KR101481906B1 - System and method for preserving location data privacy in outsource database - Google Patents

Abstract

The present invention relates to a system and method for preserving location data privacy in an outsourcing database. The system includes: a service providing server configured to store and provide encrypted Hilbert aggregation index (HAI) and transformed data index (TDI); a data storing terminal configured to generate and encrypt an HAI and a TDI corresponding to location data using the Hilbert curve, to upload the encrypted HAI and TDI to the service providing server, and to generate and provide a decryption key corresponding to the encrypted HAI and TDI; and a data using terminal configured to access the data storing terminal to obtain the decryption key, to access the service providing server to obtain the encrypted HAI and TDI, and to decrypt the encrypted HAI and TDI using the decryption key to identify location data corresponding to a query region.

Description

[0001] SYSTEM AND METHOD FOR PRESERVING LOCATION DATA PRIVACY IN OUTSOURCE DATABASE [0002]

The present invention relates to an outsourcing database, and more particularly, to a system and method for maintaining location data privacy in an outsourcing database for providing location data more securely and efficiently.

Recently, research on outsourced databases based on cloud computing environment has been actively conducted as interest in cloud computing has increased.

The outsourcing database refers to the data owner entrusting the service provider with the system related resources and management of data, hardware, and software that he owns in order to concentrate on his core competency. This outsourcing database has the advantage of being able to manage data at a low cost, even if the individual or company lacks experience with IT information services.

Meanwhile, as mobile devices equipped with GPS are rapidly spreading, location-based services using the devices are spreading. Location-based services (LBS) refers to providing additional services based on user's location information. The location-based service includes services such as traffic information based on the user's location, finding a friend, searching for adjacent location data (for example, restaurants, hospitals, shopping malls), and promoting products. As the application field becomes wider, the number of users is increasing. Especially, the amount of data generated due to the emergence of services linked with SNS (Social Network Service) is increasing rapidly. As a result, there is an increasing demand for outsourcing location databases for location based services.

However, the following problems arise when outsourcing such a location database without processing. First, because the location database is a valuable asset to the data owner, it is not desirable to outsource it to a third party. In this case, the location-based service user must transmit a query including the actual location of the user to the third party in order to receive the service. If the information is exposed to the attacker in the communication or the service provider maliciously It is possible to grasp the place where the user frequently visits and the time when the user visits the place, thereby causing a problem that the personal privacy of the individual is violated.

Therefore, researches are being conducted to protect position data in outsourcing databases, which are divided into spatial coordinate transformation and encryption transformation.

The spatial coordinate transformation scheme transforms coordinates of position data based on parallel movement of coordinate plane, data distribution transformation, error insertion, and the like. However, there is a disadvantage that such a spatial coordinate transformation technique can easily derive the mathematical expression used in the coordinate transformation using the exposed original data and the converted data pair. Also, since the conversion distance between adjacent position data is similar, there is a problem that the actual position of adjacent data can be roughly deduced from the exposed data.

On the other hand, the encryption conversion technique solves the problems of the space coordinate transformation technique by encrypting the position data based on DSA (Digital Signature Algorithm) digital signature algorithm and AES (Advanced Encryption Standard) encryption algorithm.

However, since the cryptographic transformation scheme performs encryption on an object-by-object basis, it has a disadvantage that it is vulnerable to attack on the access order associativity. The access order associativity attack is an attack that grasps the associativity between objects and other position data stored in the database by using the object search order and the exposed position data detected at the time of executing the user query.

An access ordering relationship attack is an attack that grasps other location data stored in a database by using association between records and exposed location data obtained through a record search order when a user query is performed.

Figure 1 shows an example of an approach order associativity attack according to the prior art.

1 (a) stores two end nodes A and B, and node A stores data c, d, and e, and node B stores data f, g, and h. The malicious service providing server or the attacker can obtain the query requested by the user and check the record search order. For example, if the attacker knows the record search sequence A → c, A → d, A → e, then c, d, and e are related in terms of data location, e. < / RTI > Also, if the attacker knows the exposed position data c, the attack can be performed through the area query as shown in FIG. 1 (b). First, if the region query is performed through the region R1, since the region query result includes only c, it can be seen that d and e are not within the R1 range from c. On the other hand, since the query result through the R2 region includes c and d, it can be estimated that the distance from c to d is within R2-R1.

