Perceptual encryption with compression for secure vector map data processing

Perceptual encryption with compression for secure vector map data processing

Digital Signal Processing 25 (2014) 224–243 Contents lists available at ScienceDirect Digital Signal Processing www.elsevier.com/locate/dsp Percept...
Download PDF
7MB Sizes 1 Downloads 91 Views
Report

Digital Signal Processing 25 (2014) 224–243

Contents lists available at ScienceDirect

Digital Signal Processing www.elsevier.com/locate/dsp

Perceptual encryption with compression for secure vector map data processing Bong-Joo Jang a , Suk-Hwan Lee b,∗ , Ki-Ryong Kwon c,∗ a b c

Water Resource Research Division, Korea Institute of Construction Technology, Republic of Korea Department of Information Security, Tongmyong University, Republic of Korea Department of IT Convergence and Application Engineering, Pukyong National University, Republic of Korea

a r t i c l e

i n f o

Article history: Available online 15 October 2013 Keywords: Vector map data Vector compression Perceptual encryption Copy detection Access control

a b s t r a c t With the rapidly rising interest in geographic information system (GIS) contents, a large volume of valuable map data has been unlawfully distributed by pirates. Therefore, the secure storage and transmission of classified national digital map datasets have been increasingly threatened. As the importance of secure, large-volume map datasets has increased, vector map security techniques that focus on secure network and data encryption have been studied. These techniques are required to ensure access control and prevent illegal copying of digital maps. This paper presents perceptual encryption on the vector compression domain for copy protection and access control of vector maps. Our algorithm compresses all vector data of polylines and polygons by lossless minimum coding object (MCO) units and perceptually encrypts using two processes using the mean points and directions of MCOs. The first process changes the position of vector data by randomly permuting the mean points of MCOs, the socalled position encryption. The second process changes the geographic shape by circularly encrypting the directions of vertices in MCOs by the XOR operator. Experimental results have verified that our algorithm can encrypt GIS digital maps effectively and simply and can also improve the compression ratio, unlike general data encryption techniques, and thus, our algorithm is very effective for a large volume of GIS datasets. © 2013 Elsevier Inc. All rights reserved.

1. Introduction A geographic information system (GIS) is designed to capture, store, manipulate, analyze, and manage all kinds of geographic information. As such, GIS is the emerging system for cartography, statistical analysis, and database technology [1–3]. Many countries have greatly spread the application of geographic information in both the public and the private sector by constructing a GIS frame and network at a national level. In recent mobile applications such as navigation, smart phone, and Wi-Fi, GIS has rapidly grown into a new paradigm of Where 2.0 with Web GIS through Internet mapping, mobile mash-up services, and social communities. The data structure of the geographical dataset, as shown in Fig. 1, consists of spatial data fields and object data fields. The spatial data are classified as vector data and raster data. The former can be displayed as vector graphics, which uses geometrical primitives such as points, lines, curves, and shapes or polygons, whereas raster data appear as an image. Geographical features are often expressed as vectors by considering those features as geometrical shapes.

*

Corresponding authors at: Department of IT Convergence and Application Engineering, Pukyong National University, Republic of Korea. Fax: +82 51 629 6230. E-mail addresses: [email protected] (S.-H. Lee), [email protected] (K.-R. Kwon). 1051-2004/$ – see front matter © 2013 Elsevier Inc. All rights reserved. http://dx.doi.org/10.1016/j.dsp.2013.09.013

The security of a geographical dataset encrypts map data or controls user access to prevent damage to or theft of the dataset, which can happen in the integration process with a number of datasets of geographical information. Cases in which second- or third-party consumers illegally distribute datasets established by private or national institutes have been frequently reported. Some countries have invested significant amounts of their budgets to the development and construction of security solutions as a part of an integrated construction project of national geographic information to link systems of institutes. Looking into recent techniques for geographical dataset security, network security techniques for secure transmission of map data have been researched extensively [4–8]. Researchers have worked on the cryptography-based data encryption of database files or data profiles [9–11] and on the watermarking and hashing of vector maps or raster maps for copyright protection [12–20]. Conventional approaches to dataset security that are based on authentication and watermarking have some limitations. These limitations are as follows. First, the cryptography of data files and profiles increases complexity because of complex encryption algorithms. Some objects that illustrate contour lines in map expression fields, such as houses, roads, and main sewers, can be frequently activated or nonactivated, and the switching of map

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

225

Fig. 1. General data structure of a GIS database.

Fig. 2. Concept of perceptual encryption.

expression can occur on the basis of various event types. Thus, because the encryption and decryption of a dataset must always be performed when cases such as the above occur, the flexibility of such a system is very low. In particular, database management systems (DBMSs) based on security techniques [10] are vulnerable to the conversion of data format. Therefore, the security technique must preserve the security of the dataset in various formats. Second, the network security technique cannot preserve security in the case of data leakage in offline or loophole exposure of network administration. Third, the conventional works cannot perform the indexing when layers or objects in an encrypted map are detected and displayed. This indexing is very useful in GIS. Finally, map watermarking, which is the post-processing of security, determines whether pirated map data are illegally copied. In short, it is difficult to create a basic solution for map dataset security. To compensate for limitations in the conventional approaches described above, we present the perceptual encryption of layer units on vector compression to protect against illegal copying and distribution and to control access of a large volume of map datasets. Our algorithm perceptually encrypts a vector map by using position and direction parameters in vector compression domains that imply lossless hierarchical compression. The main advantages of our algorithm are the high efficiency of perceptual encryption using low-complexity indexing for special or only desired objects in the encrypted map without a decryption process for the total map, as well as the improvement of the compression ratio for a large volume of map datasets. The remainder of this paper is organized as follows. In Section 2, we describe map security techniques and related works regarding map datasets. In Section 3, we explain the proposed perceptual encryption in detail. In Section 4, we discuss the experimental results, and we conclude the paper in Section 5.

