SecureLoc: A fully homomorphic encryption-based privacy protection scheme for location-based services

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-08-14 DOI:10.1016/j.jisa.2025.104190

Qiqi Xie , Hong Zhang , Liqiang Wang , Miao Wang , Wanqing Wu , Yilong Liu

{"title":"SecureLoc: A fully homomorphic encryption-based privacy protection scheme for location-based services","authors":"Qiqi Xie , Hong Zhang , Liqiang Wang , Miao Wang , Wanqing Wu , Yilong Liu","doi":"10.1016/j.jisa.2025.104190","DOIUrl":null,"url":null,"abstract":"<div><div>As Internet of Things (IoT) technology advances, a growing number of devices can access real-time location information and engage with other devices and platforms. Consequently, this expansion enriches the data sources and application scenarios for Location-Based Services (LBS). The computational tasks of LBS are often outsourced to a third-party service (<em>TPS</em>) for processing in order to improve computational efficiency on users’ devices. However, sensitive and private data stored with a semi-honest <em>TPS</em> poses the risk of data abuse or data leakage. In this paper, we propose a robust privacy-preserving scheme called SecureLoc within outsourced computing environments. Utilizing the collaborative capabilities of the <em>TPS</em> and the Trajectory Matching Server (<em>TMS</em>), we present a fully homomorphic encryption approach to protect the privacy of location and sensitive information. Specifically, we present an improved CKKS-based trajectory comparison algorithm that ensures trajectory matching without exposing sensitive plaintext data. In addition, by utilizing complex numbers to store location coordinates and ciphertext expansion, we greatly improve the computational efficiency. We also combine the K-anonymity algorithm with CKKS to further enhance the protection of user privacy by anonymizing and generalizing sensitive information such as phone numbers, ID numbers, and LBS request times. Finally, we prove SecureLoc is secure against semi-honest <em>TPS</em> and malicious eavesdroppers, and demonstrate that our method outperforms other state-of-the-art methods in terms of security, feasibility, and accuracy.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104190"},"PeriodicalIF":3.7000,"publicationDate":"2025-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625002273","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

As Internet of Things (IoT) technology advances, a growing number of devices can access real-time location information and engage with other devices and platforms. Consequently, this expansion enriches the data sources and application scenarios for Location-Based Services (LBS). The computational tasks of LBS are often outsourced to a third-party service (TPS) for processing in order to improve computational efficiency on users’ devices. However, sensitive and private data stored with a semi-honest TPS poses the risk of data abuse or data leakage. In this paper, we propose a robust privacy-preserving scheme called SecureLoc within outsourced computing environments. Utilizing the collaborative capabilities of the TPS and the Trajectory Matching Server (TMS), we present a fully homomorphic encryption approach to protect the privacy of location and sensitive information. Specifically, we present an improved CKKS-based trajectory comparison algorithm that ensures trajectory matching without exposing sensitive plaintext data. In addition, by utilizing complex numbers to store location coordinates and ciphertext expansion, we greatly improve the computational efficiency. We also combine the K-anonymity algorithm with CKKS to further enhance the protection of user privacy by anonymizing and generalizing sensitive information such as phone numbers, ID numbers, and LBS request times. Finally, we prove SecureLoc is secure against semi-honest TPS and malicious eavesdroppers, and demonstrate that our method outperforms other state-of-the-art methods in terms of security, feasibility, and accuracy.

查看原文本刊更多论文

SecureLoc：用于基于位置的服务的完全同态的基于加密的隐私保护方案

随着物联网（IoT）技术的进步，越来越多的设备可以访问实时位置信息并与其他设备和平台进行交互。因此，这种扩展丰富了基于位置的服务（LBS）的数据源和应用场景。为了提高用户设备上的计算效率，LBS的计算任务通常外包给第三方服务（TPS）进行处理。但是，使用半诚实的TPS存储敏感和私人数据会带来数据滥用或数据泄露的风险。在本文中，我们提出了一种在外包计算环境中称为SecureLoc的鲁棒隐私保护方案。利用轨迹匹配服务器（TPS）和轨迹匹配服务器（TMS）的协同能力，我们提出了一种完全同态的加密方法来保护位置和敏感信息的隐私。具体来说，我们提出了一种改进的基于ckks的轨迹比较算法，该算法确保轨迹匹配而不暴露敏感的明文数据。此外，利用复数存储位置坐标和密文展开，大大提高了计算效率。我们还将k -匿名算法与CKKS相结合，通过对电话号码、身份证号码和LBS请求次数等敏感信息进行匿名化和泛化，进一步加强对用户隐私的保护。最后，我们证明SecureLoc对半诚实的TPS和恶意窃听者是安全的，并证明我们的方法在安全性、可行性和准确性方面优于其他最先进的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.