STQ-SCS: An Efficient and Secure Scheme for Fine-Grained Spatial-Temporal Top-<svg xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://www.w3.org/2000/svg" style="vertical-align:-0.2723999pt" id="M1" height="12.533pt" version="1.1" viewBox="-0.0657574 -12.2606 8.79534 12.533" width="8.79534pt"><g transform="matrix(.017,0,0,-0.017,0,0)"><path id="g113-108" d="M480 416C480 431 465 448 438 448C388 448 312 383 252 330C217 299 188 273 155 237H153L257 680C262 700 263 712 253 712C240 712 183 684 97 674L92 648L126 647C166 646 172 645 163 606L23 -6L29 -12C51 -5 77 2 107 8C115 62 130 128 142 180C153 193 179 220 204 241C231 170 259 106 288 54C317 0 336 -12 358 -12C381 -12 423 2 477 80L460 100C434 74 408 54 398 54C385 54 374 65 351 107C326 154 282 241 263 299C296 332 351 377 403 377C424 377 436 372 445 368C449 366 456 368 462 375C472 386 480 402 480 416Z"/></g></svg> Query in Fog-Based Mobile Sensor-Cloud Systems

Min, Jie; Liang, Junbin; Ma, Xingpo; Chen, Hongling

doi:https://doi.org/10.1155/2021/9939796

Security and Communication Networks

On this page

Abstract Introduction Related Works Conclusions Data Availability Conflicts of Interest Authors’ Contributions Acknowledgments References Copyright Related Articles

Special Issue

Data Security and Privacy for Fog/Edge Computing-Based IoT

View this Special Issue

Research Article | Open Access

Volume 2021 | Article ID 9939796 | https://doi.org/10.1155/2021/9939796

STQ-SCS: An Efficient and Secure Scheme for Fine-Grained Spatial-Temporal Top- Query in Fog-Based Mobile Sensor-Cloud Systems

Jie Min,¹Junbin Liang,²Xingpo Ma,³and Hongling Chen⁴

Academic Editor: Lu Liu

Received11 Mar 2021

Revised05 May 2021

Accepted19 May 2021

Published29 May 2021

Abstract

With the emergence of the fog computing and the sensor-cloud computing paradigms, end users can retrieve the desired sensory data generated by any wireless sensor network (WSN) in a fog-based sensor-cloud system transparently. However, the fog nodes and the cloud servers may suffer from many kinds of attacks on the Internet and become semitrusted, which threatens the security of query processing in the system. In this paper, we investigated the problem of secure, fine-grained spatial-temporal Top- query in fog-based mobile sensor-cloud systems (FMSCSs) and proposed a novel scheme named STQ-SCS to tackle the problem based on the virtual grid construction and the size-order encryption-binding techniques. STQ-SCS can preserve the privacy of the sensed data items and their scores and make end users verify the completeness of the query results of fine-grained spatial-temporal Top- queries with a 100% successful rate even if the fog nodes and the cloud servers are not totally trustworthy. Besides the good security performance, simulation results indicate that STQ-SCS is also an efficient scheme that incurs a much lower communication cost than the state-of-the-art schemes on securing fine-grained spatial-temporal Top- query in FMSCSs.

1. Introduction

As one important component of Internet of Things (IoT) [1], wireless sensor networks (WSNs) [2] can be used in many application scenarios and are still being studied [3] by many researchers even though extensive research has been carried out on WSNs for the past two decades. However, traditional WSNs are usually single-user centric [4], where a user deploys and owns its own WSN and another party is not able to access the sensed data generated by such a WSN. To remedy this shortcoming, researchers have conceived a new paradigm, namely, the sensor-cloud paradigm [5–7], in recent years. A typical sensor-cloud model is shown in Figure 1(a), where the sensor-cloud architecture serves as the intermediate stratum between the end users and the physical sensor nodes [4]. However, early sensor-cloud architectures are still not perfect, and they encounter many new challenges, such as providing real-times services and efficiently managing the physical sensor nodes. In [8], a new sensor-cloud architecture, namely, the fog-based sensor-cloud framework, was proposed, and the basic model of the fog-based sensor-cloud framework is shown in Figure 1(b). The main difference between early sensor-cloud architectures and the fog-based sensor-cloud framework is that the latter has a fog layer while the former does not have. The fog layer is mainly composed of fog nodes, which can fuse and store the collected sensed data, respond to real-time applications, and efficiently manage the physical sensor nodes [8]. In the fog-based sensor-cloud framework, end users can not only retrieve the sensed data items, which they are interested in directly from the nearby fog nodes, but also obtain the shared sensed data from the cloud by sending queries to the cloud if there are no data which they want in the near fog nodes.

(a)

(b)

Although the fog-based sensor-cloud framework brings a lot of benefits as described in [8], it encounters many potential security threats. The fog nodes may be captured by the nearby attackers or may suffer from the attacks arising from the cloud. In other words, the fog nodes may become untrusted [9, 10] under such attacks. Meanwhile, the application servers in the cloud are facing many kinds of attacks, and some of the cloud servers may also not be trustworthy [11–13]. Under this background, how to ensure the integrity and the confidentiality of the sensed data items retrieved by the end users in the fog-based sensor-cloud systems is a thorny-and-burning problem. Such a problem is much more challenging in fog-based mobile sensor-cloud systems (FMSCSs), where the sensor nodes are mobile, considering that the sensed data retrieved by end users must satisfy the spatial-temporal requirements of the queries launched by end users.

In this paper, we focus on fine-grained spatial-temporal Top- queries and make efforts to tackle the abovementioned problem. The concept of fine-grained spatial-temporal Top- queries is defined in Definition 1 in Section 3. In a word, a fine-grained spatial-temporal Top- query refers to a query that tries to find out the top sensed data items generated in a specific time interval and a specific region of a specific WSN deployment field. To our best knowledge, there is no work studying the problem of secure fine-grained spatial-temporal Top- query in fog-based sensor-cloud systems at present. In brief, the main contributions of this paper are twofold:(i)It studies the problem of secure fine-grained spatial-temporal Top- query in FMSCSs and proposes a novel scheme named STQ-SCS to ensure the integrity and confidentiality of the sensed data items retrieved by end users. It provides sound theoretical analysis on the security of STQ-SCS. According to the analysis, STQ-SCS is not only able to preserve the privacy of the sensed data items retrieved by end users but also detect the incomplete query results successfully for fine-grained spatial-temporal Top- query under the security model presented in this paper.(ii)Extensive simulations were conducted in the paper, and the results show that STQ-SCS is much more efficient than the related state-of-the-art schemes.

The remainder of this paper is organized as follows. Section 2 summaries the related schemes; Section 3 describes the system model, the security model, the definitions of some terminologies, and the problem statement; Section 4 presents the proposed scheme STQ-SCS in detail; Section 5 analyzes the security of STQ-SCS; In Section 6, STQ-SCS is compared with the related state-of-the-art schemes through extensive simulations; Section 7 provides performance evaluation. Section 8 concludes this study.