2. Vector map security and compression A vector map consists of a number of data layers that contain geographical features of roads, railroads, rivers, buildings, and so on, as well as spatial and nonspatial data. Each layer contains object sets of points, lines or polylines, polygons, and characters. Geometric types of points, lines or polylines, and polygons are represented by one or more vertices. In addition, vector maps can be stored and distributed using various formats according to the production environments [21–24]. Despite the various formats, all geometric data contain consecutive vertices of floating points on a 2D plane, and any layer in a map can be generated by a geometric dataset. Most geographical features can be represented by polylines and polygons. Watermarking and encryption techniques have been studied by many researchers to address the security of the content of the many kinds of vector map data. Vector map watermarking has been extensively researched as a solution for the protection of spatial data since the early 2000s [12–20]. However, because the purpose of vector map watermarking is to verify whether a pirated map has been copied, this seems to be the end step of this security strategy. Therefore, vector map watermarking is not a suitable method for ensuring secure transmission and storage of a map. Perceptual encryption of multimedia contents degrades the quality of the content according to the security or quality requirements for previewing the secure media content [25]. Fig. 2 shows the concept of perceptual encryption. The control factor handles the quality degradation corresponding to the encryption strength. In general, perceptual encryption is realized by partial encryption algorithms with a format-compliant feature. The focus of most perceptual encryption algorithms has been on images and video in a compressed domain [26–30]. These various perceptual encryption techniques for multimedia were investigated, and it has been found that perceptual encryption techniques for GIS as the vector data, which is an important multimedia tool, have been inadequate

226

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

thus far. Only conventional network securities and file encryptions are applied for map security. However, these methods present several issues regarding computation complexity and fast database access. Encrypting a large volume of map data using existing encryption algorithms, such as Advanced Encryption Standard (AES), Data Encryption Standard (DES), etc., consumes a vast amount of processing time and computational volume. In addition, when an authorized user wants to access a map of some specified locations from the encrypted map database, the database server must decrypt all the map data files related to the specified locations. This causes a large temporal delay and computational cost. We address current vector map encryption techniques in this section. 2.1. Map cryptography Map cryptographic techniques for the security of vector maps have been researched in the context of secure map datasets. Many conventional works [4–8] manage map datasets by using access control on the Web or a database. Bertino et al. [4] discuss technical challenges raised by the unique requirements of secure geospatial data management such as access control, security, and privacy policies, as well as the development of secure and, in particular, interoperable GIS applications. The authors [5] present an approach to the definition of an access control system for spatial data on the Web. Similar works have been published on access control using semantic R-trees [6] and Web-oriented GIS [7]. In addition, a rolebased access control model [8] was presented, but access control and management on Web or databases do not maintain security in the outflow of an authenticated user. The following are approaches to cryptography for map datasets. Dakroury et al. [9] combined AES and RSA cryptography with a simple watermarking technique for the copyright protection of vector maps in online/offline services. This algorithm encrypts map data using an AES block cipher operator of 256 bits. Because Dakroury et al. [9] tested a low-volume map of low complexity and memory, data processing seemed to take a short time. The complexity of this algorithm will increase for a large volume of the map datasets that are widely used for vector mapping in navigation systems or Web GIS or for detailed numerical maps such as those used in military or government services. Furthermore, because this algorithm encrypts map data without considering geographical features, it has a disadvantage in that it has to decrypt the entire map data in order to extract parts of layers or features. Li [10] encrypted the vector dataset in an external Oracle DBMS by using DES and an R-tree spatial index. This algorithm encrypts the spatial index when the map dataset is transmitted to the client and designs the key management of public and private keys on a PKI system. However, this algorithm does not keep the security of the vector map on the DBMS because it focuses on DBMS security and does not provide support for various data formats. Wu et al. [11] proposed a compound chaos-based encryption algorithm of vector data by considering the storage characteristics and sensitivity of the initial values and parameters of chaos-based systems. This algorithm does not provide support for various data formats and object indexing. Aiming at low complexity, fast object indexing and online/offline availability to overcome the disadvantages of conventional works, we present in this paper a partial encryption algorithm using position and direction parameters in the vector compression domain as a kind of perceptual encryption technique. By randomly modifying all the vertices’ positions and their directions from the preceding vertices via our encryption scheme, the original vector map data that indicate specified geographical locations can be tangled up, making them unrecognizable perceptually, that is, by the human eye. We propose developing the perceptual encryption on polyline and polygon datasets so that it can be applied across various data formats. We present some map cryp-

tography and compression algorithms to ensure the security and transmission efficiency of GIS maps. If these algorithms are combined with vector map compression, the efficiency of both security and compression will be improved. We also address current vector map encryption techniques in this section. 2.2. Vector map compression Many researchers have worked on the loss or lossless compression of the vector map. For the secure transmission and storage of a large volume of map datasets or a detailed map, lossless compression is more useful than lossy compression because a map dataset has to be reversible. In this subsection, we discuss some works on vector map compression. Kolesnikov et al. [31] presented a compression algorithm using polygon approximation and encoded low-resolution data and quantization errors by arithmetic coding for progressive transmission of vector maps in a narrowband network. Despite high compression and short computation time, Kolesnikov et al.’s algorithm [31] can be applied only to polygon data. Furthermore, their algorithm has a long processing time and causes the compression ratio to decrease rapidly when handling complex topography such as that on a digital map. Kolesnikov et al. [32] also presented the data reduction algorithm by using a near-optimal approximation of multiple polygonal curves. Because their data reduction algorithm simplifies loss compression, it is difficult to apply to a detailed map that demands the precision of vector data. Shekhar et al. [33] designed a dictionary algorithm for map compression that minimizes errors of approximation for locations of spatial objects in a map. Because their algorithm is irreversible, it is difficult to apply to the lossless compression of a large volume of map datasets. Loup et al. [34] presented compression based on a wavelet transform of longitudes and latitudes in a vector map. However, it is difficult to compact spectral energies from large numerical maps and to apply reversible applications because of quantization errors and integer loss in the transform process. For map simplification, Xingchun et al. [35] presented an accelerated algorithm of the Douglas–Peucker algorithm for polyline simplification of vector maps. Park et al. [36] presented the hybrid line simplification for segmenting and simplifying linear features on the basis of quantitative characteristics of a line. However, these algorithms are irreversible and therefore, have difficulty being applied to the secure transmission of a detailed map. General data compression algorithms, such as zlib, 7-zip, rar, and alz [37–40], can be performed for lossless compression of vector maps, but these compression algorithms cannot produce high compression efficiency and cannot be used to easily access data without recovering the compressed data. We have designed a hierarchical lossless compression algorithm of polylines and polygons for the secure transmission and storage of a large volume of map datasets or detailed numerical maps. This compression algorithm will be effective for combining map cryptography. 3. Proposed perceptual encryption with compression 3.1. Overview In this paper, we propose a novel perceptual map encryption and compression technique based on spatial energy compaction (SEC). In our technique, individual compression processes are first performed on each object (polyline or polygon) of the vector map. To classify components that are similar to compact spatial redundancies, the mean distance of each object and the vertices’ directions from its mean position are separated in the compression process. While an object is compressed, our perceptual encryption is performed for the separated mean distance and directions of

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

227

Fig. 3. The proposed encryption process of vector map on compression domain.

