Scholar
  18. 18.
    Merkle RC (1989) A certified digital signature. In: Proceedings of the 9th annual international cryptology conference (CRYPTO), pp 218–238Google Scholar
  19. 19.
    Moon B, Jagadish HV, Faloutsos C, Saltz JH (2001) Analysis of the clustering properties of the Hilbert space-filling curve. IEEE Trans Knowl Data Eng 13(1):124–141CrossRefGoogle Scholar
  20. 20.
    Mouratidis K, Sacharidis D, Pang H (2009) Partially materialized digest scheme: an efficient verification method for outsourced databases. VLDB J 18(1):363–381CrossRefGoogle Scholar
  21. 21.
    Mykletun E, Narasimha M, Tsudik G (2004) Authentication and integrity in outsourced databases. In: Proceedings of the Network and Distributed System Security Symposium (NDSS)Google Scholar
  22. 22.
    Orenstein JA (1986) Spatial query processing in an object-oriented database system. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 326–336Google Scholar
  23. 23.
    Pang H, Jain A, Ramamritham K, Tan K-L (2005) Verifying completeness of relational query results in data publishing. In: Proceedings of the ACM SIGMOD international conference on management of data, pp 407–418Google Scholar
  24. 24.
    Pang H, Zhang J, Mouratidis K (2009) Scalable verification for outsourced dynamic databases. Proceedings of the VLDB Endowment (PVLDB) 2(1):802–813Google Scholar
  25. 25.
    Papadopoulos S, Papadias D, Cheng W, Tan K-L (2009) Separating authentication from query execution in outsourced databases. In: Proceedings of the 25th International Conference on Data Engineering (ICDE)Google Scholar
  26. 26.
    PlayStation Network hack: why it took Sony seven days to tell the world (2011) Accessed 5 Mar 2012
  27. 27.
    Schneier B (1994) Description of a new variable-length key, 64-bit block cipher (Blowfish). In: Fast Software Encryption, Cambridge Security Workshop, pp 191–204. Springer, London, UKCrossRefGoogle Scholar
  28. 28.
    Schneier B (1996) Applied cryptography (2nd ed). Protocols, algorithms, and source code in C. Wiley, New York, NY, USAGoogle Scholar
  29. 29.
    Sion R (2005) Query execution assurance for outsourced databases. In: Proceedings of the 31st international conference on Very Large Data Bases (VLDB), pp 601–612Google Scholar
  30. 30.
    Sommerville I (2006) Software engineering (8th edn). Addison WesleyGoogle Scholar
  31. 31.
    Wang H, Yin J, Perng C-S, Yu PS (2008) Dual encryption for query integrity assurance. In: Proceedings of the 17th ACM Conference on Information and Knowledge Management (CIKM), pp 863–872Google Scholar
  32. 32.
    Xie M, Wang H, Yin J, Meng X (2008) Providing freshness guarantees for outsourced databases. In: Proceedings of the 11th international conference on Extending Database Technology (EDBT), pp 323–332Google Scholar
  33. 33.
    Yang Y, Papadopoulos S, Papadias D, Kollios G (2008) Spatial outsourcing for location-based services. In: Proceedings of the 24th International Conference on Data Engineering (ICDE), pp 1082–1091Google Scholar
  34. 34.
    Yiu ML, Ghinita G, Jensen CS, Kalnis P (2009) Outsourcing of private spatial data for search services. In: Proceedings of the 25th International Conference on Data Engineering (ICDE)Google Scholar
  35. 35.
    Yiu ML, Ghinita G, Jensen CS, Kalnis P (2010) Enabling search services on outsourced private spatial data. VLDB J 19(3):363–384CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2012

Authors and Affiliations

  • Wei-Shinn Ku
    • 1
    Email author
  • Ling Hu
    • 2
  • Cyrus Shahabi
    • 2
  • Haixun Wang
    • 3
  1. 1.Department of Computer Science and Software EngineeringAuburn UniversityAuburnUSA
  2. 2.Computer Science DepartmentUniversity of Southern CaliforniaLos AngelesUSA
  3. 3.Microsoft Research AsiaBeijing Sigma CenterBeijingChina

Personalised recommendations