In this way, access order associativity attacks are very lethal because they can relate records and use exposed location data to locate other data. In addition, since a large number of communication times are required for query processing, communication costs increase.

Accordingly, it is an object of the present invention to provide a position data privacy preservation system and method in an outsourcing database that can solve personal information leakage problem by hiding actual position coordinates of position data using a Hilbert curve based on a grid structure.

A system and method for preserving location data privacy in an outsourced database, which enables to save the location data protection problem by preventing access order associativity attacks by storing and encrypting F position data in one record of the database.

In addition, a system and method for preserving location data privacy in an outsourced database is provided that minimizes communication message size and improves query processing speed by establishing local clustering based on the Hilbert order.

The present invention also provides a system and method for maintaining location data privacy in an outsourced database that can support a query service supporting personal information by performing query processing on an encrypted location database.

According to an aspect of the present invention, there is provided a service providing server for storing and providing encrypted Hilbert Aggregation Index (HAI) and Transformed Data Index (TDI) Generates HAI and TDI corresponding to the position data by using the Hilbert curve, encrypts the HAI and TDI and uploads the encrypted HAI and TDI to the service providing server, and generates and provides a decryption key corresponding to the encrypted HAI and TDI Terminal; And acquiring the decryption key by accessing the data-bearing terminal, acquiring the encrypted HAI and TDI by accessing the service providing server, decrypting the encrypted HAI and TDI through the decryption key, And a data use terminal for identifying corresponding location data. The system also includes a location data privacy maintenance system in an outsourcing database.

The data owning terminal includes: an original storage unit for storing location data; An HAI and a TDI generator for generating HAI and TDI corresponding to the position data using a Hilbert curve; An encryption unit encrypting the HAI and the TDI and generating a corresponding decryption key; A data upload unit for uploading the encrypted HAI and the TDI to the service providing server; And a decryption key providing unit for providing the decryption key to the data using terminal.

Wherein the service providing server comprises: an HAI and a TDI storage unit for storing encrypted HAI and TDI provided by the data owning terminal; An HAI providing unit for providing the encrypted HAI in response to a location query of the data using terminal; And a TDI providing unit for searching for and providing the encrypted TDI in response to a record providing request of the data using terminal.

The data use terminal comprising: a decryption key acquisition unit for receiving the decryption key from the data-bearing terminal; An HAI processing unit for querying the service providing server to obtain the encrypted HAI, decrypting the decrypted HAI through the decryption key, and retrieving the decrypted HAI and acquiring a record corresponding to the inquiry area; And a TDI processing unit for requesting the encrypted TDI corresponding to the identified record to the service providing server, receiving the decrypted TDI, and decrypting the received TDI through the decryption key, thereby acquiring position data queried by the user.

As a means for solving the above problems, according to another embodiment of the present invention, the data owning terminal generates a Hilbert Aggregation Index (HAI) and a Transformed Data Index (TDI) corresponding to position data using a Hilbert curve An encryption step of uploading the encrypted HAI and TDI to a service providing server, and providing a decryption key corresponding to the encrypted HAI and TDI to a data using terminal; An HAI processing step of the data using terminal acquiring the encrypted HAI by querying a location of the service providing server, decrypting the encrypted HAI through the decryption key and grasping a record corresponding to the inquiry area; And the data using terminal obtains the encrypted TDI corresponding to the record area by querying the record area to the service providing server, decrypts the encrypted TDI through the decryption key, and obtains the position data queried by the user And a TDI processing step of storing location data privacy in an outsourcing database.

