CN102968477B - Divide and the safe nearest neighbor method and system of random number based on minimal redundancy - Google Patents

Divide and the safe nearest neighbor method and system of random number based on minimal redundancy Download PDF

Info

Publication number
CN102968477B
CN102968477B CN201210466535.9A CN201210466535A CN102968477B CN 102968477 B CN102968477 B CN 102968477B CN 201210466535 A CN201210466535 A CN 201210466535A CN 102968477 B CN102968477 B CN 102968477B
Authority
CN
China
Prior art keywords
division
data
border
point
true
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201210466535.9A
Other languages
Chinese (zh)
Other versions
CN102968477A (en
Inventor
姚斌
李飞飞
肖小奎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Jiaotong University
Original Assignee
Shanghai Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Jiaotong University filed Critical Shanghai Jiaotong University
Priority to CN201210466535.9A priority Critical patent/CN102968477B/en
Publication of CN102968477A publication Critical patent/CN102968477A/en
Application granted granted Critical
Publication of CN102968477B publication Critical patent/CN102968477B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present invention relates to and a kind ofly to divide and the safe nearest neighbor method and system of random number based on minimal redundancy, described method comprises: the voronoi figure that data chief commander comprises Outsourced database is partitioned into k division, the border that record divides, random bytes is added in division, and according to the hash function preset, corresponding index is set up to each border, and the index of all divisions after encryption and correspondence thereof is sent to server, all borders dividing correspondence are sent to data user; The index of the division correspondence comprising true query point is sent to server by data user; Server sends the division comprising true query point after encryption to data user; The division comprising described true query point after data user obtains encryption, and calculate arest neighbors after deciphering, when carrying out K-NN search in data user is to the Outsourced database that server stores, server cannot be known and guarantee data security data, query point and Query Result in Outsourced database.