Since there is no work about secure fine-grained spatial-temporal Top- query in FMSCSs at present, we mainly investigate the related works in Cloud Computing, Two-tiered Wireless Sensor Networks (TWSNs), and Two-tiered Mobile Wireless Sensor Networks (TMWSNs) in this section.

2.1. Securing Top- Queries in Cloud Computing

Top- queries in the cloud are generally securely processed based on the data that are outsourced on cloud servers by the same data owner. In Cloud Computing, the data owner knows all its outsourced data and thus can construct the encrypted data structure, such as EHL [14], the binary heap [15], or other tree-like structures [16–18], based on the whole data set to facilitate Top- query without losing data privacy, while in FMSCSs, expect for the fog nodes that are considered as not fully trusted, each sensor node just knows only a small part of the whole data generated by the WSN where it is located, and it thus cannot construct the encrypted data structure of the whole data before outsourcing its data to a fog node or the cloud.

Moreover, existing schemes proposed for secure Top- query in Cloud Computing are based on the strong processing ability and rich resources of the cloud servers, and they never consider the resource-limited sensor nodes which are also weak in computing. Thus, they are not fit for FMSCSs.

2.2. Securing Top- Queries in TWSNs

The study of securing Top- queries in TWSNs was originally launched by the authors in [19], where three schemes are proposed to preserve the completeness of the Top- query results in TWSNs. The three schemes were proposed based on the MAC (Message Authentication Code) technique, which requires each sensed data item to be attached with an MAC as its proof data. Then, many other schemes that use a similar technique appeared, such as those in [19–24]. However, the MAC-based technique is relatively less efficient because attaching an MAC to each sensed data item brings large quantity of extra data since a MAC takes almost 40% of the volume of a sensed data item according to [19].

Besides the MAC-based technique, some other methods were also proposed to ensure the privacy of the sensed data and the completeness of the Top- query results in TWSNs, such as inserting digital watermarks or dummy readings into the normal ones [25] and constructing data aggregation trees [26, 27]. However, inserting digital watermarks or dummy readings into the measure data makes it hard and complicated for the users to extract the normal readings from the hybrid ones, and it also brings a lot of redundant data, which further leads to the increase of the communication cost of both the sensor nodes and fog nodes.

What is more, one of the most important common points of these schemes is that they are all proposed for TWSNs where nodes are static [28], and they cannot perfectly treat the security threats faced by spatial-temporal Top- query in FMSCSs, where attackers can launch much more covert attacks. When a mobile sensor node travels from the queried region to other regions or vice versa in the queried time interval, some sensed data generated by the sensor node may be in the queried region, and others may not. Obviously, the sensed data generated out of the queried region by the traveling sensor node are not the qualified ones that satisfy the requirements of the spatial-temporal Top- query. However, few securing Top- query schemes proposed in TWSNs consider this, which leaves leaks for the attackers to launch new kinds of covert attacks. For example, the attackers may replace the data items that are generated in the queried region by a sensor node with those produced out of the queried region by the same sensor node.

2.3. Securing Top- Queries in TMWSNs

The first work on securing Top- queries in TMWSNs was done by Liu et al. in 2015 [29], when they presented a novel network architecture, namely, TMWSNs, and proposed a scheme VTMSN to ensure the completeness of spatial-temporal Top- query in TMWSNs. The main techniques used in VTMSN are symmetric encryption and information binding. Specifically, it binds the score of each sensed data item with its corresponding generation time, location, and value ranking order by concatenating and encrypting them with the kept symmetric key. Although VTMSN increases the difficulty for the attackers to undermine the completeness of the query results because of the binding relationships, it still has shortcomings. One is that it cannot preserve the privacy of the sensed data items since it leaves the data items disclosed to the fog nodes for ease of Top- query processing on them; another one is that there should be a large volume of location data transported together with the sensed readings, which greatly increases the communication cost of the sensor nodes and fog nodes.

To overcome the latter shortcoming of VTMSN, Wu et al. proposed a scheme named EVTopk [30] in 2016. EVTopk achieves completeness preservation of the Top- query results by using the HMAC (Hash Message Authentication Code), which is formed by making hashing and encryption operations on the concatenated items including the score, the location, and the neighboring HMAC. However, since each sensed data item should be attached with an HMAC in EVTopk, the HMACs account for a large proportion of the data reports of the sensor nodes and the query results. Moreover, EVTopk is not able to achieve data privacy preservation either. In [31], a comparative study was made on the two schemes, EVTopk and VTMSN. To further decrease the volume of the proof data in the data reports and the query results, in 2018, a scheme named VIP-TQ was proposed to preserve the integrity of the query results for spatial-temporal Top- query in TMWSNs. In VIP-TQ, sensed data are bound together with their location as well as their neighboring data score using pairwise-key-based encryption. Although the binding can effectively prevent the compromised fog nodes from undermining the integrity of the Top- query results, it leaves the scores of the sensed data disclosed to the storage nodes, which increases the risk of divulging the privacy of the sensed data. In the same year, Ma et al. proposed two other schemes, namely, SSSTQ1 and SSSTQ2 [32], for securing spatial-temporal Top- in TMWSNs. However, a large number of original locations associated with the sensed data items are added into the data reports and the query results for integrity verification, which heavily increases the communication cost of the systems.

In summary, although there are many schemes related to secure Top- query in existing works, they either have obvious shortcomings or cannot be used in FMSCS, which motivates us to do further work in this paper.

3. Models, Notations, and Problem Statement

3.1. System Model

The system model of FMSCSs is shown in Figure 2. In the model, TA is short for trusted authority [33], which is a trustworthy party. TA is used to authenticate the identity of end users and MWSNOs (Mobile Wireless Sensor Network Owners) and distribute the secret keys to them. Each fog node in the fog layer connects and manages one MWSN (Mobile Wireless Sensor Network), and each MWSN is assumed to be composed of mobile sensor nodes and is owned by a MWSNO. Specifically, the main responsibility of each fog node is as follows: (1) Collecting, processing, and storing the sensed data items updated by the sensor nodes in its corresponding WSN; (2) managing the mobile sensor nodes in its corresponding MWSN; and (3) responding to the queries that may be sent from the Cloud or the end users directly. End users can retrieve the desired data by launching and sending queries to the cloud or the fog nodes directly if they are not far from the fog nodes. If a cloud server receives a query from some end user, it first determines the fog node, which satisfies the region requirement of the query, and then sends the query to the fog node; if a fog node receives a query, it processes the query locally and sends the query result to the party (the cloud or the end user) who has sent the query.