Fig. 4. Data structure of MCO for an object of polyline or polygon.

related vertices. Generally, the process of compression and encryption for a large volume of map datasets requires a long execution time and has a high computational cost. The aim of this paper is to present perceptual encryption for the secure transmission and storage of a large volume of map datasets with a high compression ratio to achieve low complexity and fast object indexing in a compressed map. Because our encryption uses only one coordinate value and sign bit in the number of vertices of the related object, the computational cost for map encryption is minimized. In addition, because compression and encryption schemes are applied to each object of map data individually, the necessary objects at the specified location in the map data can be decoded and decrypted without decoding and decrypting all of the map data. Our algorithm consists of SEC-based compression and perceptual encryption of spatial positions and directions, as shown in Fig. 3. Our algorithm encrypts two parameters of MCO units, mean distance and direction information generated from the compression, through a separating process. It ensures that two separate encryptions are independent. Because the position encryption randomizes the positions of all the objects and the direction encryption randomizes all the vertices of each object, the algorithms proposed in this paper provide perceptual encryption such that a

vector map cannot be realized visually. Meanwhile, an encrypted map can be decrypted completely by using the same algorithm with the encryption schemes while the map data is decoded. 3.2. Vector compression A vector map contains a number of layers. We consider that a layer L contains a number of objects of polylines and polygons, L = {Pi | i ∈ [1, |L|]}, and an object Pi contains a series of vertices, Pi = { v i j | j ∈ [1, |Pi |]}. |L| and |Pi | are cardinalities of a layer L and an object Pi . Thus, vi j indicates jth vertex in ith object Pi of a layer L and is defined as two coordinate values: vi j = (xi j , y i j ). An object has two different types of polylines and polygons. Coordinate values of a vertex are represented as 64-bit floating points. We generate MCOs of objects in layers and encode them individually. An MCO consists of its label or ID, data size of the MCO, minimum bounding rectangle (MBR) coordinate, and a series of compressed vertex data. The MBR coordinate represents the position where this MCO belongs to the MBR, and this coordinate makes for easy accessibility of the data. Data compression is performed on MCOs for accessibility to any object in a layer. Fig. 4 shows the structure of an MCO.

228

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 5. The process of spatial energy compaction.

Fig. 6. Example of spatial energy compaction process about a polyline object.

The vertex data must be processed by considering the precision degree for data accuracy. We divide all vertices in an object Pi to integer part Zi and fraction part Di ; Pi = Zi + Di = {vi j = zi j + di j | j ∈ [1, |Pi |]}. Two parts are controlled by multiplying the precision degree and are processed separately.









P i = Z i + D i = v i j = z i j + d i j  j ∈ 1, |P i |







where zi j = vi j × 10c z and di j = 10cd vi j × 10c z − zi j

(1)

c z and cd are the precision degrees for integer part and fraction part, respectively. Generally, the decimal place in vector map is six. If two degrees are set to 2, two decimal places will be converted to integers. This means that the basic precision of processing data is measured in centimeters in transverse Mercator (TM) coordinate typed map data. In our paper, we set c z = 0 and cd = 6 in order to map data after lossy compression has at least 1-m precision. 3.2.1. Integer part The integer part Zi will be compressed by SEC using the data structure of a Shapefile format. A Shapefile contains 2D coordinate values: MBR for a layer and MBRs for objects in a layer. An MBR of a layer L is denoted as B(L) = (Bmin (L), Bmax (L)). Another MBR of an object Pi is denoted as B(Pi ) = (Bmin (Pi ), Bmax (Pi )). The process of SEC is shown in Fig. 5. In the SEC process, we find positive values {B+ (Pi )} among differences between object MBRs and a layer MBR,



B+ (Pi ) = Bmin (Pi ) − Bmin (L), Bmax (Pi ) − Bmax (L)

z+ = zi j − Bmin (Pi ) for zi j > Bmin (Pi ) ij

(3)

Positive distance MBRs {B+ (Pi )} are stored in the MBR code field of jth MCO’s structure, as shown in Fig. 4. These MBRs are used as reference values for minimizing data sizes of vertices in an MCO. Each vertex value in an MCO presents a minimized differential value by Eq. (3). Furthermore, the MBRs can search their objects quickly without decoding payload. The payload of an MCO consists of MCO offset, deviation sign, and intensity for the integer part, and hierarchical byte code of the fractional part, as shown in Fig. 4. Define the deviation 2 zi j of an integer part of vi j by subtracting the mean ¯z+ of positive distances {z+ } from the disi ij tance zi j ,



 2 zi j = zi j − ¯z+ = sgn 2 zi j × 2 zi j  i where ¯z+ = z+ / i i j Ni

(4)

j

N i is the number of positive distances in an object Pi . We obtain deviations 2 Zi of all vertices in an object Pi : 2 Zi = {2 zi j | j ∈ [1, |Pi |]}. Because deviations are signed value vectors, we separate them into signs and amplitudes. The deviation amplitude |2 zi j | should be smaller than the integer part zi j because of the correlation of neighboring vertices. Fig. 6 illustrates an example of the SEC process for a polyline object. The sign and amplitude of deviation of the integer part are stored by turns in the integer code, as shown in Fig. 4. The deviation signs are denoted as











Si = si j = sgn 2 zi j  j ∈ 1, |P j |

(5)

(2)

The mean distance ¯z+ and deviation signs Si are perceptually i encrypted.

and find vertices {z+ i j } where the distances between the minimum coordinate Bmin (Pi ) of Pi and the integer parts zi j of vertices vi j (⊂ Pi ) are positive.