Description

Divide and the safe nearest neighbor method and system of random number based on minimal redundancy
Technical field
The present invention relates to Safety query process field, a kind ofly to divide and the safe nearest neighbor method and system of random number based on minimal redundancy.
Background technology
The basic SQL that the existing research of Safety query process field relates on encrypting database is inquired about (see document 3:H.Hacigumus, B.R.Iyer, C.Li, and S.Mehrotra.Executing SQL overencrypted data in the database service provider model.In SIGMOD, 2002), aggregate query is (see document 4:H.Hacigumus, B.R.Iyer, and S.Mehrotra.Efficient execution ofaggregation queries over encrypted relational databases.In DASFAA, pages 125 – 136, 2004 and document 5:E.Mykletun and G.Tsudik.Aggregation queries in thedatabase-as-a-service model.In DBSec, 2006) and range query (see document 6:B.Hore, S.Mehrotra, M.Canim, and M.Kantarcioglu.Secure multidimensional range queriesover outsourced data.VLDBJ.To Appear. and document 7:E.Shi, J.Bethencourt, H.T.-H.Chan, D.X.Song, and A.Perrig.Multi-dimensional range query over encrypted data.In IEEE Symposium on Security and Privacy, pages 350-364, 2007).As many existing research (see document 1:H.Hu, J.Xu, C.Ren, and B.Choi.Processing private queriesover untrusted data cloud through privacy homomorphism.In ICDE, pages 601-612, 2011 and document 2:W.K.Wong, D.W.-L.Cheung, B.Kao, and N.Mamoulis.Secure knn computation on encrypted databases.In SIGMOD, pages 139 – 152, 2009 and document 6 and document 7) prove, for meeting certain security requirement and obtaining higher efficiency, more complicated query type often needs some special processings.Especially, for the research work (see document 1 and document 2) done of existing many forefathers now of SNN problem, but the solution that they propose finally often is proved to be unsafe, can by success attack easily.
The people such as Hacigumus first proposed " Outsourced database " (outsourced database, ODB) model is (see document 8:H.Hacigumus, B.R.Iyer, and S.Mehrotra.Providing database as aservice.In ICDE, 2002), in this model, " data management " and " inquiry response " two service outsourcing are given insecure service provider (service provider) by data owner (data owner).Safety research about ODB is intended to guarantee data security by encrypting and carry out query processing in enciphered data.Such as, use a kind of order-preserving enciphered method (order-preserving encryption scheme, OPES, see document 9:R.Agrawal, J.Kiernan, R.Srikant, and Y.Xu.Order preserving encryption for numeric data.In SIGMOD, 2002), to an ordinal number territory (ordinal domain) utility function E, make, to arbitrary the value x to meeting x < y, y, have E (x) < E (y).In addition, the people such as Hacigumus also proposed one and add and take advantage of homomorphism (additive and multiplicative homomorphic) encryption function E(E to meet E (x)+E (y)=E (x+y), E (x) E (y)=E (xy)) support that aggregate query in enciphered data is (see document 4:H.Hacigumus, B.R.Iyer, and S.Mehrotra.Efficient execution of aggregation queries over encrypted relational databases.In DASFAA, pages125-136,2004).But as the people such as Mykletun prove, in fact other safety of homomorphism method lowermost level all can not ensure (see document 5).In brief, ODB model before all only considers simple Numerical Range and SQL operation, and does not consider with kNN(knearest neighbor, k arest neighbors) inquiry waits and more complicated is operating as research object; In addition, the attack of single type is always supposed in ODB model investigation, and does not consider the attack of different levels, does not have universality.
Except various encryption technology, other data guard method is also had to ensure the security of query count.SQL statement on ODB model performs and just have employed " gross index " (coarse index, also known as " index based on bucket ", bucket-based index) technology (see document 3).Tuple is encrypted by the common encryption method of such as RSA; By each Database Properties regional partition, the every part (i.e. " division ", partition) obtained after segmentation is composed by hash function with an ID.Data chief commander encrypts the ID that tuple splits together with its place and delivers to server, serves as " gross index ".Inquiry becomes the segmentation obtaining and comprise target tuple.Server then returns the superset of a Query Result.Then, result just can be deciphered by the user having key, then falls wherein garbage by certain aftertreatment screening.In advanced inquiry, the quantity of garbage may be very huge, and for user, this can become very white elephant.Such as, the ID that in kNN calculating, required data point and query point spacing are just difficult to by splitting obtains easily.Therefore, directly application this " gross index " technology can cause server that whole database is returned to user, allows user bear alone the calculating of Query Result.Obviously, when user's processing power limited (as user uses mobile device) this method is very inapplicable.
Another kind of Safety query disposal route make use of special hardware---and the coprocessor of safety is (see document 10:E.Mykletun and G.Tsudik.Incorporating a secure coprocessor in thedatabase-as-a-service model.In IWIA, 2005 and document 11:R.Agrawal, D.Asonov, M.Kantarcioglu, and Y.Li.Sovereignjoins.In ICDE, 2006).It is a kind of safe computing unit, and the data of its computation process and storage are all transparent to either party in inquiry.The use of coprocessor is very simple, only needs to install encryption and decryption key, and direct application deployment logic.But on the other hand, its speed, not as ordinary processor, is not therefore suitable for and needs a large amount of complicated applications calculated.In addition, coprocessor must be safeguarded by user.Such as, if processor hang-up, user must dispose it again.This obviously with user in cloud computing without the need in person safeguarding that raw data is contradiction.
In addition; Sweeney; Li; the people such as Machanavajjhala propose various data anonymous model; as k anonymity (k-anonymity); for the secret protection (see document 12:L.Sweeney.k-anonymity:A model for protecting privacy.In IJUFKS, 2002) during data publication.Their basic thought is all that each tuple in database can not be distinguished (indistinguishable) with other at least k-1 tuple " standard " indications (quasi-identifiers)." k is anonymous " can pass through " standard " indications vague generalization (generalizing), tuple suppresses (suppressing tuples), tuple upsets methods such as (perturbing tuples) and realizes.But " k is anonymous " model has information dropout in query script, and model itself also has specific defect.Pointed by the people such as Machanavajjhala, " standard " indications group that can not distinguish of anonymization is also containing many responsive values, therefore assailant just can cause information leakage (see document 13:A.Machanavajjhala by limited background knowledge, J.Gehrke, D.Kifer, and M.Venkitasubramaniam.l-diversity:Privacy beyond k-anonymity.In ICDE, 2006).In addition, the codomain after vague generalization also can facilitate the statistical information of potential attacker to raw data or some preciousnesses to make accurate estimation.It is especially noted that secret protection during data publication is different from the target of the data security in ODB model: the information that the former tries hard to avoid issuing exposes particular individual, the latter focuses on for unauthorized user protection information.
For solving Safety query process problem better, kNN inquiry (see document 2) in the primary studies such as W.K.Wong SCONEDB model.Oliveira etc. once proposed " equidistantly change " (distance-preservingtransformation, DPT) as its encryption method (see document 14:S.R.M.Oliveira and O.R.Zaiane.Privacy preserving clustering by data transformation.In SBBD, Manaus, Amazonas, Brazil, 2003).Set point x is converted to Nx+t by DPT, and wherein, N is the orthogonal matrix of a d × d, and t is a d dimensional vector.The key property of DPT is that before and after conversion, dot spacing is constant, that is, d (x, y)=d (E (x), E (y)), and wherein, d represents Euclidean distance, and E is encryption (conversion) function.Because distance does not change, kNN inquiry can obtain correct calculating.But it is unsafe [8] that the testimony of a witnesies such as Liu obtain DPT about 2 grades of attacks and 3 grades of attacks.For one 3 grades of attacks, W.K.Wong etc. examined one group of point in DB x1, x2 ..., xm} and corresponding secret value thereof y1, y2 ..., ym}, then sets up out one group of equation yi=Nxi+t, forms linear equality group, and wherein, the d of d2 and t of N is unknown.So, if m>=d+1, then this equation set can be separated.For one 2 grades of attacks, one group of some P in the visible DB of assailant.Because DPT remains the correlativity between each dimension, Liu etc. use PCA to determine in point set P and change the major component in rear the data obtained storehouse.By coupling major component, assailant can make accurate estimation (see document 8) to N and t.
It is also the problem that " sex service of suitable ground " (LBS) system needs to consider that kNN on unreliable platform calculates.In LBS model, server has a tuple set (being also " point of interest " point of interest, POI).With user orientation server submit Query (range query or kNN inquiry), obtain the point of interest wanted.Wherein main Security Target is the positional information of protection query point, and other model also can consider the privacy concern of POI." k is anonymous " model is often used, and so that the position of query point is converted to a spatial dimension, so at least contain the point of other k-1 in this scope, server is then difficult to the position determining user's (query point) wherein.Although this model can with solving our problem, it also has certain defect.First, the data after anonymity can expose raw value approx; Secondly, (see document 15:G.Ghinita in particular model, P.Kalnis, A.Khoshgozaran, C.Shahabi, and K.L.Tan.Privatequeries in location based services:Anonymizers are not necessary.In SIGMOD, 2008), database is assumed that server owns, and therefore server can see raw data; Again, in some systems (such as " gross index " system), the superset that server returns Query Result usually carries out aftertreatment for user, and this adds burden for users, for some " lightweight " (light-weight) user sides, this or even can not bear.The people such as Khoshgozaran propose a LBS model can inquiring about to be encrypted for kNN (see document 16:A.Khoshgozaran and C.Shahabi.Blind evaluation ofnearest neighbor queries using space transformation to preserve location privacy.InSSTD, 2007).Its main thought uses Hilbert curve to carry out " encryption " data point and inquiry.The Hilbert value of each point is sent to server.Then in the space of the rear gained of Hilbert conversion, calculate kNN and draw approximation.This method is approximation except what return, also there is the problem that DPT is similar, easily by success attack.
Summary of the invention
The object of the present invention is to provide and a kind ofly to divide and the safe nearest neighbor method and system of random number based on minimal redundancy, when can carry out K-NN search in data user is to the Outsourced database that server stores, server cannot be known and guarantee data security data, the query point of data user and the Query Result of arest neighbors in Outsourced database.
For solving the problem, the invention provides and a kind ofly to divide and the safe nearest neighbor method of random number based on minimal redundancy, comprising:
The main generation of data comprises the voronoi figure of all True Data points of Outsourced database, wherein, the byte number of each True Data point is identical, and the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database;
Data user or the main given parameters K of data, described voronoi figure is partitioned into k division according to described parameter k by data main root, record each border dividing correspondence, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, wherein, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, with the straight line being parallel to Y-coordinate axle constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k,
Data master adds the individual division of k ' at random in described voronoi figure, and adds virtual data point respectively in the individual division of k ', records each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer;
The byte number of the division of the most multiple True Data point or virtual data point is comprised as most long word joint number in all divisions of the main acquisition of data, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number;
