Journal of KIISE (정보과학회 논문지)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지
DOI QR코드

DOI QR Code

kNN Query Processing Algorithm based on the Encrypted Index for Hiding Data Access Patterns

데이터 접근 패턴 은닉을 지원하는 암호화 인덱스 기반 kNN 질의처리 알고리즘

  • Received : 2016.05.16
  • Accepted : 2016.10.01
  • Published : 2016.12.15
⟨ Previous Next ⟩

Abstract

In outsourced databases, the cloud provides an authorized user with querying services on the outsourced database. However, sensitive data, such as financial or medical records, should be encrypted before being outsourced to the cloud. Meanwhile, k-Nearest Neighbor (kNN) query is the typical query type which is widely used in many fields and the result of the kNN query is closely related to the interest and preference of the user. Therefore, studies on secure kNN query processing algorithms that preserve both the data privacy and the query privacy have been proposed. However, existing algorithms either suffer from high computation cost or leak data access patterns because retrieved index nodes and query results are disclosed. To solve these problems, in this paper we propose a new kNN query processing algorithm on the encrypted database. Our algorithm preserves both data privacy and query privacy. It also hides data access patterns while supporting efficient query processing. To achieve this, we devise an encrypted index search scheme which can perform data filtering without revealing data access patterns. Through the performance analysis, we verify that our proposed algorithm shows better performance than the existing algorithms in terms of query processing times.

데이터베이스 아웃소싱 환경에서, 클라우드는 인증된 사용자에게 아웃소싱된 데이터베이스를 기반으로 질의 서비스를 제공한다. 그러나 금융, 의료 정보와 같은 민감한 데이터는 클라우드에 아웃소싱 되기 전에 암호화되어야 한다. 한편, kNN 질의는 다양한 분야에서 폭넓게 사용되는 대표적인 질의 타입이며, kNN 질의 결과는 사용자의 관심사 및 선호도와 밀접하게 연관된다. 따라서 데이터 보호와 질의 보호를 동시에 고려하는 kNN 질의 처리 알고리즘에 대한 연구가 진행되어 왔다. 그러나 기존 연구는 높은 연산 비용이 요구되거나, 탐색한 인덱스의 노드 및 반환된 질의 결과가 드러나기 때문에 데이터 접근 패턴이 노출되는 문제점이 존재한다. 이러한 문제를 해결하기 위해 본 논문에서는 암호화 데이터베이스 상에서의 kNN 질의처리 알고리즘을 제안한다. 제안하는 알고리즘은 데이터 보호 및 질의 보호를 지원한다. 또한, 제안하는 알고리즘은 데이터 접근 패턴을 보호하는 동시에 효율적인 질의처리를 지원한다. 이를 위해, 데이터 접근 패턴 노출 없이 데이터 필터링을 지원하는 암호화 인덱스 탐색 기법을 제안한다. 성능 분석을 통해, 제안하는 알고리즘이 기존 기법에 비해 질의처리 시간 측면에서 우수한 성능을 보임을 검증한다.

