The explosive growth of the Internet of Things (IoT) is pushing forward the paradigm of fog computing services today. An important service for most fog-enhanced applications is geographic range-match, which means the fog-nodes can accurately collect sensed data from IoT devices based on their location distances. However, due to the increasing attacking surfaces, outsourcing range query operations to untrusted fog-nodes inevitably raises new privacy concerns about query content and device location exposure. In this article, we devise a new geographic range-match scheme for fog-enhanced services, which allows fog-nodes to securely collect range-based sensed data while protecting the location privacy of IoT devices. Our main idea is to formulate the problem of encrypted geographic queries as range-based pattern matching and carefully craft security schemes to enable efficient range queries in the ciphertext domain. The proposed range-match scheme is provably secure and can reduce accessible information during distance comparisons. We formally analyze the security strengths and complete the prototype implementation. The comprehensive experimental results demonstrate the practicality of our designs.
Read full abstract