The mobile sensor nodes in WSNs periodically upload their sensed data to the corresponding fog nodes in the fog layer. We divide time into epochs, and take the time length of each epoch as the period for each sensor node to upload its sensed data items. We assume that mobile sensor nodes in each WSN do not move all the time. They stay at some target locations for certain time intervals when they reach the positions, and go on moving to other target locations if it is necessary. Moreover, we assume that the mobile sensor nodes only generate sensed data items when they are staying at their target locations. Besides, it is assumed that each mobile sensor node just moves within the WSN field where it is located, since it will cost a lot of energy for the sensor nodes to move among different WSN-deployed fields.

In this paper, we use the set to denote the sensed data items generated by sensor node at its target location in the epoch , where is the total number of the sensed data items generated by at its target location in . For any sensed data item , its corresponding data score can be worked out using a public scoring function [19], namely, . Without loss of generality, we assume different sensed data items have distinct scores [19]. Moreover, in order to facilitate presentation, we assume that the ranking orders of the sensed data items generated by any sensor node at a target location are consistent with their subscript digital numbers. For example, there is , where and are the node ID and the target location ID of , respectively. The specific meanings of the notations used in this paper are listed in Table 1.

3.2. Definitions

In this section, we introduce the definitions of some terminologies used in this paper. Specifically, we define the terminologies used in this paper as follows:(i)Fine-grained spatial-temporal Top- query: it is the query which tries to find out the top sensed data items that have the biggest (or the smallest) scores among all the sensed data items generated in in , where is a subregion of the deployment field of the MWSN whose ID is . The meta-language of a fine-grained spatial-temporal Top- query in FMSCSs is shown in the following equation:(ii)Queried node and queried location: given a spatial-temporal Top- query , if a target location of any mobile sensor node falls in in , the target location is one of the queried locations of ; if at least one of the target locations of a mobile sensor node is one of the queried locations of , the sensor node is called a queried node of .(iii)Qualified Top- data items: given a spatial-temporal Top- query , if a sensed data item satisfies the following two conditions, it is called the qualified Top- data item of : (1) was generated in and ; (2) among all the sensed data items generated in and , there are at least data items whose scores are smaller (or bigger) than the score of , where refers to the total number of the sensed data items generated in and .(iv)Data-proof Packet : for any target location of any mobile sensor node , Data-proof Packet refers to the subreport produced by for the sensed data generated at during . Specifically, consists of the pairwise-key-encrypted sensed data items and the OPE-encrypted scores (“OPE” is short for “order-preserving encryption” [35]) as well as some proof information generated by at during . More specific contents of will be described in Algorithm 1 in Section 4.

	Ensure: target location set ; all the sensed data items generated by in ; the pairwise key ; the master key used for OPE;
	Require:;
(1)	Compute the score of each sensed data item using the public scoring function;
(2)	for to do
(3)	ifthen
(4)	Set to ;
(5)	end if
(6)	ifthen
(7)	Set to , ;
(8)	end if
(9)	ifthen
(10)	Sort the sensed data items generated by at in according to their scores;
(11)	Set to , , , ;
(12)	end if
(13)	end for
(14)	Set to , ,
(15)	Return .

3.3. Security Model

In FMSCSs, fog nodes and the cloud servers are assumed to be untrusted, while most of the mobile sensor nodes and TA are trustworthy. We assume that the untrusted fog nodes and cloud servers are not only curious but also malicious. Specifically, a curious fog node or cloud server will try to disclose the sensed data items as well as the data scores computed based on the public scoring function, and a malicious fog node or cloud server will do its best to undermine the completeness of the results of the fine-grained spatial-temporal Top- queries. To execute a malicious attack, an untrusted fog node may put none or only part of the qualified top data items into the Top- query result, and it may also put some fabricated data items and/or the unqualified-but-real ones into the query result when processing a spatial-temporal Top- query. For example, suppose the complete query result should be . Then, an incomplete query result may be or , where is a real but unqualified sensed data item and is a fabricated data item. An untrusted cloud server may also make some wrong deletions or replacements to undermine the integrity of the query results before it transmits the query results to end users.

In our security model, the privacy of the sensed data items, which are generated by the mobile sensor nodes in FMSCSs, and their corresponding scores should be protected. Other information, such as spatial-temporal Top- query and the generation locations of the sensed data items, will be leaked to fog nodes. It is hard to enable fog nodes to process spatial-temporal Top- query smoothly and successfully without such leaks. Fortunately, the leaked information brings little threat to the safety of the systems. Moreover, we assume each mobile sensor node is assumed to be equipped with the tamper-proof hardware, with the help of which the adversaries cannot disclose the encryption materials stored in the hardware even if they capture the sensor nodes [24].

3.4. Problem Statement and Design Goal

Under the system and the security models described above, the problem tackled in this paper can be presented as follows: how to make the end users in FMSCSs obtain the query results of the fine-grained spatial-temporal Top- queries launched by them without disclosing the sensor data items and their corresponding scores to the fog nodes and the cloud servers and verify the completeness of the corresponding query result correctly and efficiently. Our design goal is to propose a novel scheme that enables efficient privacy-preservation and integrity-verifiable query processing for fine-grained spatial-temporal Top- query in FMSCSs. Specifically, three objects as follows should be achieved:(i)The privacy preservation goal: our proposed scheme should preserve the privacy of the sensed data items and their scores collected from the mobile sensor nodes.(ii)The integrity verification goal: our proposed scheme should enable end users to verify the completeness of spatial-temporal Top- query results, no matter what attacking means introduced in the security model are adopted.(iii)The efficiency goal: our proposed scheme should be effective in communication and computation. It should greatly decrease the additional communication cost of the sensor nodes, since the sensor nodes are energy-limited. Here, the additional communication cost mainly refers to the cost of transmitting the proof data that are used to verify the completeness of the query results.

4. Our Scheme STQ-SCS

This section presents our scheme STQ-SCS. We first make a high-level description of the scheme as follows. At first, each MWSNO obtains the secret keys from TA and preload the keys to its own MWSN. Then, using the secret keys, each sensor node encrypts its own sensed data items and the scores, and uploads the encrypted data items and their scores to the corresponding fog node. If an end user wants to retrieve the query result of a fine-grained spatial-temporal Top- query, it sends the query to the cloud server or to the fog node directly if it is near the fog node of the target MWSN. If a cloud server receives the query, it first determines which fog node should be the target node of the query, and then sends the query to the target fog node. If the target fog node receives the query, it will work out all the qualified Top- data items, put them into the query result packet, and send them to the cloud server or to the end user directly if the query is received by the fog node from the end user. If a cloud server receives the query result from the fog node, it will transmit the query result to the end user who is the launcher of the query.

As a whole, STQ-SCS can be mainly divided into five parts: (1) secret key distribution; (2) virtual-location construction; (3) secure data preprocessing; (4) secure spatial-temporal Top- query processing; (5) completeness verification of the query results. In the following sections, the five parts of STQ-SCS are described in great detail.

