VP2RQ:EfficientVerifiablePrivacy-PreservingRangeQueryProcessinginTwo-tieredWirelessSensorNetworks资源-CSDN文库

187 浏览量 2021-02-21 23:01:11 上传评论收藏 854KB PDF 举报

VP2RQ:Efficient Verifiable Privacy-Preserving Range Query Processing in Two-tieredWireless Sensor Networks 在无线传感网络（WSNs）领域，安全范围查询技术一直是一个挑战性问题。尤其是在两级无线传感器网络中，提出了一种基于桶划分、信息身份认证和校验码融合的可验证隐私保护范围查询处理方法。该方法在数据收集过程中，每个传感器节点根据桶划分策略将收集到的数据放入相应的桶中，对非空桶进行加密，为已加密的桶生成校验码，并将校验码与加密后的桶一起提交给父节点，直至这些数据送达存储节点。在查询处理期间，基站将查询范围转换为感兴趣的桶标签集，并发送到存储节点。存储节点确定候选的加密桶，通过代码融合生成校验码，并将它们发送到基站。基站获得查询结果并使用校验码验证结果的完整性。理论分析和实验结果均表明，可验证隐私保护范围查询能够保护传感器数据、查询结果和查询范围的隐私，同时支持查询结果的完整性验证。与其他现有方法相比，可验证隐私保护范围查询在通信成本上有更好的性能。关键词：两级无线传感器网络、隐私保护、完整性验证、范围查询、桶划分引言部分提到，随着互联网技术、云计算、图像识别和视频处理等新兴技术的快速发展，无线传感器网络作为物联网技术中的关键技术之一，已被广泛应用于各个领域。隐私保护在这些应用中至关重要，因为网络中传输的敏感数据可能会受到未经授权的访问和使用，导致严重的安全问题和隐私泄露。为了保证数据的安全性和用户隐私，就需要研究高效的隐私保护范围查询技术。文章中提到的桶划分是一种数据组织技术，它允许将数据集按某种规则分配到多个桶（或容器）中。通过这种方式，数据被分组和存储，使得查询可以更加高效和安全地执行。在加密桶内数据时，采用了加密技术来保护数据的机密性。对于那些空桶，虽然它们不包含实际的数据，但生成校验码的目的是为了确保数据的完整性，即保证数据没有在传输过程中被篡改。信息身份认证是一种安全机制，用于验证数据在存储或传输过程中的真实性，确保数据是由合法的传感器节点发送的，未经篡改。检查码融合则是将多个校验码合并成一个综合校验码，用于在数据查询时快速验证数据的完整性和一致性。在该论文的研究中，一个完整的查询处理流程包括数据收集、数据加密、数据发送、查询转换、查询结果获取和结果验证等多个步骤。而在实验结果中，作者对比分析了提出的查询处理方法与现有技术的性能，尤其是在通信成本上取得的改进。该研究的理论分析部分详细探讨了所提出方法的安全性、隐私保护和完整性验证等关键技术特性。而实验结果部分则通过具体的性能指标，如通信成本、处理时间等，展示了该方法相比现有技术的效率和实用性。该研究的结论强调了安全、隐私保护和效率是实现可靠无线传感网络应用所必须综合考虑的因素，并指出了未来研究可能的发展方向，如对更复杂场景和更多样化数据类型的支持。

资源推荐

资源详情

资源评论

Special Issue

International Journal of Distributed

Sensor Networks

2016, Vol. 12(11)

Ó The Author(s) 2016

DOI: 10.1177/1550147716675627

ijdsn.sagepub.com

RQ: Efficient verifiable

privacy-preserving range query processing

in two-tiered wireless sensor networks

Hua Dai

, Qingqun Ye

,XunYi

, Ruiliang He

, Geng Yang

and Jinji Pan

Abstract

In the field of wireless sensor networks, the secure range query technique is a challenging issue. In two-tiered wireless

sensor networks, a verifiable privacy-preserving range query processing method is proposed that is based on bucket par-

tition, information identity authentication, and check-code fusion. During the data collection process, each sensor node

puts its collected data into buckets according to the bucket partition strategy, encrypts the non-empty buckets, gener-

ates the check-codes for the empty buckets, and fuses them. Then, the check-codes and the encrypted buckets are sub-

mitted to the parent node until they reach the storage node. During query processing, the base station converts

the queried range into the interested bucket tag set and sends it to the storage node. The storage node determines the

candidate-encrypted buckets, generates the check-code through code fusion, and sends them to the base station. The

base station obtains query results and verifies the completeness of the result with the check-code. Both the theoretical

analysis and experimental results show that verifiable privacy-preserving range query is capable of protecting the privacy

sensor data, query result, and query range, which also supports the completeness verification of the query result.