Data main root sets up corresponding index according to the hash function preset to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores;
All corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and the described hash functions of dividing of data chief commander send to described data user to store;
Described data user determines true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server;
Described server sends the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user;
The division comprising described true query point after the encryption received is decrypted according to described decipherment algorithm by described data user, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the True Data point of the arest neighbors of described true query point;
Described data user determines pseudo-query point, the border of the correspondence of the division comprising described virtual query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described virtual query point is sent to server;
Described server sends the division comprising described pseudo-query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received to described data user.
According to another side of the present invention, provide a kind of and divide and the safe nearest neighbor system of random number based on minimal redundancy, comprising:
Data master, for given described parameter k, generate the voronoi figure comprising all True Data points of Outsourced database, wherein, the byte number of each True Data point is identical, the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database, according to parameter k, described voronoi figure is partitioned into k division, record each border dividing correspondence, wherein, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, the primary straight line being parallel to Y-coordinate axle of described data constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter k, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k, in described voronoi figure, add the individual division of k ' at random, and add virtual data point respectively in the individual division of k ', record each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer, obtain in all divisions the byte number of the division comprising the most multiple True Data point or virtual data point as most long word joint number, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number, according to the hash function preset, corresponding index is set up to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores, described data user is sent to store all corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and described hash functions of dividing,
Data user, for given described parameter k, determine true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server; According to described decipherment algorithm, the division comprising described true query point after the encryption received is decrypted, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the data point of the arest neighbors of described true query point; Determine pseudo-query point, the border of the correspondence of the division comprising described virtual query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described virtual query point is sent to server;
Server, for sending the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user; The division comprising described pseudo-query point after corresponding encryption is sent to described data user according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received.
Compared with prior art, the present invention comprises the voronoi figure of all True Data points of Outsourced database by the main generation of data, wherein, the byte number of each True Data point is identical, the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database, data user or the main given parameters K of data, described voronoi figure is partitioned into k division according to described parameter k by data main root, record each border dividing correspondence, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, wherein, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, with the straight line being parallel to Y-coordinate axle constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k, data master adds the individual division of k ' at random in described voronoi figure, and adds virtual data point respectively in the individual division of k ', records each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer, the byte number of the division of the most multiple True Data point or virtual data point is comprised as most long word joint number in all divisions of the main acquisition of data, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number, data main root sets up corresponding index according to the hash function preset to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores, all corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and the described hash functions of dividing of data chief commander send to described data user to store, described data user determines true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server, described server sends the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user, the division comprising described true query point after the encryption received is decrypted according to described decipherment algorithm by described data user, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the True Data point of the arest neighbors of described true query point, described data user determines pseudo-query point, the border of the correspondence of the division comprising described virtual query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described virtual query point is sent to server, described server sends the division comprising described pseudo-query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received to described data user, when can carry out K-NN search in data user is to the Outsourced database that server stores, server cannot be known and guarantee data security data, the query point of data user and the Query Result of arest neighbors in Outsourced database.
Accompanying drawing explanation
Fig. 1 is the process flow diagram of the safe nearest neighbor method of dividing based on minimal redundancy of one embodiment of the invention and random number;
Fig. 2 is the division schematic diagram of the safe nearest neighbor method of dividing based on minimal redundancy of one embodiment of the invention and random number;
Fig. 3 divides schematic diagram under the one-dimensional space of one embodiment of the invention;
Fig. 4 is the division schematic diagram of the MinDp method of one embodiment of the invention;
Fig. 5 a be under the MinDp division methods of one embodiment of the invention k to the effect diagram of time division cost;
Fig. 5 b is under the MinDp division methods of one embodiment of the invention | D| is to the effect diagram of time division cost;
Fig. 6 a is that the mean value of the division size of one embodiment of the invention, maximal value and minimum value are with parameter k situation of change figure;
Fig. 6 b is the mean value of the division size of one embodiment of the invention, maximal value and minimum value with | D| situation of change figure
Fig. 7 a is that the total run time of the MinDp division methods of one embodiment of the invention is with parameter k situation of change figure;
Fig. 7 b is that the total run time of the MinDp division methods of one embodiment of the invention is with | D| situation of change figure;
Fig. 8 a is under the MinDp division methods of one embodiment of the invention | E (D) | with k situation of change figure;
Fig. 8 b is under the MinDp division methods of one embodiment of the invention | E (D) | with | D| situation of change figure;
Fig. 9 a be under the MinDp division methods of one embodiment of the invention query communication cost with k situation of change figure;
Fig. 9 b be under the MinDp division methods of one embodiment of the invention query communication cost with | D| situation of change figure;
Figure 10 a be under the MinDp division methods of one embodiment of the invention query time with | D| situation of change figure;
Figure 10 b be under the MinDp division methods of one embodiment of the invention query time with k situation of change figure;
Figure 11 is the high-level schematic functional block diagram of the safe nearest neighbor system of dividing based on minimal redundancy of one embodiment of the invention and random number.
Embodiment
For enabling above-mentioned purpose of the present invention, feature and advantage become apparent more, and below in conjunction with the drawings and specific embodiments, the present invention is further detailed explanation.
Along with " cloud computing concept and application thereof day by day universal, " Safety query problem " for the encrypted data set E (D) on " cloud " obtains increasing concern.Namely the present invention has carried out comparatively deep research to " safe arest neighbors " (secure nearest neighbor, SNN) problem wherein; This problem relates to data master (data owner), data user (client) and server (server) tripartite, data user can send inquiry ciphertext (encrypted query to server, E (q)) obtain the ciphertext of the nearest data point of query point in E (D) (i.e. " arest neighbors "), but will ensure to allow server know the particular content of data and inquiry.Specifically, SNN problem relates to data master, data user and server tripartite and its corresponding action of described tripartite:
(1) data master: have and tie up by d the Outsourced database D that European point or object form, and D can be contracted out to server not exclusively reliably.
(2) data user: need to inquire about described Outsourced database D.
(3) server: not exclusively reliable, can spy upon the data content from data master and the query contents from data user because of self reason or third party's reason.
Arest neighbors (NN can be carried out in outsourcing database D to allow data user, nearest neighbor), inquiry, but server can not be allowed to know data in the Outsourced database D of data master, the true inquiry of data user and the specifying information of Query Result, data are main must be applied certain cryptographic algorithm E to outsourcing database D and be encrypted, the ciphertext of D can be represented with E (D), use E -1represent corresponding decipherment algorithm.Similar, its query point q(should specifically be represented a query point by data user) encryption obtains E (q) and sends to server, here need to try hard to ensure that the cryptographic algorithm E that SNN method is instigated with data in security is the same, that is, all E are proved to be the attack model of safety (can not differentiate under chosen-plain attact, or can not differentiate under chosen ciphertext attacks) in SNN method.
In fact can prove, under the condition of only given E (q) and E (D), server can not find query point arest neighbors accurately.If but do not require that server provides the precise positioning of SNN Query Result, and only need provide Query Result one " roughly locating "? a very simple directly inquiry processing method might as well be imagined: data chief commander Outsourced database D regards as after an entirety is encrypted and obtains E (D), sends server to; And whole E (D) can be returned to data user as Query Result by server; Data user uses E again -1(tentation data master and data user's sharing E are decrypted to E (D) -1) obtain D, thus the result of SNN inquiry can be gone out at local computing---the method for this " simplicity " can be called " (directly) transmits D " (Send-D method) algorithm.Obviously, this algorithm has the security identical with E, but very poor efficiency.So on this basis, as shown in Figure 1, further provide more efficient SNN disposal route, namely provided by the inventionly a kind ofly to divide and safe nearest neighbor method (the secure voronoidiagram of random number based on minimal redundancy, SVD), comprise pretreatment stage step S1 ~ S5, inquiry phase comprises step S6 ~ S8, step S6 ~ S8 can constantly repeat wherein according to actual needs
Step S1, the main generation of data comprises all True Data point p of Outsourced database D ivoronoi figure, wherein, each True Data point p ibyte number identical, the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database.Owing to will produce k the division of Outsourced database D in subsequent step S2, a key issue is exactly (may exist overlapping) " division " G (D)={ G how producing Outsourced database D here 1..., G k, the target considered has two: (1) SNN Query Result (arest neighbors of query point) at least should be contained in a certain division, and (2) data user can determine G by quantity of information little as far as possible ito reduce Query Cost, therefore naturally select to build G (D) with the voronoi figure based on Outsourced database D, wherein each data point p exactly for one irepresent with a voronoi cell.
The present invention needs for following four problems:
Problem one: it is too large that border P (D) describes space cost with voronoi cell.Such as, when described Outsourced database D be two dimension and d=2 time, each voronoi cell is the convex polygon of an arbitrary shape, and these polygons on average have 6 summits.Therefore, so represent that storage space shared by border P (D) is by than storing the much bigger of Outsourced database D itself.
Problem two: set up index how to border P (D) and promptly determine required original index value i to enable data user.This problem can seem particularly outstanding when element has irregular obstacle body in border P (D), such as: work as B j(now B when ∈ P (D) is a voronoi cell jnamely be arbitrary shape convex polygon).
Problem three: ensure | E (G i) |=| E (G j) | (i ≠ j), server like this just can not distinguish them according to the size cases dividing (ciphertext), and then understands dividing condition.In any secure cryptographic algorithm E, we need to ensure this point, therefore need to be obligated G (D) | G i| b=| G j| b(i ≠ j), wherein | G i| brepresent and divide G ibyte number (caution area divide represent G ithe number of middle data point is | G i|).
Problem four: data user goes out to meet nn (q, D) ∈ G at local computing ioriginal index value i after, i directly should not delivered to server and obtain E (G i), can not know any information about dividing condition in query processing process by Deterministic service device like this.If data user only sends the ciphertext of i to server, so this problem is not just present in; But this means that server must find E (G by the ciphertext of i i).
Step S2, data user or the main given parameters K of data, described voronoi is schemed G (D) according to described parameter k and is partitioned into k division G by data main root 1..., G k, record each border P (D)={ B dividing correspondence 1..., B k, wherein, each division is mutually disjointed, and the data point part that different demarcation comprises repeats or do not repeat completely, and k is more than or equal to 1 and is less than or equal to N.Concrete, according to the parameter k that user is given, D is divided into k part, each part is like this called one " division " (allow to intersect between each division, namely each division can contain identical data point), namely has G (D)={ G 1..., G k, then by E (D)={ E (G 1) ..., E (G k) be sent to described server.In this process, " geometrical boundary " P (D)={ B to each division is also needed 1..., B k(wherein B ifor dividing G igeometrical boundary) store, such information is under guarantee enough describes out the prerequisite of dividing condition, and it is the smaller the better that institute takes up space that yes.
Here a kind of egregious cases is first considered: if make k=N(N be the number of the data point of data set D, namely | D|), so each G inamely by single data point p ithe set that ∈ D is formed, and border P (D) is the set of the voronoi cell of D.If p ivoronoi cell be vc i(p ifor vc icomprised), so given arbitary inquiry point q, data user need search the voronoi cell comprising q; Assuming that then data user need obtain E (G to server request i); Here nn (q, D)=p is obviously had iand G i={ p i, and algorithm returns nn (q, E -1(E (G i)))=nn (q, { p i)=p i, be visible as correct result.The general situation above-mentioned thought being promoted the use of k<<N can be considered.
Step S2 specifically comprises step S21 and step S22:
Step S21, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points; Concrete, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points.In order to one and the problem two of dealing with problems, each division in regulation G (D) must have regular shape.As shown in Figure 3, one " optimal case " is there is under one dimension situation, it can produce size balance and mutually disjoint division, this is because the voronoi figure of one-dimensional data point is be made up of continuous and disjoint interval, for generating the division of " complete equipilibrium " (i.e. equal and opposite in direction), only need find its 1/k in D, ..., (k-1)/k quantile, then produce G (D) with them, the border of voronoi cell corresponding to these quantiles and ± ∞ determine P (D)={ B 1..., B k.Above-mentioned search (k-1) individual quantile and by them to the journey of the mistake that the voronoi figure of D divides by having scanned the once linear of D.Therefore, the IO(I/O of this algorithm in out-of-core models) cost is O (N log N).Because each division size is | D|/k=N/k, therefore G isize is | E (N/k) |, so E (D) size is k|E (N/k) |; And obviously the size of P (D) is O (k).
Step S22, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, with the straight line being parallel to Y-coordinate axle constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k.Concrete, in order to one and the problem two of solving the problem, each division in regulation G (D) must have regular shape, be exactly that each division must be limited in " grid " (box) surrounded by the limit parallel with coordinate axis (X-coordinate axle or Y-coordinate axle) specifically.But, this means to divide G iboundary B imay comprise or run through multiple voronoi cell, as shown in Figure 2, wherein dotted line is the boundary B divided 1and B 2, represent different pieces of information point p 1~ p 16convex polygon be voronoi cell.
In order to solve the problem two, if D mid point p icorresponding voronoi cell is vc i, for ensureing that data user can meet nn (q, D) ∈ G for P (D) produce index and light determining efficiently iindex value i, following division principle can be determined: establish G igeometrical boundary by B irepresent, so
Principle one: B iit is " grid " surrounded by the limit parallel with coordinate axis;
Principle two: the border of namely different in G (D) its correspondences of division is mutually disjoint;
Principle three: if B icomprise completely or intersect at a voronoi cell collection V i, so G i={ p j|v cj∈ V i, but different G imay containing the data point repeated.As in fig. 2, the data point inside dark voronoi cell can be joined simultaneously divides G 1and G 2in, i.e. G 1={ p 1, p 2, p 3, p 4, p 5, p 6, p 7, p 8, p 10, G 2={ p 5, p 6, p 7, p 8, p 10, p 11, p 12, p 13, p 14, p 15, p 16, p 9.
Lemma 1. as shown in Figure 2, according to above-mentioned division principle, if nn (q, D)=p iand q ∈ B j, then p is had i∈ G j.
Prove: if there is query point q ∈ B j, namely q belongs to B jthe region confined, so q must belong to one by B jthe voronoi cell comprised completely or run through.According to above-mentioned division principle, this voronoi cell must belong to V j, and V jdetermine G jelement.Suppose that q is included in v ciin (then have nn (q, D)=p i), as from the foregoing, v ci∈ V j, p then i∈ G j.
From above-mentioned lemma 1, in step S6, for arbitary inquiry point q, the work of data user's end is exactly find to meet q ∈ B jb j∈ P (D), namely finds a grid comprising q in P (D), and this is actually the process of " some position enquiring " (a point location query).Because the grid in P (D) is all disjoint, but the space of the voronoi figure of whole Outsourced database D can be covered, therefore have and only have a grid to comprise a q; In addition, because the limit of these grid is all parallel with coordinate axis, therefore data user can work out original index value i for P (D) easily.Afterwards, data user just can obtain E (G to server request j), this is because accused, as long as q is comprised in B by described lemma 1 jin, so just there is nn (q, D) ∈ G j.
By step S7, once E (G j) serviced device returns, in step S8, data user just can by E -1to E (G j) deciphering obtain G j; Afterwards, data user, by identifying random character *, can will data master pass through " filling up operation at random " and will be added on G before like a cork jin random bytes sequence remove; Finally, data user can obtain nn (q, D)=nn (q, G j).
But do not forgotten, data user is obtaining E (G to server request j) time need to deal with problems four, according to the hash function preset, corresponding index is set up to each division by step S4 data main root, and by encryption after all divisions and correspondence encryption after all indexes send to server stores after, in step s 6, data user is allowed to send E (g (j)) to server.At server end in step S7, there is pair relationhip in the E (g (i)) that data master sends and E (Gi), server is after receiving the E (D) that data master sends, just can set up one containing the Hash table T of k record, E (g (i)) is mapped to E (G i).So, given request E (g (i)) of data user, server just by searching in T, can finally find E (G i), the time complexity of this process is only O (1), and therefore server can find E (G by said process by E (g (j)) efficiently j).
Step S31, data master adds the individual division of k ' at random in described voronoi figure, and virtual data point is added respectively in the individual division of k ', record each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer.Concrete, after data main generation G (D) and P (D), only need add the individual random division of k ' in G (D), then encryption sends server to, the number of partitions that server like this obtains is k+k ', thus k value obtains hidden.
Step S3, the byte number of the division of the most multiple True Data point or virtual data point is comprised as most long word joint number in all divisions of the main acquisition of data, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number.Concrete, tentation data master has generated G (D) and P (D) deals with problems three in order to above-mentioned, and main need of data ensures | G i|=| G j| (i ≠ j).If G xfor having the division of an at most data point (under be called " size ", size) in G (D), namely for any i ∈ [1, k], have | G i|≤| G x|.G is divided for each i(i ≠ x), to its add (| G x| b-| G i| b) individual random bytes, here available characters * represent any random bytes with G iin actual data point carry out distinguishing that (these random characters of * representative all can not at G imiddle reality occurs), this process can be claimed for " filling up operation at random ".Obviously, " fill up operation at random " through this, for dividing G arbitrarily i, have | G x| b=| G i| b.Like this, in subsequent step S4, no matter data instigator generates { E (G by which kind of secure cryptographic algorithm 1) ..., E (G k), have | E (G i) | b=| E (G j) | b(i ≠ j), thus Deterministic service device cannot distinguish certain division arbitrarily in G (D), thus recognize dividing condition.
Step S4, data main root sets up corresponding index according to the hash function preset to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores.Concrete, in order to solve the problem four, the main application of data one secret random Harsh function g:[1, N] → Z +, E (D) the most at last={ (E (g (1)), E (G 1)) ..., (E (g (k)), E (G k)) be distributed to server, by P (D), E -1data user is distributed to g.
Step S5, all corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and the described hash functions of dividing of data chief commander send to described data user to store, concrete, all border P (D) dividing correspondence of data chief commander send to described data user to store.P (D) is stored in data user's end, like this for arbitary inquiry point q, data user can determine that original index value i meets nn (q, D) ∈ G efficiently i, calculate and this original index value i(border according to described hash function) and corresponding index, then to file a request to server according to this index and get E (G i), this process can be carried out when server does not know concrete original index value i value completely, so can not recognize dividing condition in the process replying inquiry by Deterministic service device; Finally, data user easily can draw nn (q, D)=nn (q, E naturally -1(E (G i))).
Step S6, described data user determines true query point q, the border of the correspondence of the division comprising described true query point is determined according to described true query point, the corresponding index with the corresponding border of the division comprising described true query point is obtained according to described hash function, and the index E (g (j)) comprising the correspondence on the border of the correspondence of the division of described true query point is sent to server, namely data user is by E (D)={ (E (g (1)), E (G 1)) ..., (E (g (k)), E (G k)) send server to.
Step S7, described server sends the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user.
Step S8, the division comprising described true query point after the encryption received is decrypted according to described decipherment algorithm by described data user, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the True Data point of the arest neighbors of described true query point;