4.1. Secret Key Distribution

In STQ-SCS, all secret keys used in FMSCSs are distributed by TA. To obtain the secret keys, each MWSNO sends a key-request message, which contains its own public key, the ID of its own MWSN, the IDs of the mobile sensor nodes in the MWSN, and some authentication information, to TA. After authenticating the identity of the MWSNO using some existing authentication method such as UAP-BCIoT [36], TA knows whether the MWSNO has the authority to obtain the secret keys or not. If TA determines to send the keys to the MWSNO, TA distributes a master key for the MWSN and a pairwise key for each mobile sensor node in the MWSN, encrypts them using the public key of the MWSNO, and then sends them to the MWSNO. The pairwise keys are generated based on the method in [34], while the master key is generated according to the scheme in [35]. Using the similar way, legal end users can also obtain the keys of each mobile sensor node in any MWSN from TA.

In our scheme, two encryption methods are leveraged to encrypt the sensed data items and their scores: one is the latest order preservation encryption (OPE) scheme [35] and the other one is the pairwise-key-based encryption [34]. The former is used to encrypt the scores of the sensed data items using the master keys, while the latter is used to encrypt the sensed data items and the proof data, such as the target locations of the sensor nodes and the ranking orders of the sensed data items, using the pairwise keys. Section 4.3 will describe this in detail.

4.2. Construction of the Virtual Grids

In STQ-SCS, the sensor deployment field is divided into many virtual grids. Each virtual grid should be as small as possible so that the central location of the grid can be approximately taken as the location of every point in the grid in real applications. Then, we design an ID distribution law for the virtual grids. Based on the law, the real locations of each mobile sensor node can be worked out easily if the IDs of the virtual grids where it has moved to are known.

Specifically, the ID distribution law is described as follows. Suppose the FMSCSs-deployed field is a square rectangle. STQ-SCS divides the rectangle into small virtual grids, where is a small digital number that can divide the length with no remainder. Clearly, the smaller is, the larger is. Then, each virtual grid is given an ID, which is a sequence number ranging from 1 to . The virtual grids in the first row at the upper side of the rectangle are given the IDs 1, 2, 3, , , and , respectively, from the left to the right in order; the IDs , , , , and are assigned to those in the second row orderly;; those in the last row have the IDs , , , , and , respectively.

Using such an ID distribution law, each sensor node first works out the IDs of the virtual grid where it has moved to, and then takes the IDs as the coordinate values of its target locations.

4.3. Secure Data Preprocessing

This section describes how each sensor node generates its data report, which will be uploaded to the corresponding fog node at the end of each epoch, based on its own sensed data items under the privacy-and-integrity preservation requirements. Specifically, for any sensor node , the procedure of data report generation in STQ-SCS is shown in Algorithm 1.

In the protocol, firstly computes the score of each sensed data item generated by itself based on the public scoring function; then, it works out for each of its target locations which it has been moved to during epoch . To do this, three cases are considered: , , and . If , should include to show that no sensed data were generated by at in epoch , where is a symmetric encrypting operation with based on [34]; if , should contain to indicate that only one sensed data item was generated by at in epoch , and it also needs to include both the pairwise-key-encrypted score and the OPE-encrypted score of the only data item. The former will be used as part of the proof information for integrity verification, and the latter will be used by fog nodes to process spatial-temporal Top- query smoothly. The only sensed data item should also be encoded using the pairwise key and included in . If , the contents of are a little complex. Specifically, it contains not only the OPE-encrypted scores and the pairwise-key-encrypted data items and scores but also the chaining relationships of the ranked sensed data items. The chaining relationships, which are used to prevent the adversaries from destroying the integrity of the Top- query results by dropping part of the qualified Top- data items, are achieved by encrypting each sensed data item together with its ranking order number, which is called the sequence number in the following of this paper, using the pairwise key . Moreover, each sensed data item is bond together with its corresponding target location to further strengthen the integrity preservation of the Top- query results. The final output in Algorithm 1 is the very data report which will be uploaded to the corresponding fog node of .

4.4. Secure Spatial-Temporal Top- Query Processing

This section presents how a fine-grained spatial-temporal Top- query is processed in FMSCSs in our proposed scheme STQ-SCS. When a cloud server receives a fine-grained spatial-temporal Top- query from an end user, it first finds out the destination of the query according to the mapping relationships between the MWSN IDs and the fog nodes (Information about the mapping relationships is assumed to be stored in the cloud server). Then, the cloud server sends the query to the target fog node. When the target fog node receives the query, it processes the query according to Algorithm 2. After that, it sends the processing result back to the cloud server. If the query is sent from an end user, the fog node will send the query result back to the end user directly.

	Ensure:; ;
	Require:;
(1)	for to do
(2)	;
(3)	for to do
(4)	if is in then
(5)	put into set ;
(6)	;
(7)	end if
(8)	end for
(9)	end for
(10)	Find out the pairwise-key-encrypted qualified Top- data items among all the pairwise-key-encrypted data items in set according to their corresponding OPE-encrypted scores;
(11)	Calculate for each and ;
(12)	for to do
(13)	ifthen
(14)	Set to
(15)	else
(16)	for to do
(17)	ifthen
(18)	Set to ;
(19)	end if
(20)	ifthen
(21)	set to ;
(22)	end if
(23)	ifthen
(24)	ifthen
(25)	Set to ;
(26)	end if
(27)	ifthen
(28)	set to , , ;
(29)	end if
(30)	end if
(31)	ifthen
(32)	ifthen
(33)	Set to , , ;
(34)	end if
(35)	ifthen
(36)	set to , ;
(37)	end if
(38)	end if
(39)	end for
(40)	Set to ;
(41)	end if
(42)	end for
(43)	Return set .

In Algorithm 2, the fog node first processes every data report uploaded by the sensor nodes in MWSN and then packets all the processing results of the data reports collected in the queried MWSN to form the final query result of the spatial-temporal Top- query. Specifically, lines 1–9 aim to find out the number of locations that fall in of each sensor node in MWSN and the corresponding generated at those locations; from lines 12 to 42, there is a big “” loop, which is used to process every report generated in MWSN in . Line 14 shows the processing result of considering the case that no target location of falls in in ; lines 16–39 describe the procedure of processing considering the case that there is at least one location of that falls in in . In the abovementioned latter case, all the that correspond to the target locations located in are processed based on the exact values of and/or , where and denote the total data number and the qualified data number, respectively, corresponding to the location , which is supposed to be in the queried region . During the procedure of processing the , the OPE-encrypted items are all removed from the original since the only use of them is to make fog nodes find out the qualified Top- data items encrypted with the pairwise keys. Moreover, all the unqualified data items except for the one which follows the last qualified Top- data item in each are also removed from each original , and the reserved one will be used for completeness verification of the spatial-temporal Top- query results.

4.5. Completeness Verification of the Query Results

The procedure for an end user to verify the completeness of the Top- query result is presented in Algorithm 3, the output of which is the value of the Boolean variable . If is , is considered as incomplete; otherwise, is complete and the final in Algorithm 3 is composed of all the qualified Top- data items corresponding to the fine-grained spatial-temporal Top- query .