3.2.2. Fraction part Unlike the integer part, the fractional part Di in Eq. (1) can be used to describe the precise position of vector data, and it is

for Bmin (Pi ) > Bmin (L) and Bmax (Pi ) − Bmax (L)

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

sensitive to small variations. Therefore, it is difficult to find the correlation of fractional numbers. Any geographical application such as mobile or navigation uses the approximated vertex data generally. The fractional part is less necessary to special applications or any user that does not ask for a precise position. Therefore, the SEC process for the fraction part compresses them hierarchically according to degree of precision, as shown Fig. 6. Users can decode the fraction part to the degree of precision as the user chooses. Considering that di j in Eq. (1) is W bits, we segment the fractional number di j to H bits (W > H ) to hierarchically control the precision. Thus, lth segmented bits A l (di j ) of di j can be defined as

A l (di j ) = di j  ( W − H × l)

where l ∈ 0,

W H

 (6)

 ri =

 ¯z+ i , G

229

di = ¯z+ − r i G i

(9)

From Eq. (9), the mean distance ¯z+ can be rewritten as ¯z+ = i i ri G + di . By encrypting again the permuted index ri , the mean distance ¯z+ i of an object Pi is encrypted by the perceptual position encryption C P (·) as follows:









= C P ¯z+ E ¯z+ , K P = E P (ri , K P )G + di i i

(10)

E P can be used in the encryption algorithms XOR, AES, DES, and others. For our scheme, we used an XOR operator that has the lowest complexity and similar encryption efficiencies through experiments. In our experiment, we used N = 8 randomly extracted from hashed keys of 256 bits. As a result, the geographical position of a target object, such as the question mark in Fig. 7, can be randomized onto GLAs so that the human eye can perceive it via the position encryption process.

For example, when W is 24 bits and H is 4 bits, the number of segmented bits including NULL bits is 7. The segmented bits are as follows: A 0 (di j ): 0 bit (NULL), A 1 (di j ): 0th–3rd bits, A 2 (di j ): 4th–7th bits, . . . , A 6 (di j ): 20th–23rd bits. If the precision degree needs to be two levels, bits of A 0 (di j ), A 1 (di j ), A 2 (di j ) will be stored. Thus, the fraction part can be stored hierarchically by the precision degree. The code for the fraction part is given in Fig. 4. Through the above process, we code an object of polyline or polygon to MCO data as shown in Fig. 3 and again compress MCO data by the entropy coder. The entropy coder can be used by LZ77, zlib based on Huffman coding, 7z based on LZMA (Lempel–Ziv– Markov chain algorithm), and so on. All of the entropy-coded MCO data are stored to a format similar to the SHP format. Principal data of MCO code for an object Pi are MBR (Bmin (Pi ), Bmax (Pi )), sign and amplitude of deviation for the integer part, and hierarchical code for the fractional part.

3.3.2. Perceptual direction encryption C D (·) Although the perceptual position encryption perceptually encrypts the positions of all objects in the target vector map, the encrypted map maintains to some degree the geometric shape of the object. Any pirate who has intercepted the original and encrypted vector maps can trace back the encryption key by matching the object pairs having the same vertex number and shape through some complex processes, such as known plaintext attack (KPA). We secondarily perform encryption on the directions of all vertices in an object to prevent this kind of KPA and to improve security. The deviation signs Si [see Eq. (5)] in the MCO payload of an object Pi represent the directions of vertices in Pi . The perceptual direction encryption C D (·) encrypts the deviation signs Si using the direction key K D .

3.3. Perceptual encryption

E (Si ) = C D (Si , K D ) = E D (Si , K D )

Our algorithm perceptually encrypts two parameters of Pi by two different keys, called position key K P and direction key K D . Two encrypted parameters are the mean distance ¯z+ and deviai tion signs Si that are generated in the compression step. They are included in the MCO code for an object. 3.3.1. Perceptual position encryption C P (·) We encrypt the mean distance ¯z+ of Pi by the perceptual i position encryption C P (·) with a position key K P .







= C P ¯z+ E ¯z+ , KP i i



(7)

Because the encrypted position E (¯z+ ) is a geospatial coordinate, i the geospatial region of layer should be divided into small gridded regions for the coordinate permutation. Hence, we divide a layer L into N × N gridded local areas (GLAs) within a layer MBR, (Bmin (L), Bmax (L)), and a gridded number 2 N , as shown in Fig. 7. Given Bmin (L) = (xmin , y min ) and Bmax (L) = (xmax , y max ), a GLA is a 2D rectangular area with the size Gx × G y on two axes.

Gx =

xmax − xmin 2N

,

G y =

y max − y min 2N

(8)

Therefore, (m, n)th GLA G(m, n) can be defined as a center point g(m, n) = ((m + 1/2)Gx, (n + 1/2)G y ) and a size G = (Gx, G y ) for (m, n ∈ [1, 2 N ]). The number of GLAs depends on N, which can be used as the key. The position encryption randomly permutes 2 N × 2 N GLAs by permutation table T ; T (G(m, n)) = G(m , n ) for m, n, m , n ∈ [1, 2 N ]. Hereby, an object Pi in a GLA can be described by the index ri and deviation di on a GLA.