Step S9, described data user determines pseudo-query point, the border of the correspondence of the division comprising described virtual query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described virtual query point is sent to server.Concrete, the inquiry frequency that server may be divided each by statistics, in conjunction with relevant " background knowledge ", roughly judge the actual geographic region corresponding to this division, such as, suppose that D represents NY area, based on actual in the understanding of " concern " degree to some region, New York, server just can infer to be exactly probably Manhattan by the division correspondence of the most frequently inquiring about, for avoiding this type of privacy leakage, or the way of " pseudo-inquiry " can be used, data user is allowed to send randomly " pseudo-inquiry ", so making respectively to be divided in has comparatively close inquiry frequency that data user namely can be allowed to send some " pseudo-inquiry " for above-mentioned random division requests on the whole, namely data user is randomly to server request E (g (j)), and j ∈ [k+1 here, k+k '], such server just cannot determine which is the random division of adding, thus can not determine out k value.
Step S10, described server sends the division comprising described pseudo-query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received to described data user.
The query script of above-mentioned steps S6 to S10 can constantly repeat according to actual needs, until without query demand.By step S31, step S9 and step S10, can k be made easily transparent to server.
A kind of MinDp division methods is provided in the present embodiment, this method have followed the division principle one to three of above-mentioned proposition, owing to adding " filling up operation at random ", therefore obviously, the communication cost of the present embodiment and the storage cost of server end are by the difference of the size of maximum division and each division, namely | and G x-| G i|, or more accurately, | E (G x) |-| E (G i) |) determine, that is, in order to reduce the storage cost of communication cost and server end, also should adhere to principled four as much as possible when design partition method: the division generating size " balance " (equal or close) as far as possible.
MinDp method is that described voronoi figure is partitioned in k the step divided according to described parameter K by data main root, with the straight line being parallel to Y-coordinate axle constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter k, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k.
Concrete, in MinDp method in order to make in G (D) (| G x|-| G i|) value reaches minimum, can adopt one " greed " strategy.Specifically, initial seasonal P (D)={ Ω }, wherein Ω represents the Zone Full of the corresponding voronoi figure of D; Subsequently, vertical line is used (to be parallel to the straight line running through Ω of Y-coordinate axle iteratively, lower with) or horizontal linear (being parallel to the straight line running through Ω of X-coordinate axle) grid in P (D) is progressively cut little, until grid number reaches k in P (D).For simplicity's sake, the P (D) being in the i-th step state in this construction process is expressed as P below i(D).
In arbitrary i-th step, be P by the mode mentioned in MinCs i(D) the grid produce index in is to { x, y}.When present hypothesis is switched to the i-th step, use a ibar perpendicular line and b ibar horizontal line, so at P i(D) there has been (a in i+ 1) (b i+ 1) individual grid, i.e. P i(D)={ C 1,1..., C 1, bi+1..., C ai+1,1..., C ai+1, bi+1.If so the cutting process of following MinDp is regarded as a function, be just equivalent to P i(D) (or a ibar perpendicular line and b ibar horizontal line) be its input state, and export a new cut-off rule l(horizontal line or perpendicular line).
Here the basic ideas used are: always choose current maximum division in each step and cut, and it is tactful that this is " greed ".Here, by grid C x,y∈ P i(D) corresponding division is expressed as G x, y.As shown in Figure 2, should be noted each grid C x,ya corresponding division G always can be produced by MinDp method x,y.Suppose currently maximumly to be divided into G α, β(α ∈ [1, a i+ 1], β ∈ [1, b i+ 1]), so the selection range of next line of cut l is G α, βcorresponding XY coordinate range.
But, even if we only consider G α, βxY coordinate range, the range of choice of l should be infinite.This is because, if hypothesis G α, βby its lower-left angle point (xl, yl) and upper right angle point (xu, yu) given; So, any perpendicular line in [xl, xu] scope can as G with any level line in [yl, yu] scope α, βline of cut take in.
For overcoming the above problems, as shown in Figure 2, can find as lemma 2.
Lemma 2. is when a grid produces a division by MinDp method, and the voronoi summit (this boundary line is through a voronoi cell from " centre " relatively) that its boundary line is passed is more, and the division of generation is less.
Prove: if boundary line l is set to vc through certain voronoi cell( i), but not through vc isummit, so vc icorresponding some p ithe division of l both sides must be distributed to simultaneously, the correctness of lemma 2 can be obtained thus.
An example of lemma 2 is exactly, in fig. 2, and p 9only be assigned with to give and divide G 2, and do not distribute to G 1.
By lemma 2, line of cut l can be determined by a kind of further " greed " strategy.Make V (G α, β) representing such voronoi vertex set: the coordinate range of the voronoi cell belonging to it is completely among [xl, xu] and [yl, yu], and point (xl, yl) and point (xu, yu) are respectively G α, βthe lower left corner and the upper right corner.So only need consider its level when determining l or pass perpendicularly through v ∈ V (G α, β) situation.Such l is by G α, βand the maximum division G of correspondence α, βcutting is come, and obtains Pi+1 (D).Be not difficult to learn, such l can have 2|V (G α, β) | individual possible selection; Therefrom select one, make it to meet P i+1(D) number of data points of the maximum division in is minimum.Once l determines, by P i(D) P is updated to i+1(D), and so continue, until P i+1(D) in, grid number reaches k.
Due to the thought that above-mentioned division methods is based on reducing " repeating a little " as far as possible, be therefore referred to as " MinDp(Minimum Duplicate Points) method ".Here it is noted that when being divided to final step, the number of partitions that MinDp method produces may be greater than k; If like this, by the mode progressively merging minimum division, number of partitions can be reduced to k, to this, do not repeat here.Fig. 4 gives an example of MinDp method application, and wherein, in Fig. 4, dotted line l represents examination cutting process.
MinDp method need be carried out at most (k-1) step and be divided, such as, all dividing lines be level or vertical time; In each step, 2|V (G need be tested α, β) | the dividing line that bar is possible.Because the number of vertex of average single voronoi cell is less than 6, and have N number of voronoi cell, therefore O (| V (G α, β) |)=N.For every bar line of cut l, need find out the voronoi cell crossing with it so that follow-up generation divides, this needs the complexity of O (N) in the worst cases.To sum up, under worst-case, the complexity of MinDp is O (kN 2).Should be noted, in reality, occur above-mentioned worst-case hardly, and often or just | V (G α, β) | be O (N), or the voronoi cell number that just l passes is O (N), both only account for one, therefore total complexity is only O (kN).Finally what is particularly worth mentioning is that, the size of P (D) is obviously O (k).
In more detail, available C Plus Plus realizes above-mentioned MinDp method.In the experiment of this realization, Qhull storehouse is used to carry out voronoi division to data set D; Up-to-date Crypto++ storehouse is used to encrypt.The carrying out of testing subsequently is on the Linux machine that is configured to Intel Xeon 3.07GHz CPU, 8GB internal memory.
For two-dimentional Outsourced database D, during experiment, concrete data set employs ten million data point of sampling from California, USA (CA) and Texas (TX) as raw data set, and these data are all from OpenStreetMap project.In CA and TX data centralization, each random selecting 2,000,000 data point as maximum experimental data collection Dmax, and defines the data set of small-scale based on Dmax.What need special one to carry here is, when changing data set size to test the extensibility of the division methods of the present embodiment, can guarantee the subset of small data set always large data sets, be that concrete data point changes the impact brought in D like this, thus monounsaturated monomer reveals | the impact of D|.
As follows to the default setting of the involved parameter of experiment: | D|=106, k=625(|D|, k are respectively the number of data point and last number of partitions); The number acquiescence of data point uses the data from CA; Use AES encryption algorithm to be encrypted, its key size and block size are 256 bits.Here need special one to carry, after testing other cryptographic algorithm, find that the performance of different cryptographic algorithm on the present embodiment forms impact hardly.Therefore any safe public keys or symmetric key encryption algorithm all can be used for realizing the present embodiment, and different cryptographic algorithm realize the present embodiment performance all can by description of test.Finally bright, in all experiments, unless specifically stated otherwise, when certain parameter being studied as variable, other parameters are default value.
Specific experiment result is as follows:
1. pretreatment stage
At pretreatment stage, data main side need carry out dividing and encrypt two work, and they are all mainly by number of partitions k and data set size | the impact of D|.To be respectively shown in Fig. 5 a, 5b under different demarcation method k and | D| is on the impact of working time.Wherein, Fig. 5 a shows the time division cost (partition time) of MinDp method all with k linear increase.
What Fig. 5 b showed is size of data | D| changes (from 250,000 to 2,000,000) impact on time division cost.Although but MinDp method complexity is in the worst cases O (kN 2), but in reality (experiment), its processing time and N are also linear, this is because described worst-case, and--one cut-off rule intersects together with whole N number of voronoi cell---concentrates in real data and almost can not occur.In fact, in each step segmentation of MinDp, the voronoi cell number crossing with cut-off rule almost can think constant, and therefore their complexity can think O's (kN).
The division G (D) produced under MinDp method below=and G1 ..., the size of Gk} (carry out " filling up operation at random " front).Because the size of all divisions can increase to equally large with maximum division by filling up random bytes by " filling up operation at random ", therefore following two numerical value are most important for the performance of the division methods of assessment the present embodiment: the size of maximum division | G x| with (| G x|-| G i|) variance (i ∈ [1, k]).| G x| determine the storage cost of server end and the communication cost of each inquiry; (| G x|-| G i|) variance determine the cost filling up operation itself.In order to be presented to simple, intuitive in one drawing by these numerical value, Fig. 6 a, 6b respectively illustrate the mean value dividing size (avg partition size), maximal value | G x|=max i ∈ [1, k]| G i| and minimum value | G y|=min i ∈ [1, k]| G i| with parameter k and | the situation of change of D|.
Finally, as shown in Fig. 6 a, 6b, MinDp method, the mean value of its division size and maximal value increase with k and successively decrease.
Below by Fig. 7 a, 7b total run time (totalrunning time) in pretreatment stage MinDp method.So-called total run time, concrete containing divide and encryption two steps time (voronoi time division and " filling up operation at random " time are also included, but their relatively divide and encryption times smaller).In Fig. 7 a, 7b, also add the pretreatment time of described Send-D method to do reference, the pretreatment time of Send-D method is exactly D is regarded as the time that an entirety is encrypted.
In addition, from Fig. 7 a, 7b, T.T. of MinDp method pretreatment stage with k or | it is all linear increase that D| increases.
The size of the final E (D) produced again, this affects server end storage cost and the data master key factor to server communication cost.Cross after filling up operation at random, each division is provided with the size identical with maximum division, therefore, | E (D) |=k|E (Gx) |=k|E (Gi) | (i ∈ [1, k]).
