GGrantIndex
← Search

III: Small: Collaborative Research: PE4GQ - Practical Encryption for Geospatial Queries on Private Data

$217,116FY2019CSENSF

University Of Massachusetts Boston, Dorchester MA

Investigators

Abstract

The mobile computing revolution led to the emergence of novel and exciting applications centered on geospatial data, such as location-based services, geosocial networks, and ride-sharing. These apps enable users to receive services customized to their locations and to interact with nearby peers. However, recent years also witnessed a growing number of risks associated with sharing of location data. Using location information, adversaries may stage a broad spectrum of attacks, ranging from physical surveillance and stalking, to inferring private details about an individual?s health status, political or religious affiliations, alternative lifestyles, etc. The proposed project will investigate secure and efficient techniques to protect the locations of mobile users before they are sent to online services. The focus will be on encryption, which provides a high level of protection, on the same level currently used for confidential data such as social security numbers and bank account information. Location privacy is an important component of the broader online privacy concept. Strong protection for users? whereabouts will bring significant societal benefits in the current online ecosystem, where privacy attacks occur more frequently and with far greater ramifications than before, as illustrated by recent high-profile privacy breaches that affected prominent players in the social media industry (e.g., Google, Facebook, Yahoo). Several prior research efforts focused on protecting locations through mechanisms like location cloaking, differential privacy or geo-indistinguishability, but none of these existing approaches can properly address the challenges of online, continuous sharing of locations. The only direction that achieves a sufficient amount of protection is represented by cryptographic approaches, but despite recent breakthroughs in the area of functional encryption, processing on encrypted data is very slow and/or insufficiently expressive to support the use case scenarios required by location-centric applications. The objective of this project is to bridge the gap between geospatial applications on one side and functional encryption on the other. The proposed PE4GQ (Practical Encryption for Geospatial Queries) framework will allow researchers and practitioners to make use of encrypted search primitives on geospatial data with practical computational and communication overhead. The project will adopt existing functional encryption techniques and customize their use to the specific requirements of geospatial queries. The project will address several challenging tasks: (i) identifying a small set of representative plaintext operations that occur commonly in location-centric applications and can be used to express more complex spatial queries; (ii) identifying appropriate cryptographic building blocks that can be used to securely evaluate the operations identified in the first task; (iii) investigating data representations and query encodings that allow efficient secure evaluation by reducing the number of expensive cryptographic primitives; and (iv) investigating performance optimizations that reduce encrypted data processing overhead by taking into account information from the spatial domain (i.e., through cross-layer design). This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →