Privacy-Preserving and Content-Protecting Location
Based Queries
ABSTRACT:
In this paper we
present a solution to one of the location-based query problems. This problem is
defined as follows: (i) a user wants to query a database of location data,
known as Points Of Interest (POIs), and does not want to reveal his/her
location to the server due to privacy concerns; (ii) the owner of the location
data, that is, the location server, does not want to simply distribute its data
to all users. The location server desires to have some control over its data,
since the data is its asset. We propose a major enhancement upon previous
solutions by introducing a two stage approach, where the first step is based on
Oblivious Transfer and the second step is based on Private Information
Retrieval, to achieve a secure solution for both parties. The solution we
present is efficient and practical in many scenarios. We implement our solution
on a desktop machine and a mobile device to assess the efficiency of our
protocol. We also introduce a security
model and analyse the security in the context of our protocol. Finally, we
highlight a security weakness of our previous work and present a solution to
overcome it.
EXISTING SYSTEM:
The Location
Server (LS), which offers some LBS, spends its resources to compile information
about various interesting POIs. Hence, it is expected that the LS would not
disclose any information without fees. Therefore the LBS has to ensure that
LS’s data is not accessed by any unauthorized user. During the process of
transmission the users should not be allowed to discover any information for
which they have not paid. It is thus crucial that solutions be devised that
address the privacy of the users issuing queries, but also prevent users from
accessing content to which they do not have authorization.
DISADVANTAGES
OF EXISTING SYSTEM:
·
Among
many challenging barriers to the wide deployment of such application, privacy
assurance is a major issue
·
The
user can get answers to various location based queries,
PROPOSED SYSTEM:
] In
this paper, we propose a novel protocol for location based queries that has
major performance improvements with respect to the approach by Ghinita at el.
And. Like such protocol, our protocol is organized according to two stages. In
the first stage, the user privately determines his/her location within a public
grid, using oblivious transfer. This data contains both the ID and associated
symmetric key for the block of data in the private grid. In the second stage,
the user executes a communicational efficient PIR, to retrieve the appropriate
block in the private grid. This block is decrypted using the symmetric key
obtained in the previous stage.
] Our
protocol thus provides protection for both the user and the server. The user is
protected because the server is unable to determine his/her location.
Similarly, the server’s data is protected since a malicious user can only
decrypt the block of data obtained by PIR with the encryption key acquired in
the previous stage. In other words, users cannot gain any more data than what
they have paid for. We remark that this paper is an enhancement of a previous
work.
ADVANTAGES
OF PROPOSED SYSTEM:
ü Redesigned the key structure.
ü Added a formal security model.
ü Implemented the solution on both a mobile device and
desktop machine.
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
Ø
System : Pentium IV 2.4 GHz.
Ø
Hard Disk :
40 GB.
Ø
Floppy Drive : 1.44
Mb.
Ø
Monitor : 15
VGA Colour.
Ø
Mouse :
Logitech.
Ø Ram : 512 Mb.
SOFTWARE
REQUIREMENTS:
Ø Operating system : Windows
XP/7.
Ø Coding Language : JAVA/J2EE
Ø IDE : Netbeans 7.4
Ø Database : MYSQL
REFERENCE:
Russell Paulet,
Md. Golam Kaosar, Xun Yi, and Elisa Bertino, Fellow, IEEE “Privacy-Preserving
and Content-Protecting Location Based Queries”
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 26, NO. 5, MAY
2014
No comments:
Post a Comment