Wherein the encrypting step comprises: converting the two-dimensional position data into one-dimensional data using a Hilbert curve; generating HAI and TDI corresponding to the position data with reference to the Hilbert curve ID; Encrypting the HAI and TDI, and generating a decryption key corresponding to the encrypted HAI and TDI; Uploading the encrypted HAI and TDI to the service providing server; And providing the decryption key to the data using terminal after performing a user authentication procedure for the data using terminal when the data providing terminal requesting the decryption key is generated.

The HAI processing step includes the steps of the data-using terminal querying the service providing server for location and receiving the encrypted HAI; And decrypting the encrypted HAI using the decryption key previously provided by the data-bearing terminal, and searching the record corresponding to the inquiry area based on the Hilbert curve ID.

If the number of retrieved records and fanout F (F is a natural number of 2 or more) is smaller than the kth contact point (F is a natural number of 2 or more) requested by the user, the TDI processing step expands the record search area into neighboring grid cells ≪ / RTI > If the number of records retrieved " fan-out F " is greater than or equal to the k-th contact point requested by the user, the data using terminal obtains the encrypted TDI corresponding to the retrieved record through the service providing server, Decrypting the decrypted data using the decryption key provided to the user, and extracting position data queried by the user; Setting a circle circumscribed rectangle having a radius from a query point to a k-most recent contact point as a query area among the extracted position data of the data using terminal, and further searching the record based on the decoded HAI; Adding the encrypted TDI record corresponding to the further searched record to the service providing server, decrypting the encrypted TDI record with the decryption key, and further extracting the location data queried by the user when the record is further searched; And selecting k data closest to the query point among the extracted position data as a final result.

As a means for solving the above problems, according to another embodiment of the present invention, a data owning terminal encrypts and uploads position data to a service providing server, generates a decryption key corresponding to the encrypted position data, An encryption step provided to the terminal; And a query step of querying the service providing server to obtain the encrypted location data and decoding the received location data using the decryption key to obtain location data. to provide.

Wherein the encrypting step encrypts the location data by the data owning terminal and generates a decryption key corresponding to the encrypted location data: uploading the encrypted location data to the service providing server; And providing the decryption key corresponding to the encrypted location data after performing the user authentication on the data using terminal when the data using terminal requests access to the decryption key providing server to provide the decryption key.

The querying step comprises: providing the encrypted location data after the service providing server performs user authentication on the data using terminal when the data using terminal requests access to provide location data; And decrypting the encrypted location data using the decryption key to obtain location data.

According to the present invention, a secure outsourcing database that supports location information protection and location data protection of a user can be constructed and serviced. In addition, the location information service provider constructs a service system based on the outsourced database through the proposed spatial query processing algorithm and provides reliable services to the users in the cloud computing environment to enable location based service activation using the outsourced database in the cloud computing environment . ≪ / RTI >

Figure 1 shows an example of an approach order associativity attack according to the prior art.
FIG. 2 and FIG. 3 illustrate a location data privacy preservation system in an outsourcing database according to an embodiment of the present invention.
4 is a diagram illustrating source data, HAI, and TDI according to an embodiment of the present invention.
5 is a view for explaining a data encryption method for preserving location data privacy in an outsourcing database according to an embodiment of the present invention.
FIG. 6 is a diagram for explaining a location query method for preserving location data privacy in an outsourced database according to an embodiment of the present invention. Referring to FIG.
FIG. 7 is a diagram illustrating an application example of a location query method for preserving location data privacy in an outsourcing database according to an embodiment of the present invention. Referring to FIG.
8A and 8B are views for explaining a position query method according to another embodiment of the present invention.
9 is a diagram illustrating an application example of a position query method according to another embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. Even if the terms are the same, it is to be noted that when the portions to be displayed differ, the reference signs do not coincide.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.

The terms first, second, etc. in this specification may be used to describe various elements, but the elements should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component. And / or < / RTI > includes any combination of a plurality of related listed items or any of a plurality of related listed items.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the relevant art and are to be interpreted in an ideal or overly formal sense unless explicitly defined in the present application Do not.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings. In order to facilitate the understanding of the present invention, the same reference numerals are used for the same constituent elements in the drawings and redundant explanations for the same constituent elements are omitted.