Keywords

Acknowledgement

Grant : 대규모 트랜잭션 처리와 실시간 복합 분석을 통합한 일체형 엔지니어링 기술 개발

Supported by : 한국연구재단, 정보통신기술진흥센터

References

  1. A. Gutscher, "Coordinate transformation - a solution for the privacy problem of location based services?," Proc. of the 20th IPDPS, pp. 354, 2006.
  2. W. K. Wong, D. W. Cheung, B. Kao, and N. Mamoulis, "Secure knn computation on encrypted databases," Proc. of the SIGMOD, pp. 139-152, 2009.
  3. M. L. Yiu, G. Ghinita, C. S. Jensen and P. Kalnis, "Enabling Search Services on Outsourced Private Spatial Data," The VLDB Journal, Vol. 19, No. 3, pp 363-384, Oct. 2010. https://doi.org/10.1007/s00778-009-0169-7
  4. A. Boldyreva, N. Chenette, and A. O'Neill, "Orderpreserving encryption revisited: Improved security analysis and alternative solutions," CRYPTO, LNCS, Vol. 6841, pp. 578-595, Aug. 2011.
  5. H. Kim, S. Hong, and J. Chang, "Hilbert curvebased cryptographic transformation scheme for spatial query processing on outsourced private data," Data & Knowledge Engineering, Vol. 104, pp. 32-44, Jul. 2015.
  6. P. Paillier, "Public-key cryptosystems based on composite degree residuosity classes," EUROCRYPT, LNCS, Vol. 1592, pp. 223-238, Apr. 1999.
  7. J. Domingo-Ferrer, "A provably secure additive and multiplicative privacy homomorphism," ISC, LNCS, Vol. 2433, pp. 471-483, Sep. 2002.
  8. D. Boneh and B. Waters, "Conjunctive, Subset, and Range Queries on Encrypted Data," Theory of cryptography, LNCS, Vol. 4392, pp. 535-554, Feb. 2007.
  9. A. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill, "Order-preserving symmetric encryption," EUROCRYPT, LNCS, Vol. 5479, pp. 224-241, Apr. 2009.
  10. H. Hu, J. Xu, C. Ren, and B. Choi, "Processing private queries over untrusted data cloud through privacy homomorphism," Proc. of the 27th ICDE, pp. 601-612, 2011.
  11. B. Wang, Y. Hou, M. Li, H. Wang, and H. Li, "Maple: scalable multi-dimensional range search over encrypted cloud data with tree-based index," Proc. of the 9th ACM symposium on Information, computer and communications security, pp. 111-122, 2014.
  12. Y. Elmehdwi, B. K. Samanthula, and W. Jiang, "Secure k-nearest neighbor query over encrypted data in outsourced environments," Proc. of the 30th ICDE, pp. 664-675, 2014.
  13. P. Wang and C. V. Ravishankar, "Secure and efficient range queries on outsourced databases using R-trees," Proc. of the 29th ICDE, pp. 314-325, 2013.
  14. M. Burkhart and X. Dimitropoulos, "Fast privacypreserving top-k queries using secret sharing," Proc. of the 19th ICCCN, pp. 1-7, 2010.
  15. B. Hore, S. Mehrotra, M. Canim, and M. Kantarcioglu, "Secure multidimensional range queries over outsourced data," The VLDB Journal, Vol. 21, No. 3, pp. 333-358, Jun. 2012. https://doi.org/10.1007/s00778-011-0245-7
  16. J. Vaidya, and C. W. Clifton, "Privacy-preserving kth element score over vertically partitioned data," TKDE, IEEE, Vol. 21, No. 2, pp. 253-258, Feb. 2009.
  17. Y. Zhu, R. Xu, and T. Takagi, "Secure k-nn computation on encrypted cloud data without sharing key with query users," Proc. of the 2013 international workshop on Security in Cloud Computing, pp. 55-60. 2013.
  18. A. C. Yao, "How to Generate and Exchange Secrets," Proc. of the 27th IEEE Symposium on Foundations of Computer Science, pp. 162-167, 1986.
  19. Y. Lindell and B. Pinkas, "A proof of security of yao's protocol for two party computation," Journal of Cryptology, Vol. 22, No. 2, pp. 161-188, Apr. 2009. https://doi.org/10.1007/s00145-008-9036-8
  20. M. O. Rabin, "How to Exchange Secrets with Oblivious Transfer," Technical Report-81, Harvard University, 1981.
  21. C. Hazay and Y. Lindell, "Efficient Secure Two- Party Protocols: Techniques and Constructions," Information Security and Cryptography, Springer, 2010.
  22. A. Liu, K. Zhengy, L. Liz, G. Liu, L. Zhao, and X. Zhou, "Efficient Secure Similarity Computation on Encrypted Trajectory Data," Proc. of the 31st ICDE, pp. 66-77, 2015.
  23. B. K. Samanthula, Y. Elmehdwi, and W. Jiang, "k-nearest neighbor classification over semantically secure encrypted relational data," TKDE, IEEE, Vol. 27, No. 5, pp. 1261-1273, May. 2015.
  24. O. Goldreich, "Foundations of Cryptography: Volume 2, Basic Applications," Cambridge university press, Vol. 2, 2009.