(11)

E D (·) is used as an XOR cipher that is the same as E P (·) in perceptual position encryption. Fig. 8 shows an example of perceptual direction encryption. When vector data are compressed by our scheme, as described in Section 3.1, each sign vector Si and deviation 2 Zi are separated in the SEC process. Here, each sign value si j of Si represents a directivity component of related vertex zi j about the mean distance ¯z+ . As we apply our direction encrypi tion to these sign values Si , vector directions of every vertex in the object are changed randomly, as shown on the right side of Fig. 8. In Fig. 8, after the direction encryption, the object’s shape is completely distorted from the original, perceptually. Because Si has only 2N i bits of data size, our encryption scheme can be performed simply with low computational complexity. 3.3.3. Key generation We generate two keys using counter (CTR) mode encryption [41] for low complexity and low overload of padding data. CTRmode encryption was recommended for block cipher modes of operation by the National Institute of Standards and Technology (NIST) in SP800-38A. This encryption generates the key stream using the CTR, which increases one by one every time and encrypts simply the plain text by the key stream. We hash the message M to a key value with one block size among 64/128/256 bits and encrypt a hashed message M h by an AES block cipher with a CNT value cnt. The CNT value consists of nonce, which is allocated for a relative vector map and increments using vector map components. This length is the same as the message length. Our algorithm uses the increment parameter j for the order of objects for encrypting. Thus, we attain the stability of perceptual encryption by CTR-mode encryption [41]. Fig. 9 shows the generation process of the position key K P and the direction key K D . Two keys are generated by varying on the

230

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 7. The concept of our position encryption algorithm.

Fig. 8. The concept of our direction encryption algorithm.

Fig. 9. A key generation process for the position and direction encryption.

order i of the MCO to avoid index redundancy. The lengths of K P and K D are determined by perceptual position encryption and the number of vertices in an object Pi , respectively. As shown in Fig. 7, the number of GLAs affects the permutation complexity of each object in the process of perceptual position encryption. Moreover, it is possible for some MCOs of objects to be included in the same local area by following our perceptual position encryption. In this case, they will be permuted to the same coordinate if the same key is used. To avoid this redundancy, we vary the position key K P depending on the MCO order j as follows:



KP =

K P ( i − 1)  1 + 1,

if MSB of K P (i − 1) = 1

K P ( i − 1)  1,

otherwise

(12)

and divide K P (i ) to keys on x, y axes.





K P ( j ) = k P ( j , x), k P ( j , y )

(13)

where k P ( j , x) and k P ( j , y ) are, respectively, even and odd bits of K P ( j ). K P ( j ) and K D ( j ) are applied to two perceptual encryptions in each of Eqs. (13) and (14). Performing the above process minimizes the redundancy of keys because keys are different on the orders of objects about existing different objects in a GLA. Moreover, encrypted objects move to various positions, even though they are within identical GLAs. 4. Experimental results To evaluate the performance of our perceptual encryption and compression technique, we used many different scaled maps. Fig. 10 shows different scaled maps that contain layers of a contour at an elevation of 100 m, including buildings, administrative districts, rivers, and eight kinds of streets. Each test map has different layers and objects. Figs. 11 and 12 show layers of building

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

231

Fig. 10. Different scaled maps used in our experiment; (a) Coast city (1:5000), (b) downtown (1:5000), (c) suburban (1:1000), (d) suburban (1:5000), (e) inland city (1:25,000).

Fig. 11. Layers of (a) building and (b) street in Coast city map (Fig. 10(a)).

and street in Cost city map of Fig. 10(a) and in downtown map of Fig. 10(b). Many methods compress the vector data using vector simplification [35,36]. However, these simplification methods are not suitable for highly detailed maps, which are the focus of this

paper. Most conventional works on vector map security depend on data encryption and network protocol for access control. However, our algorithm perceptually encrypts objects of geographical features of vector maps based on lossy and lossless compression.

232

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 12. Layers of (a) building and (b) street in downtown map (Fig. 10(b)). Table 1 Results of lossless compression of our method and public compression algorithms ((kB): data size, (%): compression ratio). Test maps

Coast city area 1:5000

Downtown area 1:5000

Suburban area 1:1000

Suburban area 1:5000

Inland city 1:25,000

Object (number of MCO)

Building layer

Polygon (18,587)

Street layer

Polyline (25,522)

Building layer

Polygon (10,346)

Street layer

Polyline (12,605)

Building layers

Polygon (255)

Street/contour layer

Polyline (481)

Building layers

Polygon (1305)

Street/contour layer

Polyline (1235)

Building layers

Polygon (7765)

Street/contour layer

Polyline (11,175)

Original layer (kB)

Proposed method

7z (kB)

Zip (kB)

Rar (kB)

RMSE

907 36.6% 1240 20.7%

1629 65.7% 2949 49.3%

1991 80.3% 4441 74.2%

1879 75.8% 4122 68.8%

0.0

538 48.9% 652 46.1%

505 45.9% 603 42.6%

712 64.7% 824 58.3%

879 79.8% 1097 77.6%

827 75.1% 1005 71.1%

0.0

46 100% 87 100%

24 54.2% 34 39.3%

23 50.2% 32 37.2%

30 67.3% 52 59.9%

38 83.1% 69 79.8%

37 82.5% 63 73.2%

0.0

204 100% 193 100%

106 52.0% 87 45.5%

93 45.9% 78 40.8%

135 66.2% 118 61.3%

164 80.6% 146 76.1%

155 76.1% 137 71.5%

0.0

958 100% 1380 100%

387 40.4% 487 35.3%

370 38.6% 417 30.3%

640 66.9% 720 52.2%

748 78.1% 1045 75.7%

706 73.7% 955 69.2%

0.0

with zlib (kB)

with 7z (kB)

2478 100% 5987 100%

972 39.2% 1342 22.4%

1101 100% 1414 100%

Because the comparative evaluation of our algorithm and existing algorithms for vector map security is ambiguous, we evaluated the performance of compression and perceptual encryption of our algorithm. Our algorithms compress the scaled map using the structure of MCOs and perceptually encrypt mean distances and deviation signs of MCOs. Therefore, we evaluated several cases of compression and two perceptual encryption cases of our algorithm. 4.1. Compression efficiency To evaluate compression performance, we measured the RMSE (root mean square error) of the compressed maps as a unit of meter and the compression ratio on varying precisions. All vertex data have the precision of 6 decimal places. We analyzed the performance of lossless/lossy compression without or with perceptual encryption. Lossless and lossy compressions of our algorithm are classified by the precision degree in the fraction part, which is determined by the precision level l of the segmented bits in Eq. (6). The integer part is compressed by lossless SEC. We set two param-