In the present invention, two-dimensional position data (x, y coordinates) are converted into one-dimensional data by using a Hilbert curve, so that actual coordinates of data are concealed. To this end, the position database is represented by a grid structure, and a Hilbert curve is applied to sequentially assign Hilbert curve IDs to each grid cell. Hilbert curve is a technique for indexing multidimensional data as one-dimensional data. In particular, Hilbert curve in the location database guarantees proximity of approximated data with ID.

In addition, the Hilbert curve can be generated at various levels according to the size of the grid cell, and has directionality. Therefore, if the information is not given, the Hilbert curve is advantageous in that it is difficult to deduce original data from the transformed data.

FIG. 2 and FIG. 3 illustrate a location data privacy preservation system in an outsourcing database according to an embodiment of the present invention.

Referring to FIG. 2, the location data protection system of the present invention may include a data holding terminal 10, a service providing server 20, and at least one data using terminal 30.

3, an original storage unit 11 for storing original data before being encrypted, a Hilbert Aggregation Index (HAI) corresponding to the original data using the Hilbert curve, An encryption unit 13 for encrypting the HAI and the TDI and generating a decryption key corresponding to the HAI and the TDI, an encryption unit 13 for encrypting the encrypted HAI and the TDI, And a decryption key providing unit 15 for providing a decryption key after performing a user authentication procedure when the data uploading unit 14 and the data using terminal 30 approach each other, have.

4, the original data of the present invention is a two-dimensional positional data having a grid structure, HAI is an ID indicating an ID of an HAI record, a start of a Hilbert curve including the corresponding HAI record, Quot ;, " Start Hilbert Value (SHV) ", and " End Hilbert Value (EHV) " The TDI may be composed of an " ID " meaning an ID of a TDI record and a " cell info " meaning a set of actual position data included in the corresponding TDI record.

The service providing server 20 accesses the HAI, the TDI storing unit 21, and the data using terminal 30, which store the encrypted HAI and the TDI provided by the data owning terminal 10, An HAI providing unit 22 for providing an encrypted HAI in response to the request, and a TDI providing unit 23 for retrieving and providing an encrypted TDI corresponding to a record requested by the data using terminal 30 have.

The data using terminal 30 is provided with a decryption key obtaining unit 31 which accesses the data owning terminal 10 and provides a decryption key to the data providing terminal 10, The HAI processing unit 32 for retrieving the decrypted HAI and grasping a record corresponding to the inquiry area, the encrypted TDI corresponding to the record identified by the HAI processing unit 32, And a TDI processing unit 33 that is requested by the service providing server 20 and is received and decrypted through a decryption key provided by the data owning terminal 10 to obtain data queried by the user.

5 is a view for explaining a data encryption method for preserving location data privacy in an outsourcing database according to an embodiment of the present invention.

First, in order to hide the actual coordinates of the original data, the data owning terminal 10 converts the original data, which is two-dimensional position data (x, y coordinates), into one-dimensional data using the Hilbert curve (S11). That is, a Hilbert curve is applied to each grid cell of the original data to give a Hilbert curve ID.

Then, HAI and TDI corresponding to the original data are generated with reference to the Hilbert curve ID assigned to each grid cell (S12). That is, if each TDI record is configured to store F-number of position data, the data-bearing terminal 10 searches the first F (F is a natural number of 2 or more) position data according to the Hilbert curve ID, The cell ID and the cell ID in which the Fth position data is retrieved are set to the Start Hilbert Value and End Hilbert Value of the first record of the HAI, respectively. Then, the F position data retrieved is stored in cell info of the first record of TDI. Each time F data is additionally retrieved, it is stored in the next record of HAI and TDI. This operation is repeated while all the grid cells on the location database are retrieved.