	Ensure:; ; .
	Require:.
(1)	; ; ;
(2)	for to do
(3)	if ( contains no pairwise-key-encrypted target locations) then
(4)	Set ; return ;
(5)	end if
(6)	Decrypt all the ciphertext in with ;
(7)	if The end user cannot decrypt the ciphertext normally then
(8)	; return ;
(9)	end if
(10)	Calculate the value of which is the total number of the queried locations in ;
(11)	for to do
(12)	if is not originally in is a Data-proof Packet corresponding to which is in then
(13)	; return ;
(14)	end if
(15)	Calculate the value of which is the total number of the sensed data items in ;
(16)	ifthen
(17)	if is originally in in then
(18)	;
(19)	Continue;
(20)	else if is originally in in then
(21)	Continue;
(22)	else
(23)	; return ;
(24)	end if
(25)	end if
(26)	ifthen
(27)	ifthen
(28)	; return ;
(29)	end if
(30)	;
(31)	Continue;
(32)	end if
(33)	if ( is not included in in ) (no sensed data item in is encrypted with a sequence number) (the sequence numbers encrypted in are not sorted in ascending order from 1) (any sensed data item encrypted in is not originally encrypted with ) ( is not originally included in ) then
(34)	; return ;
(35)	end if
(36)	if = then
(37)	ifthen
(38)	; return ;
(39)	else
(40)	;
(41)	end if
(42)	else if = then
(43)	if ( is included in ) && then
(44)	; return ;
(45)	end if
(46)	;
(47)	;
(48)	else
(49)	; return ;
(50)	end if
(51)	end for
(52)	end for
(53)	ifthen
(54)	; return ;
(55)	end if
(56)	ifthen
(57)	; return ;
(58)	end if
(59)	Return .

The main idea of Algorithm 3 to verify the completeness of is to find out the minimal data score of the qualified Top- data items and the maximal score of the unqualified ones generated in the queried region from , and compare them with each other. Normally, the former should be bigger than the latter if the query aims to find out the biggest top data items. If this condition does not hold in , is considered incomplete. However, it is not correct yet to declare that is complete even if such a condition holds in . Before doing such a comparison, it is necessary to check whether each sensor report was processed properly by the compromised fog node (lines 2–53 in Algorithm 3) based on the proof information included in . To achieve this, each in should be checked. When checking the , three cases need to be considered, namely, (lines 16–25), (lines 26–32), and (lines 33–51). If , either did not generate any data items at in or no data item generated by at in is the qualified Top- data item. Thus, in such a case, either or should be originally included in in . If , the data item included in should be a qualified Top- data item according to lines 24–26 in Algorithm 2. If , according to lines 27–38 in Algorithm 2, the fog node must have made some illegal query-processing operations if any of the following cases happens (lines 33–35 in Algorithm 3): (a) is not included in in ; (b) no sensed data item in is encrypted with a sequence number; (c) the sequence numbers encrypted in are not sorted in ascending order from 1; (d) any sensed data item encrypted in is not originally encrypted with ; and (e) is not originally included in . Moreover, in the case that , should be equal to either or according to lines 27–38 in Algorithm 2 where is included in . Thus, in lines 36–50 in Algorithm 3, the abovementioned two cases are considered, respectively, to detect the integrity of .

5. Security Analysis

5.1. Analysis of STQ-SCS on Privacy Preservation

Theorem 1. Our scheme STQ-SCS is able to preserve the privacy of both the sensed data items and its scores for fine-grained spatial-temporal Top- query in FMSCSs under the security model presented in this paper.

Proof. According to Algorithm 1, before being uploaded to fog nodes, all sensed data items are encrypted with the pairwise keys and all the data scores are encrypted with the master keys [35] by the sensor nodes in FMSCSs. Meanwhile, all the encryption keys should only be obtained from TA after authentication according to the key-distribution method used in STQ-SCS, and the fog nodes and the cloud servers are not able to obtain the keys and thus cannot disclose the values of the sensed data items and their scores. Since the cloud servers and the fog nodes are assumed to be curious and/or malicious while other parties in FMSCSs are assumed to be trustworthy in our security model, the privacy of the sensed data items and their scores can be preserved for fine-grained spatial-temporal Top- query in FMSCSs using our scheme STQ-SCS.

5.2. Analysis of STQ-SCS on Completeness Verification

Theorem 2. Suppose a queried node generated data items at a queried location in epoch , where there are qualified Top- data items. If at least one of those qualified Top- data items is dropped from in the query result of by the fog node or the cloud server which generates and/or transmits , the incomplete must be detected by end users with a 100% successful rate based on our scheme STQ-SCS.

Proof. Since the fog node or the cloud server does not know , if it inserts the sensed data items that are encrypted with some other keys rather than into , the incomplete must be detected by the end user according to lines 6–9 in Algorithm 3. Moreover, according to lines 33–35 in Algorithm 3, must be also considered as incomplete if the fog node or the cloud server puts any encrypted data item, which was generated by in at some other location rather than , into . Thus, in the following of this proof, we need only to consider the situation that all the encrypted sensed data items left in after being processed by the fog node are the real ones which were generated by at in (but some or all of them may not be the qualified ones). Then, if at least one qualified sensed data items generated by at in is discarded by the fog node or the cloud server, one of the following two cases must appear: (1) the fog node or the cloud server has dropped all the sensed data items from when producing or transmitting and (2) the fog node or the cloud server has just discarded only a part of the sensed data items from , and the discarded data items contain some qualified one/ones.
First of all, consider the case that the fog node or the cloud server has deleted all the sensed data items from . In this case, the fog node or the cloud server should leave in in of to avoid being detected according to lines 16–25 in Algorithm 3 because it cannot generate the legal encryption item . Then, should be put into according to lines 17–18 in Algorithm 3, and some real but unqualified sensed data items generated in and must be put into to make the number of the elements in equal to according to lines 53–55 in Algorithm 3. If the discarded sensed data items contain some qualified one/ones, must be the score of a qualified Top- data item. Then, must be smaller than because the score of any qualified Top- data item must be bigger than that of any real but unqualified one generated in and assuming all data scores are distinct. Thus, according to lines 56–58 in Algorithm 3, the incomplete must be detected by the end user.
Then, consider the case that the fog node or the cloud server has just deleted a part of the sensed data items from , and the deleted data items contain some qualified one/ones. In this case, two situations should be discussed. One is that all the sensed data items encrypted with sequence order numbers are deleted from, while the other is that at least one sensed data item encrypted with a sequence number is left in after being processed. In the first situation, must be left in after being processed, and there must be since in this situation and must not be included in . According to lines 26–29 in Algorithm 3, the incomplete must be detected by the end user. Then, consider the second situation. To make the sequence numbers encrypted with the sensed data items in in of ascends from 1 orderly (Lines 33–35 in Algorithm 3), the fog node or the cloud server must delete all the sensed data items in one of the sets , and from . The five sets are shown in equation (2), where .If the fog node or the cloud server discards the sensed data items/item in set or from when processing , and must be left in after being processed, which means that is bigger than 1. According to lines 36–50 in Algorithm 3, the fog node has to either set to or in in of to prevent the incomplete from being detected. Even though, the incomplete must also be detected by the end user according to lines 36–38 and 42–45 in Algorithm 3 because must not be equal to in this case and is included in at the same time.
If the fog node or the cloud server deletes the sensed data items/item in set , , or from , the encryption item should be left in . Then, if , the incomplete must be detected by the end user according to lines 26–29; if , since in this case, the fog node or the cloud server has to set to in in of to make the incomplete free from being detected according to lines 36–50 in Algorithm 3. Then, will be put into set according to lines 42–47 in Algorithm 3. Because some dropped sensed data item/items is/are qualified Top- data item/items, must also be a qualified Top- data item. Since the number of the sensed data items in should be , some real but unqualified Top- data items whose scores are smaller than must be put into set . Thus, there must be , and the incomplete must be detected by the end user according to lines 56–58 in Algorithm 3.
Thus, if the fog node drops at least one qualified sensed data items from , the end user in FMSCSs is able to detect the incomplete with a successful rate of 100% based on STQ-SCS, and Theorem 2 holds.