Compared to existing methods, verifiable privacy-preserving range query performs better on communication cost.

Keywords

Two-tiered wireless sensor networks, privacy-preserving, completeness verification, range query, bucket partition

Date received: 5 May 2016; accepted: 22 September 2016

Academic Editor: Pardeep Kumar

Introduction

In recent years, the emerging technologies such as

Internet of things (IoT) technology, cloud computing,

1–4

image recognition,

5,6

and video processing

7,8

have

developed rapidly. The wireless sensor networks

(WSNs), as one of key technology in IoT technology,

have been widely applied in various fields, such as bat-

tlefield surveillance, environment monitoring, and

health monitoring. Based on the traditional multi-hop

sensor network, the two-tiered WSN

introduced the

storage node (S

) as the intermediate; the architecture

of its model is shown in Figure 1, in which the calcula-

tion, storage, and energy resources of the S

are suffi-

cient, and it is responsible for collecting and storing the

data from the adjacent sensor nodes and executing the

query request from the base station (BS). Due to lim-

ited resources, the sensor node is only in charge of col-

lecting data and sending it to the adjacent S

. The

advantages of two-tiered WSNs mainly include the fol-

lowing: the sensor node only needs to submit the data

School of Computer Science & Technology, Nanjing University of Posts

and Telecommunications, Nanjing, China

School of Computer Science and Information Technology, RMIT

University, Melbourne, VIC, Australia

School of Computer and Software, Nanjing University of Information

Science & Technology, Nanjing, China

Corresponding author:

Hua Dai, School of Computer Science & Technology, Nanjing University

of Posts and Telecommunications, Nanjing 210013, China.

Email: daihua@njupt.edu.cn

Creative Commons CC-BY: This article is distributed under the terms of the Creative Commons Attribution 3.0 License

(http://www.creativecommons.org/licenses/by/3.0/) which permits any use, reproduction and distribution of the work without

further permission provided the original work is attributed as specified on the SAGE and Open Access pages (http://www.uk.sagepub.com/aboutus/

openaccess.htm).

to the adjacent S

, which can reduce the transmission

energy consumption and extend the lifetime; the data

are stored in the S

, and the sensor node does not need

to store the data, which can reduce the manufacturing

cost of the node; when the query command is executed

at the BS, it only needs to communicate with the S

which can improve the execution efficiency of query

processing (QP).

9,10

The development and application of WSNs face vari-

ous security threats, including disclosure of privacy and

compromised data. Security problems are particularly

more prominent in two-tiered WSNs because the S

not only stores a large amount of sensor data but also

executes the query request from the BS, and due to the

importance of its location, it is a primary target. Once

the S

is compromised, the attacker can use the S

spy on the data privacy in the network, for example,

illegally obtain sensor data, QP results, and the query

intentions of upper-layer user or application. In addi-

tion, the attacker can also use the S

to tamper with or

falsify query results and data to mislead or disturb the

upper-layer application or decision. Therefore, studying

secure data QP technology with privacy protection and

query result completeness verification has important

realistic significance for two-tiered wireless networks.

Due to the universal application of range queries

among current studies of QP technology for two-tiered

WSNs, range QP technology with privacy-preserving

and query result completeness verification has attracted

a great deal of attention.

11–22

However, current studies

show deficiencies in terms of network communication

cost, although the communication cost directly impacts

the lifetime and application costs of the entire network.

The objective of this article is to protect the privacy of

sensor data, query results, and the query range and to

verify the completeness of query results in two-tiered

WSNs; thus, a verifiable privacy-preserving range query

(VP

RQ) method based on bucket partition is proposed

in this article.