For example, suppose that the fanout of TDI is F = 3. In order to retrieve the first three positional data a, b, c of the original data in Fig. 4, the search must be performed in grid cells 0 and 1 . Therefore, the Start Hilbert Value and the End Hilbert Value of the first HAI record are set to 0 and 1, respectively, as shown in HAI in FIG. At this time, the retrieved position data a, b, and c are stored in the cell info of the first record as shown in the TDI of FIG. Next, in order to retrieve F = 3 data, search is performed from grid cells 2 to 5. Thus, d, f, and g position data are retrieved from grid cells 2, 4, and 5, respectively. Therefore, the Start Hilbert Value and the End Hilbert Value of the second record of the HAI are set to 2 and 5, respectively, and the retrieved position data d, f, and g are stored in the cell info of the second record of the TDI. On the same principle, the remaining values of HAI and TDI are filled, respectively.

After HAI and TDI are generated through step S2, the data-bearing terminal 10 always encrypts HAI and TDI through an algorithm such as Advanced Encryption Standard (AES) (S13) and uploads it to the service providing server 20 (S14).

In this state, when accessing the data using terminal 30 to the data owning terminal 10 and requesting the provision of a decryption key while transmitting the user authentication information (S15), the data owning terminal 10 always responds to the user authentication procedure (S16), and provides a decryption key for decrypting the encrypted HAI and TDI to the data using terminal 30 (S17).

That is, according to the present invention, the actual position coordinates of the position data are concealed using the Hilbert curve based on the grid structure, thereby preventing the possibility of leakage of personal information in advance. In addition, by storing and encrypting the F position data in one record of the database, the access order associativity attack possibility is prevented in advance and thus the position data can be more safely protected.

FIG. 6 is a diagram for explaining a location query method for preserving location data privacy in an outsourced database according to an embodiment of the present invention. Referring to FIG.

If the data using terminal 30 performs a location inquiry operation to the service providing server 20 in step S21, the service providing server 20 performs user authentication on the data using terminal 30, And provides the HAI to the data using terminal 30 (S22).

Then, the data using terminal 30 decrypts the encrypted HAI provided by the service providing server 20 through the decryption key previously provided by the data owning terminal 10 (S23), searches the decrypted HAI, Finds the Hilbert curve ID of the grid cells corresponding to the region, and searches the record including the corresponding cells through the binary search (S24).

(2, 4, 5) of the corresponding records to the service providing server 20 while requesting the provision of the corresponding TDI record (S25).

When the service providing server 20 retrieves the records of the TDI corresponding to the ID and provides the retrieved records to the data using terminal 30 in step S26, The encrypted TDI record is decrypted using one decryption key to extract the actually stored location data, and the area query is terminated (S27). At this time, since the encrypted HAI and TDI are encrypted through the same AES algorithm, they can be decrypted using the same decryption key.

FIG. 7 is a diagram illustrating an application example of a location query method for preserving location data privacy in an outsourced database according to an embodiment of the present invention. In FIG. 7, it is assumed that F = 3 in TDI.

The data using terminal 30 restores the encrypted HAI previously received from the service providing server 20 through the decryption key and confirms that its own query area corresponds to the grid cells 2, 3, 4, and 7 , And retrieves a record including the corresponding cells in the HAI. At this time, the grid cells 2, 3 and 4 are included in the second record of the HAI, and the grid cell 7 is included in the fourth and fifth records of the HAI. Therefore, the data using terminal 30 requests the service providing server 20 for TDI records 2, 4, and 5. The data using terminal 30 restores the record using the decryption key previously transmitted from the data holding terminal 10. [ That is, the data terminal 30 decodes the second TDI record and searches m, n, and o through the position data d, f, g, and the fourth record k, l, e,

F, k, l, and m, which are included in the actual query area, and the data use terminal 30 includes the location data d, f, Find k, l, m. On the other hand, by receiving F-numbered pieces of data in one unit, it is possible to reduce the probability of an access order association attack.

8A and 8B are views for explaining a location query method according to another embodiment of the present invention. In the process of processing a k-nearest neighbor search query on an encrypted outsourced database through a Hilbert curve-based location data protection technique .

When the data using terminal 30 performs a location inquiry operation to the service providing server 20 (S31), the service providing server 20 searches for the encrypted HAI corresponding thereto and provides the retrieved HAI to the data using terminal 30 S32).