Theorem 3. Under the security model presented in this paper, any end user in FMSCSs can detect the incomplete query results of fine-grained spatial-temporal Top- queries with a 100% successful rate based on our scheme STQ-SCS.

Proof. According to the security model, untrusted parties (the fog nodes and the cloud servers) cannot fabricate the pairwise-key-encrypted sensed data items, which cannot be detected by end users, because the untrusted parties cannot obtain the legal pairwise keys. Thus, for any fine-grained spatial-temporal Top- query , if its query result is incomplete, at least one qualified sensed data item must be discarded by the fog node or the cloud server when producing and/or transmitting . In other words, there must be at least one queried sensor node whose corresponding at location satisfies the following condition: at least one qualified sensed data item was deleted from by the fog node or the cloud server when producing and/or transmitting . Then, according to Theorem 2, the incomplete must be detected by the end user in FMSCSs based on our scheme STQ-SCS. Thus, Theorem 3 holds.

6. Computation Complexity Analysis

This section analyzes the computation complexity of the three schemes presented above.

Firstly, the computation complexity of Algorithm 1 is analyzed as follows. Since most of the statements in Algorithm 1 are the loop body of the “for” loop statements in Algorithm 1, the computation complexity of Algorithm 1 should be that the loop numbers multiply the computation complexity of the loop body. In the loop body, there are only three conditional statements. Thus, the computation complexity of the loop body depends on the pairwise-key encryption methods used in STQ-SCS and the total length of the data that need to be encrypted as well as the computation complexity of OPE. Although different pairwise-key cryptography methods, such as [34, 37], may have different computation complexities, they are considered lightweight generally and fit for the resource-limited sensor nodes [38, 39], let alone the fog nodes which are much more powerful than the sensor nodes. Moreover, OPE also has low computation complexity according to [35]. For each , the length of the data that need to be encrypted varies according to , which symbolizes the total number of the sensed data items generated by at in . Let and denote the bit length of a sensed data item and that of a data score, respectively, symbolizes not only the bit length of a sequence number but also that of , refers to the bit length of a virtual location, and and denote the bit length of the data that need to be encrypted using OPE and that of those encoded adopting the pairwise-key encryption method, respectively, in . Then, the values of and can be worked out using equations (3) and (4), respectively, according to Algorithm 1.

Secondly, pay attention to Algorithm 2. The computation complexity of lines 1–9 is O; the computation complexity of line 10 depends on the adopted sorting algorithm and the total number of sensed data items generated in and ; that of line 11 is O; that of lines 12–43 in Algorithm 2 is O in the best case (e.g., is always 0 for each ) and is O in the worst case (e.g., is not equal to 0 for each ).

Finally, it is the turn of Algorithm 3, which mainly consists of one outer “for” loop whose loop body contains an inner “for” loop. In the loop body of the outer loop, the computation complexity of line 6 is the highest among all the statements that are in the loop body of the outer loop and out of the inner loop. If decrypting one encryption item is taken as one operation, the operation number of line 6 should be according to line 40 in Algorithm 2. Then, the computation complexity of Algorithm 3 should be O.

7. Performance Evaluation

In this section, we evaluate the performances of our proposed scheme STQ-SCS through extensive simulations taking OMNET++ as the simulation tool.

7.1. Metrics and Experimental Setup

The performance of STQ-SCS on energy efficiency is evaluated mainly by testing the additional communication cost, which is brought by transmitting the proof data, because other data such as the sensed data items always need to be transmitted no matter what kind of methods are used to ensure the security of the query. Specifically, the metrics used in our simulations are listed as follows.(i)Additional communication cost in an MWSN : total energy consumed by transmitting all the proof data produced in an MWSN and an epoch to the fog node in the MWSN. Since the sensor nodes are energy-limited, the additional energy cost brought by transmitting the proof data from each MWSN to its corresponding fog node should be given more attention to.(ii)Proof-data ratio : the ratio of to . Here, refers to the total energy consumed by transmitting all the reports generated in an MWSN and an epoch to the fog node connecting to the MWSN, where the data reports include both the sensed data items and the proof data generated by all the sensor nodes in the MWSN and the epoch.

The parameters used in our simulation and their own default values are shown in Table 2, where the default values of some parameters are set by referencing [19]. In fact, static sensor nodes are also allowed to exist in FMSCSs. In the simulation, we adjust the ratio of the mobile sensor nodes to the total ones in the systems by changing the value of .

7.2. Simulation Results

This section presents the simulation results of and with different settings of , , and , respectively. We compare our scheme with VTMSN [29] and SSSTQ1 [32] in this section. VTMSN, which was proposed in 2015, is the earliest work on securing spatial-temporal Top- query in FMSCSs, while SSSTQ1 can be considered as the state-of-the-art scheme proposed for securing spatial-temporal Top- query in FMSCSs. Figure 3 shows the simulation results of under different settings of , , and , and Figure 4 illustrates the simulation results of with different settings of , , and , respectively. From Figure 3, we can see that the lines of STQ-SCS are all lower than those of VTMSN and SSSTQ1. This indicates that our proposed scheme STQ-SCS is more energy-efficient than the other two schemes. The lines in Figures 3(a) and 3(b) are on an upward trend because the quantity of sensed data items rises as or becomes larger and larger, which causes the increase of the proof data, while those in Figure 3(c) are on a downward trend as rises from 0 to 1 because the sensor nodes are assumed to generate sensed data items only when they are static or arrive at their target locations and the quantity of the sensed data items and the corresponding proof data must decrease when more sensor nodes are set to be mobile.

