Security and Privacy

Query Authentication and Assurance

The popularity of mobile social networking services (mSNSs) is propelling more and more businesses, especially those in retailing and marketing, into mobile and location-based forms. To address the trustworthy issue, the service providers are expected to deliver their location-based services in an authenticatable manner, so that the correctness of the service results can be verified by the client. However, existing works on query authentication cannot preserve the privacy of the data being queried, which are sensitive user locations when it comes to location-based services and mSNSs.
Selected Publications:

  • Q. Chen, H. Hu, and J. Xu. “Authenticating Top-k Queries in Location-based Services with Confidentiality.” Proc. of the VLDB Endowment (PVLDB ’14), 49-60.
  • X. Lin, J. Xu, H. Hu, and W.-C. Lee. “Authenticating Location-Based Skyline Queries in Arbitrary Subspaces.” IEEE Transactions on Knowledge and Data Engineering (TKDE), 26(6): 1479-1493, June 2014.
  • H. Hu, J. Xu, Q. Chen, and Z. Yang. “Authenticating Location-based Services without Compromising Privacy.” Proc. of the 2012 ACM SIGMOD International Conference on Management of Data, pp. 301 – 312.

Externally Funded Projects:

  • Spatio-Temporal Attestation for Location-based Services Using Private Signatures (RGC/GRF, HKBU 210612, 2012-2015, HK$ 690,000)
  • Privacy-Conscious Query Authentication for Outsourced and Cloud Databases (RGC/GRF, HKBU 210811, 2011-2013, HK$ 792,500)

Privacy-aware Computing

Location-based services (LBS) provide location-related information to users. However, to enjoy these LBS services the user must explicitly expose his/her accurate location to the service provider, who might abuse such information or even trade it to unauthorized parties. As public concern for privacy protection are getting stronger, we need to address the privacy issue while still maintaining good quality of services. A typical solution is location cloaking, which blurs the user location and replaces it with a cloaked region to satisfy some privacy metric like k-anonymity (at least k users share the same region so that they are indistinguishable).
Selected Publications:

  • H. Hu, J. Xu, X. Xu, K. Pei, B. Choi, and S. Zhou. “Private Search on Key-Value Stores with Hierarchical Indexes”,Proc. of the 30th IEEE International Conference on Data Engineering (ICDE ’14), Chicago, IL, USA, April 2014, pp 628-639.
  • H. Li, H. Hu, J. Xu. “Nearby Friend Alert: Location Anonymity in Mobile Geo-Social Networks”. IEEE Pervasive Computing, 12(4): 62-70, 2013.
  • H. Hu, J. Xu, C. Ren, and B. Choi. “Processing Private Queries over Untrusted Data Cloud through Privacy Homomorphism.” Proc. of the 27th IEEE International Conference on Data Engineering (ICDE ’11), pp. 601 – 612.
  • H. Hu and J. Xu. “Non-Exposure Location Anonymity.” Proc. the 25th IEEE Int. Conf. on Data Engineering (ICDE ’09), Shanghai, China, pp. 1120-1131.
  • H. Hu, J. Xu, S. T. On, J. Du, and K. Y. Ng. “Privacy-Aware Location Data Publishing”. ACM Transactions on Database Systems (TODS), 35(3), July 2010.
  • H. Hu and J. Xu. “2PASS: Bandwidth-Optimized Location Cloaking for Anonymous Location-Based Services.” IEEE Transactions on Parallel and Distributed Systems (TPDS), 21(10): 1458-1472, October 2010.
  • H. Hu, J. Xu and D. L. Lee. “PAM: An Efficient and Privacy-Aware Monitoring Framework for Continuously Moving Objects.” IEEE Transactions on Data and Knowledge Engineering (TKDE), 22(3): 404-419, March 2010.

Externally Funded Projects:

  • Incognito Browsing of Spatial-Temporal Data Using Computational Private Information Retrieval (RGC/GRF, 12200914, 2014-2017, HK$ 692,894)