Then, the data using terminal 30 decrypts the encrypted HAI provided by the service providing server 20 through the decryption key previously provided by the data owning terminal 10 (S33), searches the decrypted HAI, The Hilbert curve ID of the grid cells corresponding to the region is searched for, and a tuple including the corresponding cells is searched through binary searching (S34).

However, if the "number of retrieved records ㅧ fanout F" is smaller than the k-th contact (F is a natural number of 2 or more) requested by the user (S35), the search area is extended to neighboring grid cells and the search is repeated (S34, S36) .

If the number of retrieved records " fan out F " is equal to or more than the kth contact point requested by the user, the data using terminal 30 transmits the ID of the retrieved record to the service providing server 20 and requests the service providing server 20 to provide the corresponding TDI record (S37), the service providing server 20 provides the records of the TDI corresponding to the corresponding ID in response thereto (S38).

Then, the data using terminal 30 extracts the actually stored location data by decoding the encrypted TDI records using the decryption key previously provided by the data owning terminal 10 (S39).

Then, the data-using terminal 30 sets a circle circumscribed rectangle having the radius from the query point to the k-nearest point as the query area among the extracted position data, and then re-searches the decoded HAI (S40). Through this process, it is possible to search for k-nearest contact data which is the result of actual k-close contact but not found in the previous step.

The service providing server 20 sends the corresponding record to the service providing server 20 (S42), and the service providing server 20 transmits the corresponding TDI record to the data providing terminal 30 (S41) (S43), and always decodes the data using terminal 30 to extract the stored location data (S43).

Finally, the data use terminal 30 selects k data closest to the query point among the extracted position data as a final result (S44).

9 is a diagram showing an application example of a location inquiry method according to another embodiment of the present invention. In FIG. 9, when the fanout of the TDI is F = 3 and k = 2, - An example of the nearest point query processing algorithm is shown.

The data using terminal 30 always restores the HAI transmitted from the service providing server 20 through the decryption key. The data using terminal 30 finds its query point corresponding to the grid cell 12, and then searches for a record including the cell in the HAI. The grid cell 12 corresponds to the sixth record in the HAI and is always larger than k = 2 because of the number of records searched (1), fan-out (3) Request TDI record 6. When the record is received from the service providing server 20, the record is restored by using the decryption key transmitted from the data owning terminal 10. Thus, the data use terminal 30 always searches for the position data p, q.

Next, in order to verify the accuracy of the currently-found k-nearest contact data, a circle having a radius from the query point to the k = 2-th data z (z is a positive real number) is found. When the area query is performed with the circumscribed rectangle of the circle as a query area, cells 8, 11, 12, 13, 14, and 15 are searched. Among the records 5 and 6 of the HAI including the corresponding cells, the fifth record is not received at present, so it requests the service providing server 20 for the record. The service providing server 20 transmits the record 5 of TDI and always receives and decodes the data using terminal 30 to find the position data m, n, o included in the record. On the other hand, since the data are farther than the current 2-point contact object p, p and q are extracted as final results.

As described above, according to the present invention, it is possible to minimize the communication message size and improve the query processing speed by constructing the local clustering based on the Hilbert order. Also, by performing query processing on the encrypted location database, it is possible to support query service supporting personal information.

The foregoing description is merely illustrative of the technical idea of the present invention, and various changes and modifications may be made by those skilled in the art without departing from the essential characteristics of the present invention. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.