0.0

0.0

0.0

0.0

0.0

eters H and W in the fraction part [Eq. (6)] to 8 bits and 20 bits. Therefore, the precision level l is from 0 to 3 and segmented bits are A 0 (di j ) (0th bit), A 1 (di j ) (1th–8th bits), A 2 (di j ) (9th–16th bits), A 3 (di j ) (17th–19th bits). 4.1.1. Lossless compression without encryption We performed lossless compression by setting l to 3 of the maximum level in the fraction part. This means that all of the segmented bits in the fraction part are preserved without loss: ( A 0 (di j ), A 1 (di j ), A 2 (di j ), A 3 (di j )). We compared our algorithm with zlib and 7z with public compression algorithms of 7z, zip, and rar. Table 1 summarizes the number of MCOs (objects), bytes of the original layer, and bytes of the compressed layer using our algorithm and using public compression algorithms. Moreover, this table lists the RMSE of compressed layers. We calculated only the data sizes for vertices and fields of each layer. These results confirm that our algorithm with 7z and zlib compresses vector maps from 20% to 48%, which is 12% to 54% lower than 7z, zip, and rar. All RMSE results are zero because they

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

233

Table 2 Results of our lossy compression with 7z on precision levels in fraction part and RMSE ((kB): data size, (%): compression ratio). Layer

Type

Capacity & RMSE

Lossless

Lossy

Level 3 (all 20 bits)

Level 2 (16 bits)

Level 1 (8 bits)

Level 0 (0 bit)

Coast city building (1:5000)

Polygon

Capacity (kB) (Ratio %) RMSE

907 (36.6) 0.0

856 (34.5) 0.0026

848 (34.2) 0.0403

803 (32.4) 0.6216

Coast city street (1:5000)

Polyline

Capacity (kB) (Ratio %) RMSE

1240 (20.7) 0.0

1172 (19.6) 0.0029

1166 (19.5) 0.0451

1102 (18.4) 0.7013

Downtown building (1:5000)

Polygon

Capacity (kB) (Ratio %) RMSE

505 (45.9) 0.0

477 (43.3) 0.0030

470 (42.7) 0.0413

446 (40.5) 0.6402

Downtown street (1:5000)

Polyline

Capacity (kB) (Ratio %) RMSE

603 (42.6) 0.0

569 (40.2) 0.0027

566 (40.0) 0.0391

537 (38.0) 0.7228

Suburban building (1:1000)

Polygon

Capacity (kB) (Ratio %) RMSE

23 (50.2) 0.0

18 (41.0) 0.0058

17 (38.6) 0.0464

15 (34.7) 0.7329

Suburban street/contour (1:1000)

Polyline

Capacity (kB) (Ratio %) RMSE

32 (37.2) 0.0

29 (34.4) 0.0044

27 (32.5) 0.0505

26 (30.5) 0.8464

Suburban building (1:5000)

Polygon

Capacity (kB) (Ratio %) RMSE

93 (45.9) 0.0

80 (39.3) 0.0037

77 (37.8) 0.0449

69 (34.3) 0.7053

Suburban street/contour (1:5000)

Polyline

Capacity (kB) (Ratio %) RMSE

78 (40.8) 0.0

65 (33.7) 0.0029

60 (31.3) 0.0456

55 (28.7) 0.7803

Inland city building (1:25,000)

Polygon

Capacity (kB) (Ratio %) RMSE

370 (38.6) 0.0

365 (38.2) 0.0030

359 (37.5) 0.0412

321 (33.6) 0.6952

Inland city street/contour (1:25,000)

Polyline

Capacity (kB) (Ratio %) RMSE

417 (30.3) 0.0

408 (29.6) 0.0020

386 (28.0) 0.0346

378 (27.5) 0.6726

Fig. 13. Polygons in (a) original map and (b) compressed map by precision level l = 1.

are lossless compression. Our algorithm enables users to randomly access a specified location on a compressed map without decoding the entire map because our algorithm processes MCOs individually. 4.1.2. Lossy compression without encryption We performed lossy compression by varying l from 2 to 0 in the fraction part and compressed lossy MCO data with 7z. Because the lossy compression removed segmented bits of levels from l + 1 to 3, the lower level is the higher compression. The precision level l = 3 indicates the lossless compression. Table 2 summarizes

the results of loss compression with 7z including the RMSE. The level decreases, and the compression ratio increases from 1% to 3%. When l is 0, the RMSE increases rapidly. From these results, we know that l = 1 is the best precision level considering both compression ratio and RMSE. In this level, the compression ratio is from 19.5% to 42.7%, and the RMSE is from 0.039 to 0.045, which are very small. This means that our algorithm has a ±4-cm margin of error topographically in practice, which can be disregarded in GIS systems. Fig. 13 shows any magnified polygons in the original map and the lossy compressed map by precision level l = 1. Although the

234

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

lossy compression by precision level l = 1 causes a loss of 2% or more data, there is no perceptual difference between two layers subjectively. Furthermore, the corresponding RMSEs in meters are low enough to be ignored in Table 2. For a more reliable evaluation, we performed subjective quality assessment of lossy compressed maps by asking the opinion of two preselected volunteer groups. One was an expert group composed of 13 people working in various fields, such as watermarking, encryption, image compression, and GIS. The other was a non-expert group composed of 28 undergraduates studying various disciplines. We conducted this survey for our evaluation using these two groups as subjects, asking them if they could identify any difference between the original and our lossy compressed map, when the size is expanded from a 10 km × 10 km scale, as shown in Fig. 13. Table 3 summarizes the survey results of the subjective quality assessment of our lossy compression. As can be seen in Table 3, all the members of the expert group indicated that they could not see any degradation in the compressed vector map, whereas only one person in the non-expert group said that he could see some artifacts in the compressed map by expanding the vector maps. Generally, Table 3 Survey results of a subjective quality assessment of lossy compressed map by precision level l = 1. Group