Under Fig. 8 a, 8b respectively illustrate MinDp method | E (D) | (size of E (D)) with k or | the situation of D| change.Be similar to the discussion for Fig. 7 a, 7b, also the size of D and the size (i.e. the cost of Send-D) that D is integrally encrypted the E (D) obtained added in Fig. 8 a, 8b to do reference.Obviously, in MinDp method the size of E (D) with k or | it is all linear increase that D| increases.E (D) size that Send-D is corresponding also with | D| linear increase, but has nothing to do with k.Nature, relatively directly transmit the plaintext of Outsourced database D itself, MinDp method can introduce the communication cost of data master to server and the storage cost of server end.
The storage cost that data user holds is the size depending on P (D), and this cost is O (k) in MinDp method.Due to the number at k relative number strong point | much smaller D| (one is comprised to the data set of millions of points, be partitioned into a hundreds of division namely enough), therefore above-mentioned storage cost is almost negligible.
Finally need statement, observe in an experiment and use which kind of data set (CA data set or TX data set) to the experimental result difference that almost has nothing obvious, therefore for simplicity, the experimental result on TX data set is not discussed here.
2. query processing cost
First, to arbitary inquiry point q, adopt method of the present invention, the communication cost that server is held to data user only depends on | E (G j) |.But as the above-mentioned analysis to Fig. 8 a, 8b result, owing to having carried out filling up operation at random, therefore each division has had identical size, and | E (G i) |=| E (D) |/k(i ∈ [1, k]).On the contrary, in Send-D method, server to the communication cost that data user holds is exactly the size to the encryption of data set D entirety, namely | and E (D as one message) |.Therefore, although | E (D as one message) | generate than MinDp method | E (D) | much smaller (as shown in Fig. 8 a, 8b), as shown in Fig. 9 a, 9b, the query communication cost (query communication) that in method of the present invention, server is held to data user is still more much smaller than Send-D.
Below, then data user's query processing cost of holding.Each experiment, has carried out 100 inquiries all at random, has then obtained the average handling time of the MinDp method as shown in Figure 10 a, 10b.The query time (query time) that Figure 10 a shows MinDp method increases with k and successively decreases, and this is obviously diminish because k increase result in division.Compare Send-D, the performance of MinDp method is far better.Shown in Figure 10 b, and work as | when D| increases, the query time linear increase all thereupon of MinDp.
Efficiency of algorithm of the present invention comprises the space-time cost of pretreatment stage and the Query Cost of inquiry phase, and the space-time cost of described pretreatment stage comprises time cost and storage cost, and the Query Cost of inquiry phase comprises time cost and communication cost:
Time cost when 1.SVD algorithm carries out pre-service is mainly reflected in following three stages:
(1) the voronoi figure of D is obtained;
(2) D is divided;
(3) E (D) is generated.
For the Outsourced database of a peacekeeping two dimension, the cost in stage (1) is O (NlogN).
And in (2) stage (dividing D), under one dimension situation, after data being carried out to sequence, required quantile can be obtained by once traveling through obviously, therefore the cost in stage 2 is also O (NlogN); Under two-dimensional case, the cost in this stage depends on the division methods selected by us.The cost of MinDp method is respectively O (kN).
The stage cost of (3) is linear with encryption expenses.To suppose by cryptographic algorithm E to the cost that information m is encrypted to be e (m); Because the size of each division increases to maximum by " filling up operation at random ", the time complexity that therefore can generate E (D) is O (ke (| Gx|b)), wherein G x = arg max G i &Element; G ( D ) | G i | .
2. the storage cost of pretreatment stage
The storage cost of server end is | E (D) | and, be O (k|E (Gx) |).
The space of storage cost shared by P (D) and index i of data user's end.For most index structure (as kd tree, R tree, Kd-Trees etc.) of the same type, the size of i and | P (D) | linear correlation, therefore the storage cost of data user's end is O (| P (D) |); As for P (D), under one dimension situation, P (D) only contains (k-1) individual numerical value, therefore | P (D) |=k-1; Under two-dimensional case, | P (D) | determined by selected division methods.MinDp method | P (D) | be O (k) respectively.
3. the Query Cost of inquiry phase
The time cost of inquiry phase is mainly reflected in two ends: data user's end and server end.Wherein, data user need search by the index i of P (D) B comprising query point q i∈ P (D), wherein any B iall that the d surrounded by the limit being parallel to coordinate axis ties up (one to three-dimensional) grid; Owing to ensureing that any two grid in P (D) can not intersect, and a grid must be had to comprise q, therefore this search actual be one export size be that 1(result has and only has one) typical case's " some position enquiring " process; Under a two-dimensional case, the cost of above process is only O (logk).
At server end, given request E (g (j)) of data user, server just finds E (Gj) by inquiry Hash table T, and this process is O (1).
Single communication cost in system is | E (D) | with | P (D) |, this can draw the discussion of storage cost naturally by above us.Inquiry communication cost be | E (g (j)) |+| E (Gj) |, or | E (g (j)) |+| E (Gx) |, or | E (g (j)) |+| E (Gj) |/k.
In security of the present invention, because data user in the present embodiment is only E (D)={ (E (g (1)), E (G1)), ..., (E (g (k)), E (Gk)) } send server to, and in query processing process, only have E (g (j)) to be visible to server, we can demonstrate,prove to obtain following theorem 1 thus.
Theorem 1. supposes that E is that certain is proved to be safe cryptographic algorithm in standard security model M (e.g., IND-CPA), and so in M, svd algorithm and E have identical security.
Prove: in whole processing procedure, server can only see the E (D) from data master and E (g (the j)) random series from data user, therefore, server can only recognize division number k.Because " filling up operation at random " ensure that | E (G j) |=| E (G i) | (i ≠ j), if E is safe in M, so obviously, server can not be recognized about dividing G arbitrarily iboundary information.Moreover, because random Harsh function g:[1, N] → Z +not known to server, therefore server can not restore original index value i when only given E (g (j)), also namely, (E (g (i), E (G in server there is no telling E (D) i)) right index value i.
By step S31, step S9 and step S10, can k be made easily transparent to server.
To sum up, when the present embodiment can carry out K-NN search in data user is to the Outsourced database that server stores, server cannot be known and guarantee data security data, the query point of data user and the Query Result of arest neighbors in Outsourced database.
As shown in figure 11, the present invention also provides another kind of and divides based on minimal redundancy and the safe nearest neighbor system of random number, comprises data master 1, data user 2 and server 3.
Data master 1, for given described parameter k, generate the voronoi figure comprising all True Data points of Outsourced database, wherein, the byte number of each True Data point is identical, the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database, according to parameter k, described voronoi figure is partitioned into k division, record each border dividing correspondence, wherein, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, the primary straight line being parallel to Y-coordinate axle of described data constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter k, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k, in described voronoi figure, add the individual division of k ' at random, and add virtual data point respectively in the individual division of k ', record each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer, obtain in all divisions the byte number of the division comprising the most multiple True Data point or virtual data point as most long word joint number, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number, according to the hash function preset, corresponding index is set up to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores, described data user is sent to store all corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and described hash functions of dividing,
Data user 2, for given described parameter k, determine true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server; According to described decipherment algorithm, the division comprising described true query point after the encryption received is decrypted, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the data point of the arest neighbors of described true query point; Determine pseudo-query point, the border of the correspondence of the division comprising described virtual query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described virtual query point is sent to server;
Server 3, for sending the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user; The division comprising described pseudo-query point after corresponding encryption is sent to described data user according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received.
In sum, the present invention comprises the voronoi figure of all True Data points of Outsourced database by the main generation of data, wherein, the byte number of each True Data point is identical, the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database, data user or the main given parameters K of data, described voronoi figure is partitioned into k division according to described parameter k by data main root, record each border dividing correspondence, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, wherein, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, with the straight line being parallel to Y-coordinate axle constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k, data master adds the individual division of k ' at random in described voronoi figure, and adds virtual data point respectively in the individual division of k ', records each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer, the byte number of the division of the most multiple True Data point or virtual data point is comprised as most long word joint number in all divisions of the main acquisition of data, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number, data main root sets up corresponding index according to the hash function preset to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores, all corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and the described hash functions of dividing of data chief commander send to described data user to store, described data user determines true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server, described server sends the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user, the division comprising described true query point after the encryption received is decrypted according to described decipherment algorithm by described data user, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the True Data point of the arest neighbors of described true query point, described data user determines pseudo-query point, the border of the correspondence of the division comprising described virtual query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described virtual query point is sent to server, described server sends the division comprising described pseudo-query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received to described data user., when can carry out K-NN search in data user is to the Outsourced database that server stores, server cannot be known and guarantees data security data, the query point of data user and the Query Result of arest neighbors in Outsourced database.
In this instructions, each embodiment adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar portion mutually see.For system disclosed in embodiment, owing to corresponding to the method disclosed in Example, so description is fairly simple, relevant part illustrates see method part.
Professional can also recognize further, in conjunction with unit and the algorithm steps of each example of embodiment disclosed herein description, can realize with electronic hardware, computer software or the combination of the two, in order to the interchangeability of hardware and software is clearly described, generally describe composition and the step of each example in the above description according to function.These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can use distinct methods to realize described function to each specifically should being used for, but this realization should not thought and exceeds scope of the present invention.
Obviously, those skilled in the art can carry out various change and modification to invention and not depart from the spirit and scope of the present invention.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.

