"This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5)."
The embedding of positioning capabilities (e.g., GPS) in mobile devices facilitates the emergence of location-based services (LBS), which is considered as the next "killer" application in the wireless data market. Location-based services allow clients to query an LBS provider in a ubiquitous manner, in order to retrieve detailed information about points of interest (POIs) in their vicinity. However, for such applications to succeed, privacy and trust are essential. To this end, this project will focus on two separate tracks. First, due to the increasing popularity of the database outsourcing model, the LBS provider may not be the real owner of the data. Consequently, it must prove to the client that (i) the data originated from the data owner (authenticity) and (ii) the result set is correct and complete (integrity). In this project, the PI will address the above issues, and design efficient algorithms, based on digital signatures and public-key cryptography, for authenticating several types of spatial queries in outsourced databases.
Second, similar to every other online activity (e.g., web surfing, online purchases, etc.), location-dependent queries may disclose sensitive information about an individual's health, lifestyle, habits, political/religious affiliations, etc. Therefore, hiding the client's location from the LBS provider is of paramount importance for building private mobile computing applications. The PI will utilize the theoretical work on Private Information Retrieval (PIR) to design efficient algorithms that support a wide range of private location-dependent queries. The results of this research will be applied to the effective teaching of both undergraduate and graduate students, by (i) creating new courses on database security, and (ii) involving undergraduate and underrepresented students in research through a number of projects.