Claims (11)

A service providing server for storing and providing encrypted Hilbert Aggregation Index (HAI) and Transformed Data Index (TDI));
Generates HAI and TDI corresponding to the position data by using the Hilbert curve, encrypts the HAI and TDI and uploads the encrypted HAI and TDI to the service providing server, and generates and provides a decryption key corresponding to the encrypted HAI and TDI Terminal; And
Accessing the data-bearing terminal to acquire the decryption key, acquiring the encrypted HAI and TDI by accessing the service providing server, decrypting the encrypted HAI and TDI through the decryption key, And a data use terminal for recognizing the position data that is obtained by the obtaining,
The service providing server
An HAI and TDI storage unit for storing encrypted HAI and TDI provided by the data-bearing terminal;
An HAI providing unit for providing the encrypted HAI in response to a location query of the data using terminal; And
And a TDI supplier for searching for and providing the encrypted TDI in response to a record providing request of the data using terminal. The method of claim 1, wherein the data-
An original storage unit for storing position data;
An HAI and a TDI generator for generating HAI and TDI corresponding to the position data using a Hilbert curve;
An encryption unit encrypting the HAI and the TDI and generating a corresponding decryption key;
A data upload unit for uploading the encrypted HAI and the TDI to the service providing server; And
And a decryption key providing unit for providing the decryption key to the data using terminal. delete The method of claim 1, wherein the data-
A decryption key obtaining unit for receiving the decryption key from the data-bearing terminal;
An HAI processing unit for querying the service providing server to obtain the encrypted HAI, decrypting the decrypted HAI through the decryption key, and retrieving the decrypted HAI and acquiring a record corresponding to the inquiry area; And
And a TDI processing unit for requesting an encrypted TDI corresponding to the identified record to the service providing server, receiving the decrypted TDI, and decoding the decrypted TDI by using the decryption key, Location data privacy preservation system. The data-bearing terminal generates a Hilbert Aggregation Index (HAI) and a Transformed Data Index (TDI) corresponding to the position data using the Hilbert curve, encrypts the encrypted HAI and TDI, uploads the encrypted HAI and TDI to the service providing server, An encryption step of providing a decryption key corresponding to encrypted HAI and TDI to a data using terminal;
An HAI processing step of the data using terminal acquiring the encrypted HAI by querying a location of the service providing server, decrypting the encrypted HAI through the decryption key and grasping a record corresponding to the inquiry area; And
The data using terminal queries the record providing area to the service providing server to acquire the encrypted TDI corresponding to the record area and decrypts the encrypted TDI through the decryption key to obtain the inquired location data TDI processing of the location data in the outsourced database. 6. The method of claim 5, wherein the encrypting step
Converting the two-dimensional position data into one-dimensional data using the Hilbert curve, generating HAI and TDI corresponding to the position data by referring to the Hilbert curve ID;
Encrypting the HAI and TDI, and generating a decryption key corresponding to the encrypted HAI and TDI;
Uploading the encrypted HAI and TDI to the service providing server; And
And providing the decryption key to the data using terminal after performing a user authentication procedure for the data using terminal when a data providing terminal requesting a decryption key is generated, Location data privacy preservation method. 6. The method of claim 5, wherein the HAI processing step
Receiving the encrypted HAI by querying the service providing server for the location; And
And decrypting the encrypted HAI using a decryption key previously provided by the data-bearing terminal and searching for a record corresponding to the inquiry area based on the Hilbert curve ID. A method for preserving location data privacy in a database. 6. The method of claim 5, wherein the TDI processing step comprises:
Repeating the search by expanding the record search area to a neighboring grid cell if the number of records found " fan out F (F is a natural number of 2 or more) " is smaller than a kth contact point (F is a natural number of 2 or more) requested by the user;
If the number of records retrieved " fan-out F " is greater than or equal to the k-th contact point requested by the user, the data using terminal obtains the encrypted TDI corresponding to the retrieved record through the service providing server, Decrypting the decrypted data using the decryption key provided to the user, and extracting position data queried by the user;
Setting a circle circumscribed rectangle having a radius from a query point to a k-most recent contact point as a query area among the extracted position data of the data using terminal, and further searching the record based on the decoded HAI;
Adding the encrypted TDI record corresponding to the further searched record to the service providing server, decrypting the encrypted TDI record with the decryption key, and further extracting the location data queried by the user when the record is further searched; And
And selecting k data closest to the query point from the extracted position data as a final result. ≪ RTI ID = 0.0 > 8. < / RTI > delete delete delete

Images