Claims (2)

1. divide and the safe nearest neighbor method of random number based on minimal redundancy, it is characterized in that, comprising:
The main generation of data comprises the voronoi figure of all True Data points of Outsourced database, wherein, the byte number of each True Data point is identical, and the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database;
Data user or the main given parameters k of data, described voronoi figure is partitioned into k division according to described parameter k by data main root, record each border dividing correspondence, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, wherein, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, with the straight line being parallel to Y-coordinate axle constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k,
Data master adds the individual division of k ' at random in described voronoi figure, and adds virtual data point respectively in the individual division of k ', records each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer;
The byte number of the division of the most multiple True Data point or virtual data point is comprised as most long word joint number in all divisions of the main acquisition of data, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number;
Data main root sets up corresponding index according to the hash function preset to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores;
All corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and the described hash functions of dividing of data chief commander send to described data user to store;
Described data user determines true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server;
Described server sends the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user;
The division comprising described true query point after the encryption received is decrypted according to described decipherment algorithm by described data user, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the True Data point of the arest neighbors of described true query point;
Described data user determines pseudo-query point, the border of the correspondence of the division comprising described pseudo-query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described pseudo-query point is sent to server;
Described server sends the division comprising described pseudo-query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received to described data user.
2. divide and the safe nearest neighbor system of random number based on minimal redundancy, it is characterized in that, comprising:
Data master, for given parameters k, generates the voronoi figure comprising all True Data points of Outsourced database, wherein, the byte number of each True Data point is identical, and the number of the True Data point in Outsourced database is N, N is positive integer, and described Outsourced database is one to three-dimensional Outsourced database, according to parameter k, described voronoi figure is partitioned into k division, record each border dividing correspondence, wherein, each division is mutually disjointed, the data point part that different demarcation comprises repeats or does not repeat completely, k is more than or equal to 1 and is less than or equal to N, when described Outsourced database is one dimension Outsourced database, the border of each division is the perpendicular bisector between two adjacent True Data points, when described Outsourced database is two-dimentional Outsourced database, the border of each division is the grid surrounded by the straight line parallel with Y-coordinate axle with the X-coordinate axle of described voronoi figure, the primary straight line being parallel to Y-coordinate axle of described data constantly split current maximum division and with the adjacent division on the described maximum straight line being divided in same parallel Y-coordinate axle, or constantly split current maximum division with the straight line of parallel X-coordinate axle and with the adjacent division on the described maximum straight line being divided in same parallel X-coordinate axle to generate described grid, until the number of division in voronoi figure is more than or equal to described parameter k, wherein, during each segmentation, the polygonal summit passed straight through in voronoi figure making to be parallel to the straight line of Y-coordinate axle or parallel X-coordinate axle is maximum, when the number divided is greater than described parameter k, by the mode progressively merging minimum division, the number of the division in voronoi figure is reduced to described parameter k, in described voronoi figure, add the individual division of k ' at random, and add virtual data point respectively in the individual division of k ', record each border dividing correspondence, wherein, each division is mutually disjointed, and the virtual data point part that different demarcation comprises repeats or do not repeat completely, and k ' is positive integer, obtain in all divisions the byte number of the division comprising the most multiple True Data point or virtual data point as most long word joint number, in each other except comprising the division of the most multiple True Data point or virtual data point divides, add random bytes, make each byte number that other divides except comprising the division of the most multiple True Data point or virtual data point equal described in most long word joint number, according to the hash function preset, corresponding index is set up to each border, and according to a cryptographic algorithm preset, index corresponding to all divisions after encryption and all with corresponding border thereof is sent to server stores, data user is sent to store all corresponding border, the decipherment algorithm corresponding with described cryptographic algorithm and described hash functions of dividing,
Data user, determine true query point, the border of the correspondence of the division comprising described true query point is determined according to described true query point, obtain the corresponding index with the corresponding border of the division comprising described true query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described true query point is sent to server; According to described decipherment algorithm, the division comprising described true query point after the encryption received is decrypted, obtain the division comprising described true query point, and from the division comprising described true query point, obtain the True Data point of the arest neighbors of described true query point; Determine pseudo-query point, the border of the correspondence of the division comprising described pseudo-query point is determined according to described pseudo-query point, obtain the corresponding index with the corresponding border of the division comprising described pseudo-query point according to described hash function, and the index of the correspondence comprising the border of the correspondence of the division of described pseudo-query point is sent to server;
Server, for sending the division comprising described true query point after corresponding encryption according to the index comprising the correspondence on the border of the correspondence of the division of described true query point received to described data user; The division comprising described pseudo-query point after corresponding encryption is sent to described data user according to the index comprising the correspondence on the border of the correspondence of the division of described pseudo-query point received.
CN201210466535.9A 2012-11-16 2012-11-16 Divide and the safe nearest neighbor method and system of random number based on minimal redundancy Expired - Fee Related CN102968477B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210466535.9A CN102968477B (en) 2012-11-16 2012-11-16 Divide and the safe nearest neighbor method and system of random number based on minimal redundancy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210466535.9A CN102968477B (en) 2012-11-16 2012-11-16 Divide and the safe nearest neighbor method and system of random number based on minimal redundancy