(a)

(b)

(c)

(a)

(b)

(c)

Thanks to the technology of virtual-location construction proposed in this paper, fewer bits of location information are included in the proof data in STQ-SCS than the other two schemes, which decrease the ratio of the proof data to the whole data including both sensed data items and their proof. From Figure 4, we can see that the values of of STQ-SCS are all under 12% which is within the acceptable range in real applications and also lower than those of the other two schemes.

8. Conclusions

This paper presents a privacy-preservation and integrity-verification scheme named STQ-SCS for fine-grained spatial-temporal Top- query in FMSCSs. Thorough security analysis shows that STQ-SCS can make the end users in FMSCSs obtain the query results of fine-grained spatial-temporal Top- queries without disclosing the privacy of both the sensed data items and their scores, considering that the fog nodes and the cloud servers are not trustworthy. Meanwhile, the security analysis also shows that, under the security model described in this paper, the end users in FMSCSs can detect the incomplete Top- query results with a 100% successful rate based on our scheme STQ-SCS. Simulation results demonstrate that STQ-SCS is much more efficient than the related state-of-the-art schemes, and can be well used in FMSCSs in real applications.

Data Availability

The data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Authors’ Contributions

Jie Min conceptualized the study and wrote the original draft of the manuscript and was responsible for methodology; Junbin Liang investigated the study; Xingpo Ma performed simulation; Xingpo Ma and Hongling Chen reviewed and edited the manuscript; Xingpo Ma was involved in project administration and supervision; Hongling Chen performed formal analysis.

Acknowledgments

This work was supported by the Natural Science Foundation of China (Grant no. 61972090), the Natural Science Foundation of Hunan Province (Grant no. 2019JJ40406), the Key Specialized Research and Development Project in Henan Province (Grant no. 202102210161), and Planning Subject for the 13th Five Year Plan of National Education Sciences (Grant no. 2019GXJK272).

