Dynamic SSE for storing geospatial data in the cloud

Geospatial data sets often contain sensitive information, for example, about urban infrastructures. Since clouds are usually provided by third parties, this data needs to be protected. In our paper entitled Dynamic searchable symmetric encryption for storing geospatial data in the cloud, we present an encryption scheme allowing users to encrypt their data in the cloud and make it searchable at the same time. The paper has just been published to the International Journal of Information Security by Springer.

Compared to other static encryption methods, our approach to searchable symmetric encryption (SSE) does not require an initialization phase. This enables users to dynamically add new data and remove existing records. In the paper, we design multiple protocols differing in their level of security and performance, respectively. All of them support queries containing boolean expressions, as well as geospatial queries based on bounding boxes, for example.

Our findings indicate that although the search in encrypted data requires more runtime than in unencrypted data, our approach is still suitable for real-world applications. We focus on geospatial data storage but our approach can also be applied to applications from other areas dealing with keyword-based searches in encrypted data. We conclude the paper with a discussion on the benefits and drawbacks of our approach.


Hiemenz, B., & Krämer, M. (2019). Dynamic searchable symmetric encryption for storing geospatial data in the cloud. International Journal of Information Security, 18(3), 333–354. https://doi.org/10.1007/s10207-018-0414-4
[ | PDF ]


According to Springer’s self-archiving policy, you may download the manuscript pre-print here. The final authenticated version is available on the publisher’s website.

Profile image of Michel Krämer

Posted by Michel Krämer
on 20 May 2019

Next post

New major version 4.0.0 of gradle-download-task

I’m thrilled to announce that a new major version 4.0.0 of the gradle-download-task plugin has just been released. This version provides many new features and is recommended for all users.

Previous post

Implementing secure applications in smart city clouds using microservices

In our paper, we describe an approach to creating secure smart city applications using the microservice architectural style. We evaluate it by implementing a web app for urban risk management.

Related posts

Two new cloud-based data processing papers published

My latest research papers about “Capability-based Scheduling of Scientific Workflows in the Cloud” and “Scalable processing of massive geodata in the cloud” are now available.

10 recipes for gradle-download-task

gradle-download-task is a Gradle plugin that allows you to download files during the build process. This post summarizes common patterns and use cases of gradle-download-task and provides useful tips and tricks.

Efficient scheduling of workflow actions in the cloud

My latest paper about scheduling workflow actions based on required capabilities has just been published Springer’s Communications in Computer and Information Science book series.