People

People who said there are some differences

Expert Non-expert

13 28

0 (0.0%) 1 (3.5%)

only 2.4% of the volunteers identified degradations caused by our lossy compression algorithm in the compressed map. These results confirm that our algorithm can service hierarchical map data with high quality for users in the Web GIS, mobile GIS, or navigation industry. 4.1.3. Lossy compression with encryption We evaluated the compression efficiency of lossy compression including perceptual encryption, which is the final output of our algorithm. Table 4 summarizes the results of compressions without encryption, with position encryption, and with position and direction encryptions. From this table, it can be seen that the position encryption does not affect the compression efficiency because this encryption is similar to the permutation of mean distances of MCOs, and it does not cause the alteration of compressed data. However, the direction encryption in lossy compression produces low compressions ranging from 45.6% to 66.7%, which are still lower than lossy compression that includes position encryption. This is because the direction encryption that perceptually encrypts the deviation signs makes the compacted energy diffuse. Nevertheless, our algorithm shows better performance than other compression algorithms listed in Table 1. 4.2. Perceptual encryption: subjective evaluation In our experiments, we performed a subjective evaluation of our perceptual encryptions using different encryption algorithms including AES, DES, and XOR for encryption function E P

Table 4 Results of lossy compression including perceptual encryption (7z + precision level l = 1) (kB) and computational complexity (processing time) (s). Test map

Capacity & time

Original

SEC compression

SEC + position encryption

SEC + position + direction encryption

848 (34.2) 3.113

848 (34.2) 3.128

1451 (58.6) 3.152

1166 (19.5) 6.086

1166 (19.5) 6.120

2730 (45.6) 6.204

470 (42.7) 1.832

470 (42.7) 1.837

734 (66.7) 1.844

566 (40.0) 2.015

566 (40.0) 2.022

903 (63.9) 2.033

17 (38.6) 0.049

17 (38.6) 0.050

27 (60.6) 0.055

27 (32.5) 0.104

27 (32.5) 0.110

48 (55.4) 0.122

77 (37.8) 0.230

77 (37.8) 0.241

115 (56.4) 0.266

60 (31.3) 0.277

60 (31.3) 0.285

97 (50.4) 0.305

359 (37.5) 1.492

359 (37.5) 1.509

479 (50.0) 1.570

386 (28.0) 2.414

386 (28.0) 2.529

654 (47.4) 2.845

34.21 195.97

34.21 200.70

58.48 212.89

Coast city building (1:5000)

Polygon (18,587)

Capacity (kB) (Ratio %) Time (s)

2478

Coast city street (1:5000)

Polyline (25,522)

Capacity (kB) (Ratio %) Time (s)

5987

Downtown building (1:5000)

Polygon (10,346)

Capacity (kB) (Ratio %) Time (s)

1101

Downtown street (1:5000)

Polyline (12,605)

Capacity (kB) (Ratio %) Time (s)

Suburban building (1:1000)

Polygon (255)

Capacity (kB) (Ratio %) Time (s)

Suburban street/contour (1:1000)

Polyline (481)

Capacity (kB) (Ratio %) Time (s)

Suburban building (1:5000)

Polygon (1305)

Capacity (kB) (Ratio %) Time (s)

Suburban street/contour (1:5000)

Polyline (1235)

Capacity (kB) (Ratio %) Time (s)

Inland city building (1:25,000)

Polygon (7765)

Capacity (kB) (Ratio %) Time (s)

Inland city street/contour (1:25,000)

Polyline (11,175)

Capacity (kB) (Ratio %) Time (s)

Average

Average compression ratio (%) Time/object (ns)





– 1414 – 46

87

204

193

958

1380

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

235

Fig. 14. Encryption results on different encryption algorithms; (a) original polyline (upper) and polygon (lower) layers, and encrypted layers by (b) AES, (c) DES and (d) XOR.

Table 5 Results of subjective assessment on different cipher functions of AES, DES, and XOR. Group

People

People who thought there were some patterns among three cipher functions

People who could find encrypted objects paired with original objects

Expert Non-expert

13 28

0/13 (0.0%) 3/28 (10.7%)

0/13 (0.0%) 0/28 (0.0%)

in Eqs. (10) and (11) and using the same key. Fig. 14(a) shows two layers of polylines (upper figure) and polygons (lower figure) of a downtown area. Figs. 14(b), 14(c), and 14(d) show perceptual encrypted layers using AES, DES, and XOR, respectively, in the process of compression. From these results, perceptual encrypted layers by three encryption algorithms are not perceptually different. In addition, none of the objects can be visually paired with original objects. We also conducted a survey to compare the encryption efficiency of the cipher functions, asking the respondents two questions. The first was whether there were any patterns among Figs. 14(b), 14(c), and 14(d), or each encrypted pair of polygon and polyline layers. The second was whether they could find same object pairs in the encrypted layers in Figs. 14(b), 14(c), or 14(d) using the original layer in Fig. 14(a). The results of these two survey questions are listed in Table 5. Only three members of the non-expert group answered that there appeared to be some patterns among Figs. 14(b), 14(c), and 14(d); no one found any pair of original and encrypted objects in Fig. 14. From these survey results, we conclude that there are no slight similarities or patterns among the results of the three cipher functions and all of the cipher functions can provide good perceptual encryptions for vector maps. Meanwhile, in general, encryption using only the XOR operator has lower complexity than that using AES or DES. Hence, we

used the XOR operator that has low complexity under a perceptually similar encryption level. Encrypted layers of the Coast city map and the downtown map are shown in Figs. 15 to 18. They show the two most important layers that are encrypted by perceptual position and direction encryptions. By examining the perceptual direction encrypted layers in Figs. 15(b), 16(b), 17(b), and 18(b), one can see that directions of vertices in each object are permuted while the position of the object is preserved. Because the position of the object is not changed, the whole shape of the layer can be similar to that of the original layer. Nonetheless, the fine parts of objects cannot be easily estimated in the case of only direction encryption because the inherent shape of the object can be changed. However, if any region such as population centers has a number of small objects, this region can be estimated to a small degree using the distribution of neighboring topographies. By examining the perceptual position encrypted layers in Figs. 16(c), 17(c), 18(c), and 19(c), one can see that all objects are permuted within their layer MBRs, but the whole shapes of layers are somewhat preserved. Therefore, the geographical features in specified regions can be estimated or the encryption key may be traced back further even though they are quite difficult. However, if perceptual position and direction encryptions are performed together, as shown in Figs. 16(d), 17(d), 18(d), and 19(d), all encrypted regions cannot be estimated without knowledge of the key.