References

X. Li, Z. Ma, J. Zheng, Y. Liu, L. Zhu, and N. Zhou, “An effective edge-assisted data collection approach for critical events in the sdwsn-based agricultural Internet of Things,” Electronics, vol. 9, no. 6, p. 907, 2020.
View at: Google Scholar
A. Liu, X. Liu, and J. Long, “A trust-based adaptive probability marking and storage traceback scheme for wsns,” Sensors, vol. 16, no. 4, p. 451, 2016.
View at: Publisher Site | Google Scholar
Y. Sun, D. Rehfeldt, M. Brazil, D. Thomas, and S. Halgamuge, “A physarum-inspired algorithm for minimum-cost relay node placement in wireless sensor networks,” IEEE/ACM Transactions on Networking, vol. 28, no. 2, pp. 681–694, 2020.
View at: Publisher Site | Google Scholar
S. Misra, S. Chatterjee, and M. S. Obaidat, “On theoretical modeling of sensor cloud: a paradigm shift from wireless sensor network,” IEEE Systems Journal, vol. 11, no. 2, pp. 1084–1093, 2017.
View at: Publisher Site | Google Scholar
T. Aamir, H. Dong, and A. Bouguettaya, “Trust in social-sensor cloud service,” in Proceedings of the 2018 IEEE International Conference on Web Services (ICWS), pp. 359–362, Seattle, WA, USA, June 2018.
View at: Publisher Site | Google Scholar
Q. Zeng, Q. Duan, M. Shi, X. He, and M. M. Hassan, “Design framework and intelligent in-vehicle information system for sensor-cloud platform and applications,” IEEE Access, vol. 8, pp. 201675–201685, 2020.
View at: Publisher Site | Google Scholar
A. Roy, S. Misra, and F. Nait-Abdesselam, “Range-price trade-off in sensor-cloud for provisioning sensors-as-a-service,” IEEE Transactions on Cloud Computing, p. 1, 2020.
View at: Publisher Site | Google Scholar
X. Wei and L. Wu, “A new proposed sensor cloud architecture based on fog computing for internet of things,” in Proceedings of the 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 615–620, Atlanta, GA, USA, July 2019.
View at: Publisher Site | Google Scholar
M. Bazm, M. Lacoste, M. Südholt, and J. Menaud, “Secure distributed computing on untrusted fog infrastructures using trusted linux containers,” in Proceedings of the 2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pp. 239–242, Nicosia, Cyprus, December 2018.
View at: Publisher Site | Google Scholar
X. Yan, W. W. Y. Ng, B. Zeng et al., “Verifiable, reliable, and privacy-preserving data aggregation in fog-assisted mobile crowdsensing,” IEEE Internet of Things Journal, p. 1, 2021.
View at: Publisher Site | Google Scholar
J. Ye and J. Wang, “Secure outsourcing of modular exponentiation with single untrusted server,” in Proceedings of the 2015 18th International Conference on Network-Based Information Systems, pp. 643–645, Taipei, Taiwan, September 2015.
View at: Publisher Site | Google Scholar
K. N. Sevis and E. Seker, “Survey on data integrity in cloud,” in Proceedings of the 2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud), pp. 167–171, Beijing, China, June 2016.
View at: Publisher Site | Google Scholar
H. Li, Y. Yang, Y. Dai, S. Yu, and Y. Xiang, “Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data,” IEEE Transactions on Cloud Computing, vol. 8, no. 2, pp. 484–494, 2020.
View at: Publisher Site | Google Scholar
X. Meng, H. Zhu, and G. Kollios, “Top-k query processing on encrypted databases with strong security guarantees,” in Proceedings of the 2018 IEEE 34th International Conference on Data Engineering (ICDE), pp. 353–364, Paris, France, April 2018.
View at: Publisher Site | Google Scholar
H. Quan, B. Wang, Y. Zhang, and G. Wu, “Efficient and secure top-k queries with top order-preserving encryption,” IEEE Access, vol. 6, pp. 31525–31540, 2018.
View at: Publisher Site | Google Scholar
S. Su, Y. Teng, X. Cheng, K. Xiao, G. Li, and J. Chen, “Privacy-preserving top-k spatial keyword queries in untrusted cloud environments,” IEEE Transactions on Services Computing, vol. 11, no. 5, pp. 796–809, 2018.
View at: Publisher Site | Google Scholar
D. Negi, S. Ray, and R. Lu, “Pystin: enabling secure lbs in smart cities with privacy-preserving top-k spatial–textual query,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 7788–7799, 2019.
View at: Publisher Site | Google Scholar
X. Ding, P. Liu, and H. Jin, “Privacy-preserving multi-keyword top- similarity search over encrypted data,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 2, pp. 344–357, 2019.
View at: Publisher Site | Google Scholar
R. Zhang, J. Shi, Y. Liu, and Y. Zhang, “Verifiable fine-grained top-k queries in tiered sensor networks,” in Proceedings of the 2010 IEEE INFOCOM, pp. 1–9, 2010.
View at: Publisher Site | Google Scholar
X. Liao, J. Li, and Y. Lei, “Secure and efficient top-k query processing in two-tiered sensor network,” Journal of Computer Research and Development, vol. 50, no. 3, pp. 490–497, 2013.
View at: Google Scholar
R. He, H. Dai, G. Yang, T. Wang, and J. Bao, “An efficient top-k query processing with result integrity verification in two-tiered wireless sensor networks,” Mathematical Problems in Engineering, vol. 2015, Article ID 538482, 8 pages, 2015.
View at: Publisher Site | Google Scholar
D. Hua, Y. Geng, X. Fu, and Z. Qiang, “EVTQ: an efficient verifiable top-k query processing in two-tiered wireless sensor networks,” in Proceedings of the 2013 IEEE 9th International Conference on Mobile Ad-hoc and Sensor Networks, pp. 206–211, Dalian, China, December 2013.
View at: Publisher Site | Google Scholar
J. Liang, C. Jiang, X. Ma, G. Wang, and X. Kui, “Secure data aggregation for top-k queries in tiered wireless sensor networks,” Adhoc & Sensor Wireless Networks, vol. 32, no. 1/2, pp. 51–78, 2016.
View at: Google Scholar
R. Li, A. X. Liu, S. Xiao, H. Xu, B. Bruhadeshwar, and A. L. Wang, “Privacy and integrity preserving top- query processing for two-tiered sensor networks,” IEEE/ACM Transactions on Networking, vol. 25, no. 4, pp. 2334–2346, 2017.
View at: Publisher Site | Google Scholar
R. Li, Y. Lin, Y. Yi, S. Xiong, and S. Ye, “Security top-k query protocol in two layer sensor networks,” Journal of Computer Research and Development, vol. 49, no. 9, pp. 1947–1958, 2012.
View at: Google Scholar
C. M. Yu, Y. T. Tsou, C. S. Lu, and S. Y. Kuo, “Practical and secure multidimensional query framework in tiered sensor networks,” IEEE Transactions on Information Forensics and Security, vol. 6, no. 2, pp. 241–255, 2011.
View at: Publisher Site | Google Scholar
W. Chen, L. Yu, and D. Gao, “A privacy preserving histogram aggregation algorithm with integrity verification support,” Chinese Journal of Electronics, vol. 42, no. 11, pp. 2268–2272, 2014.
View at: Google Scholar
X. Kui, J. Feng, X. Zhou, H. Du, and X. Ma, “Securing top-k query processing in two-tiered sensor networks,” Connection Science, vol. 33, no. 1, pp. 1–19, 2020.
View at: Publisher Site | Google Scholar
F. Liu, X. Ma, J. Liang et al., “Verifiable top-k query processing in tiered mobile sensor networks,” International Journal of Distributed Sensor Networks, vol. 11, no. 10, Article ID 437678, 2015.
View at: Publisher Site | Google Scholar
H. Wu and L. Wang, “Efficient and secure top-k query processing on hybrid sensed data,” Mobile Information Systems, vol. 2016, 10 pages, 2016.
View at: Publisher Site | Google Scholar
X. Ma, X. Liu, J. Liang et al., “A comparative study on two typical schemes for securing spatial-temporal top-k queries in two-tiered mobile wireless sensor networks,” Sensors, vol. 18, no. 3, p. 871, 2018.
View at: Publisher Site | Google Scholar
X. P. Ma, J. B. Liang, J. X. Wang et al., “Secure fine-grained spatio-temporal top-k queries in tmwsns,” Future Generation Computer Systems, vol. 86, pp. 174–184, 2018.
View at: Google Scholar
J. Li, Z. Guan, X. Du, Z. Zhang, and Z. Zhou, “A low-latency secure data outsourcing scheme for cloud-wsn,” in Proceedings of the 2017 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1–6, San Francisco, CA, USA, March 2017.
View at: Publisher Site | Google Scholar
B. Nagaraju and P. Ramkumar, “A new method for symmetric key cryptography,” International Journal of Computer Applications, vol. 142, no. 8, pp. 36–39, 2016.
View at: Google Scholar
E. Khoury, M. Medlej, C. A. Jaoude, and C. Guyeux, “Novel order preserving encryption scheme for wireless sensor networks,” in Proceedings of the 2018 IEEE Middle East and North Africa Communications Conference (MENACOMM), pp. 1–6, Jounieh, Lebanon, April 2018.
View at: Publisher Site | Google Scholar
S. Jangirala, A. K. Das, M. Wazid, and A. V. Vasilakos, “Designing secure user authentication protocol for big data collection in iot-based intelligent transportation system,” IEEE Internet of Things Journal, vol. 8, p. 1, 2020.
View at: Publisher Site | Google Scholar
S. Verma, R. Choubey, R. Soni, and P. Ogi, “An efficient developed new symmetric key cryptography algorithm for information security,” International Journal of Emerging Technology and Advanced Engineering, vol. 2, no. 7, pp. 18–21, 2012.
View at: Google Scholar
S. Roy, J. Karjee, U. Rawat, N. Dayama Pratik, and N. Dey, “Symmetric key encryption technique: a cellular automata based approach in wireless sensor networks,” Procedia Computer Science, vol. 78, pp. 408–414, 2016.
View at: Publisher Site | Google Scholar
M. Bala Krishna and M. N. Doja, “Deterministic k-means secure coverage clustering with periodic authentication for wireless sensor networks,” International Journal of Communication Systems, vol. 30, no. 4, pp. 1–16, 2017.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2021 Jie Min et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

237

Downloads

526

Citations

Security and Communication Networks

Data Security and Privacy for Fog/Edge Computing-Based IoT

STQ-SCS: An Efficient and Secure Scheme for Fine-Grained Spatial-Temporal Top- Query in Fog-Based Mobile Sensor-Cloud Systems

Abstract

1. Introduction

2. Related Works

2.1. Securing Top- Queries in Cloud Computing

2.2. Securing Top- Queries in TWSNs

2.3. Securing Top- Queries in TMWSNs

3. Models, Notations, and Problem Statement

3.1. System Model

3.2. Definitions

3.3. Security Model

3.4. Problem Statement and Design Goal

4. Our Scheme STQ-SCS

4.1. Secret Key Distribution

4.2. Construction of the Virtual Grids

4.3. Secure Data Preprocessing

4.4. Secure Spatial-Temporal Top- Query Processing

4.5. Completeness Verification of the Query Results

5. Security Analysis

5.1. Analysis of STQ-SCS on Privacy Preservation

5.2. Analysis of STQ-SCS on Completeness Verification

6. Computation Complexity Analysis

7. Performance Evaluation

7.1. Metrics and Experimental Setup

7.2. Simulation Results

8. Conclusions

Data Availability

Conflicts of Interest

Authors’ Contributions

Acknowledgments

References

Copyright