The main contributions of this article include the

following: (1) by introducing bucket partitioning and

symmetric encryption technology, plaintext data can be

hidden in encrypted buckets, and the Hash-based mes-

sage authentication coding (HMAC) method can be

used to build the check-code information that supports

the completeness verification of the query result; (2)

during the process in which the sensor node uploads

data to the S

, fusion processing of the check-code is

conducted in accordance with the bucket tag to reduce

the communication cost of data. Thus, data collection

(DC) protocol and QP-protocol are proposed to realize

the VP

RQ; (3) under this protocol framework, efforts

are made to analyze the privacy security, query result

verifiability, and network communication cost of the

RQ method; and (4) experimental comparison and

analysis are also conducted by comparing this method

with the existing technology and methods from the per-

spective of the communication cost of the sensor node

within the cell and the communication cost between the

and BS. The theoretical analysis and experiment

results show that compared with existing methods,

RQ has better performance in terms of communi-

cation cost efficiency.

In section ‘‘Related works’’ of this article, related

studies are introduced. Related models and problem

description are provided in section ‘‘Models and prob-

lem statement,’’ and the bucket partition method is

introduced in section ‘‘Bucket partition mechanism.’’ In

section ‘‘VP

RQ protocols,’’ the specific protocol con-

tent of VP

RQ is provided, and analysis of the security

and communication cost is conducted. The experimen-

tal results and analyses are presented in section

‘‘Performance evaluation,’’ and the article is summar-

ized in section ‘‘Conclusion.’’

Related works

Researches on the secure range query technologies for

two-tiered WSNs mainly include the following two

types:

1. Secure range queries

11–13

based on the bucket

partition.

23,24

These methods rely on same

assumption: sensor nodes and the BS share the

bucket partition strategy; that is, the mapping

relation between the partitioned bucket intervals

and the random tags is shared by the sensor

nodes and BS and is unknown to the S

. The

randomness of tags ensures the security of the

bucket partition strategy. In Sheng and Li,

the

bucket partition is first introduced in the

RQ method, denoted as S&L. In S&L, sen-

sor nodes put their collected data into buckets

according to the bucket partition strategy. For

any bucket, if it is empty, a code is generated;

otherwise, the bucket is encrypted. Then, the

Figure 1. Model of two-tiered wireless sensor network.

2 International Journal of Distributed Sensor Networks

encrypted buckets and codes are submitted to

the S

. When the BS applies a range query, it

determines the smallest bucket set covered by

the queried range and then sends the corre-

sponding bucket tags as the query command to

the S

.And,theS

returns the corresponding

encrypted data and codes to the BS in accor-

dance with the bucket tags in the query com-

mand. Finally, the BS obtains the query result

by decrypting the encrypted data and verifies

the completeness of the query result using the

received codes. Because S&L requires generat-

ing one code for each empty bucket and trans-

ferring it to the S

, with the increase in the

number of empty buckets, the communication

cost of the sensor nodes rapidly grows in large-

scale sensor networks. To reduce the communi-

cation cost of sensor nodes, an optimized

method (denoted as NSC) based on a spatial–

temporal crosscheck is proposed in Shi et al.

12,13

This method uses the bitmap index to replace

the codes in S&L, so that the communication

cost of the sensor node is saved; however, the

communication cost between the S

and BS is

higher than that in S&L.

2. Secure range queries based on secure compari-

son.

14–22

The basic idea of these methods is that

the sensor nodes encrypt their collected data

and generate the corresponding secure-compar-

ing-codes, which can be used to compare the

encrypted data. The encrypted data and the cor-

responding secure-comparing-codes are

uploaded to the S

. When the BS processes a

range query, it first transforms the queried

range into the secure-comparing-codes and then

sends them to the S

as a query command.

Then, the S

can determine the qualified

encrypted data that satisfy the query range by

performing the secure comparison scheme

between the corresponding secure-comparing-

codes, and the S

returns the qualified

encrypted data to the BS. After decryption, the

BS can obtain the query result. In Chen and

Liu,

14,15

a secure range query method named

SafeQ is proposed based on the prefix member-

ship verification (PMV)

25,26

mechanism. SafeQ

utilizes the PMV coding technique, which can

realize the secrete comparison between the col-

lected data and queried range without their

plaintext; in this way, SafeQ can determine

whether the corresponding encrypted data sat-

isfy the query range. To achieve the query result

completeness verification, SafeQ introduces the

neighborhood chain mechanism during data

encryption and adopts the Bloom-Filter

reduce the cost of the secure-comparing-codes.