Publications (2)

Publication Number Publication Date
CN102968477A CN102968477A (en) 2013-03-13
CN102968477B true CN102968477B (en) 2015-10-21

Family

ID=47798615

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210466535.9A Expired - Fee Related CN102968477B (en) 2012-11-16 2012-11-16 Divide and the safe nearest neighbor method and system of random number based on minimal redundancy

Country Status (1)

Country Link
CN (1) CN102968477B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285670B (en) * 2021-12-31 2022-11-15 安徽中科锟铻量子工业互联网有限公司 Internet of things gateway data encryption communication method based on quantum random number key
CN117349898B (en) * 2023-12-05 2024-03-08 中国电子科技集团公司第十研究所 Ciphertext K neighbor query method and system with hidden access mode

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102073689A (en) * 2010-12-27 2011-05-25 东北大学 Dynamic nearest neighbour inquiry method on basis of regional coverage

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7426752B2 (en) * 2004-01-05 2008-09-16 International Business Machines Corporation System and method for order-preserving encryption for numeric data

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102073689A (en) * 2010-12-27 2011-05-25 东北大学 Dynamic nearest neighbour inquiry method on basis of regional coverage

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Processing Private Queries over Untrusted Data Cloud through Privacy Homomorphism;Haibo Hu等;《ICDE Conference 2011》;20111231;第601-612页 *
Reverse Furthest Neighbors in Spatial Databases;Bin Yao等;《IEEE International Conference on Data Engineering》;20091231;第664-675页 *
基于空间填充曲线网格划分的最近邻查询算法;徐红波等;《计算机科学》;20100131;第37卷(第1期);第184-189页 *

Also Published As

Publication number Publication date
CN102968477A (en) 2013-03-13

Similar Documents

Publication Publication Date Title
CN102945281B (en) Based on the method and system of the safe nearest neighbor that maximum data block divides
US11973889B2 (en) Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption
CN102930051B (en) Based on the method and system of isometric division with random safe nearest neighbor of filling
Li et al. Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data
Liu et al. Toward highly secure yet efficient KNN classification scheme on outsourced cloud data
Orencik et al. A practical and secure multi-keyword search method over encrypted cloud data
Su et al. Privacy-preserving top-k spatial keyword queries in untrusted cloud environments
Andola et al. Searchable encryption on the cloud: a survey
Liu et al. Accurate range query with privacy preservation for outsourced location-based service in IOT
Ye et al. Secure and efficient outsourcing differential privacy data release scheme in cyber–physical system
CN104967693A (en) Document similarity calculation method facing cloud storage based on fully homomorphic password technology
Tong et al. Privacy-preserving ranked spatial keyword query in mobile cloud-assisted fog computing
Cui et al. Secure range query over encrypted data in outsourced environments
CN102968475B (en) Secure nearest neighbor query method and system based on minimum redundant data partition
CN102882933B (en) A kind of encryption cloud storage system
CN102999594B (en) Based on the safe nearest neighbor method and system of maximum division and random data block
Wang et al. Forward/backward and content private DSSE for spatial keyword queries
Cui et al. Secure boolean spatial keyword query with lightweight access control in cloud environments
Wang et al. QuickN: Practical and secure nearest neighbor search on encrypted large-scale data
Meng et al. Verifiable spatial range query over encrypted cloud data in VANET
CN102968477B (en) Divide and the safe nearest neighbor method and system of random number based on minimal redundancy
CN102945282B (en) Based on the method and system of the safe nearest neighbor of isometric Data Placement
Talha et al. Enhancing confidentiality and privacy of outsourced spatial data
Sheng et al. Verifying correctness of inner product of vectors in cloud computing
Modak et al. Privacy preserving distributed association rule hiding using concept hierarchy

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20151021

Termination date: 20181116

CF01 Termination of patent right due to non-payment of annual fee