In Bu et al.,

an efficient range query method

named SEF is proposed. Order-preserving sym-

metric encryption is employed in SEF to pre-

serve privacy. In addition, a novel data

structure called the Authenticity & Integrity tree

is proposed to preserve integrity, and the

NAND flash is used for the first time to achieve

high storage utilization and QP efficiency in this

article. In Tsou et al.,

a range query method

named EQ is proposed for protecting data pri-

vacy and completeness. The EQ method pre-

sents an order encryption mechanism by

adopting stream cipher to protect the privacy of

data and uses a data structure of the XOR-

linked list to verify the completeness of the

query result. In Nguyen et al.,

a novel model

based on a d-disjunct matrix, an order function,

and a permutation function is proposed to pre-

serve the privacy of sensitive data and the com-

pleteness of result. In Yi et al.,

a secure range

query protocol named QuerySec is proposed,

which uses the order-preserving function to real-

ize the secret comparison between the collected

data and the query range. By embedding

the link watermarking information into the

encrypted data block, QuerySec can realize the

completeness verification of the query result.

The performance evaluations of the QuerySec

show that it is more efficient in terms of com-

munication cost than SafeQ. ESRQ, which was

proposed in Zhang et al.,

also realizes an effi-

cient range query by adopting Bloom-Filter to

generate the encoding code for privacy-

preserving and completeness verification. An

extended version of ESRQ is provided in Zhang

et al.

that expands the focus on collusion

attacks on range queries in two-tiered WSNs.

To reduce the communication cost during the

query, secRQ is proposed in Dong et al.,

as it

has a very low false positive rate. secRQ adopts

generalized inverse matrices and the distance-

based range query mechanism to protect the

security of data and proposes a mutual verifica-

tion scheme to verify the completeness of the

query result.

Comparing secure range query methods (1) and (2),

we can observe the following: (1) in terms of security,

the former mainly depends on the bucket partition

strategy, while the latter depends on the complexity of

the secure comparison functions; (2) if the same encryp-

tion is adopted, the encrypted data produced by the

former are smaller than the latter; (3) in terms of

the communication cost of sensor nodes, which affects

the network lifetime, the former depends on the granu-

larity of bucket partition and the distribution of

Dai et al. 3

剩余14页未读，继续阅读

评论收藏

内容反馈

weixin_38732425

粉丝: 6
资源: 942

VP2RQ:Efficient Verifiable Privacy-Preserving Range Query Proces...

最新资源

VP2RQ:Efficient Verifiable Privacy-Preserving Range Query Proces...

Secure range query based on privacy-preserving function in two-tiered sensor networks

privacy preserving robust data aggregation in wireless sensor networks

d2rq-0.8.1.zip

PyPI 官网下载 | rq_exporter-1.0.1-py3-none-any.whl

五笔学习资料.doc

MTB020C04RQ8-VB一款N+P-Channel沟道SOP8的MOSFET晶体管参数介绍与应用说明

d2rq-0.8.1,tar.zip 下载

sql经典面试题 大家一起学习

Python库 | rq_retry_scheduler-0.1.0b6-py2.py3-none-any.whl

PyPI 官网下载 | rq-retry-scheduler-0.1.0b2.tar.gz

rqmonitor：基于Flask的更加动态和可操作的前端仪表板，用于监视RQ:laptop:http://python-rq.org

Python库 | django_rq_dashboard-0.3.2-py2.py3-none-any.whl

Python库 | django-rq-wrapper-1.2.macosx-10.11-x86_64.tar.gz

d2rq-master.zip

d2rq-0.8.1+jdbc-jar.zip

开利30RB RQ模块式 风冷涡旋冷水热泵机组.pdf

d2rq-0.8.1

free-rq-idea-mybatis-2020.12.18 (2).zip

ksoa与U8凭证对接相关字段赋值说明

D2RQ_to_R2RML:将 D2RQ 映射文档转换为 R2RML 映射文档的 Python 脚本

sco openserver安装系列序列号

Python库 | rq-dashboard-0.3.4.tar.gz

rq：记录查询-用于进行记录分析和转换的工具

django-rq-scheduler:数据库支持的作业调度程序，用于Django RQ和RQ Scheduler

D2RQ 下载 win和linux都有

rq-utils:rq-utils库的节点npm

PyPI 官网下载 | os-rq-scrapy-0.0.7.tar.gz

基于CORDIC的反正弦和反余弦计算的FPGA实现

BA无标度网络中的SIR模型

最新资源

sql经典面试题大家一起学习

开利30RB RQ模块式风冷涡旋冷水热泵机组.pdf