236

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 15. Encryption results of building layer of Coast city map (Fig. 11(a)); (a) original layer, (b) direction encrypted layer, (c) position encrypted layer, and (d) position and direction encrypted layer.

We encrypted all layers of a map except the two layers of the counter-administrative boundary to visually compare an original map with encrypted maps, as shown in Fig. 19 and Fig. 20. These figures show that many objects are well encrypted on the basis of contour and administrative boundary. To improve the perceptual security, the pseudo-color can be applied to the encrypted map. For example, the color can be removed randomly or permuted, or the pseudo-color can be painted randomly. 4.3. Processing time Our algorithm uses XOR cipher for two encrypting functions E p (), E D () in Eqs. (10) and (11) because of its simple complexity. The primary merits of XOR cipher are that it is simple to implement and that the XOR operation is computationally inexpensive. By itself, using a constant repeating key, a simple XOR cipher can trivially be broken using frequency analysis. However, our algorithm uses the random key stream that is generated by CTR-mode

encryption and that is long enough. Furthermore, only the perceptual encrypted map with a number of encrypted objects is given to anyone, but an original map is not given to anyone or does not exist. Therefore, we found that our algorithm using XOR cipher is secure because of the entropy of perceptual encryption, discussed in Section 4.4. We measured the processing time of our algorithm to evaluate the computational complexity and presented the results in Table 4. All of the processing steps are measured: SEC compression of precision level = 1 and two perceptual encryptions with key generation. In our experiments, we used an Intel i7 Quad 3.5-GHz central processing unit, 8 GB of RAM, 64-bit Windows 7 operating system, and C++ on Visual Studio 10. Our results indicate that two perceptual encryptions do not significantly increase computational time because they perform XOR cipher on two compression parameters in the process of SEC compression and the processing time depends on the number of objects such as polylines or polygons in a layer. The average processing time per an object, O (t ),

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

237

Fig. 16. Encryption results of street layer of Coast city map (Fig. 11(b)); (a) original layer, (b) direction encrypted layer, (c) position encrypted layer, and (d) position and direction encrypted layer.

is 195.97 ns in only SEC compression, 200.70 ns in SEC compression with position encryption, and 212.89 ns in SEC compression with two encryptions. Thus, given N objects in a layer, it will take approximately N × O (t ) ns to generate the perceptual encrypted layer. We believe that this processing time is short enough.

to evaluate the perceptual randomness of encrypted objects, considering the randomness evaluation of perceptual hash functions [42–44]. The entropy h( X ) of a random variable X that has a probability density function (pdf) p (x) in the support range Ω is defined as

4.4. Perceptual encryption: security evaluation

h( X ) = −

Any pirate should recover all of the encrypted objects by the statistical attacks in the perceptual encrypted map without the knowledge of keys. If the randomness of perceptual encryption is very high, it will be very difficult to recover the encrypted object. Our two perceptual encryptions are based on two keys that are generated by CTR-mode encryption, which was added in NIST SP800-38A. We believe that our perceptual encryption is secure. However, we analyzed the entropy of perceptual encrypted maps

If h( X ) is high, the random quantity of an encrypted object will be high, which implies that many trials (α h( X ) , α > 1) are required to modulate an object. Assume that two keys K P and K D are uniformly distributed. First look over an MCO code for an object Pi . Because we encrypt two perceptual encryptions independently, the pdf for Pi becomes p (x, y ) = p E (¯z) (x, y ) p E (S) (x, y ). Moreover, all bold notations in this paper are 2D vectors for X , Y axes. Our scheme



p (x) log2 p (x) dx

(14)

Ω

238

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 17. Encryption results of building layer of downtown map (Fig. 12(a)); (a) original layer, (b) direction encrypted layer, (c) position encrypted layer, and (d) position and direction encrypted layer.

processes two variables on X , Y axes independently. Therefore, the joint pdf for any vector is the multiple of two pdfs. 4.4.1. Perceptual position encryption E P is used as an XOR-based CTR-mode encryption. Therefore, Eq. (10) can be rewritten as





= E P (ri , K P )G + ¯z+ E ¯z+ − r i G i i = (ri ⊕ K P − ri )G + ¯z+ =a+z i

/G ), G × max( ¯z+ /G )]. The joint pdf on [−G × max( ¯z+ i i p a (x, y ) of the first term a = (ri ⊕ K P − ri )G is p a (x, y ) = p a (x) p a ( y )

=

1 ¯z+ (x)

2Gx × max( iGx ) 1

×

(15)

For simple notation, we denote the first term (ri ⊕ K P − ri )G as as z. a and the second term ¯z+ i The range of index ri is [0, max( ¯z+ i /G )] from Eq. (9). An index ri can be represented by log2 (max( ¯z+ /G )) bits. We i know that the index is uniformly distributed because objects in most vector maps are distributed widely and uniformly. Therefore, we can estimate that (ri ⊕ K P − ri )G can be uniformly distributed

¯z+ ( y )

,

for x, y > 0

(16)

2G y × max( iG y )

where ¯z+ is (¯z+ (x), ¯z+ ( y )) for two axes. Similar to index disi i i tribution, the mean distance ¯z+ of the second term approaches i normal distribution by the central limit theorem because it is the average of uniform distributed distances. The joint pdf p z (x, y ) for ¯z+ is i





p z (x, y ) = p z (x) p z ( y ) = N mx , σx2 N m y , σ y2



(17)

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

239

Fig. 18. Encryption results of street layer of downtown map (Fig. 12(b)); (a) original layer, (b) direction encrypted layer, (c) position encrypted layer, and (d) position and direction encrypted layer.

where mx , m y are averages of all ¯z+ (x) and ¯z+ ( y ) for i ∈ i i 2 2 [1, |L|], and σx , σ y are variances of zi j − Bmin (Pi ) for all i , j in Eq. (3). E (¯z+ i ) is the sum of uniform variables and Gaussian variables. Because we process two variables on X , Y axes independently, the pdf p a+z (u , v ) of E (¯z+ ) can be separated by p a+z (u ) p a+z ( v ). i

∞

∞ p a (x) p z (u − x) dx

0

=

1 4b x

 erf

p a ( y ) p z ( v − y ) dy

u + b x − mx



2σx2



− erf  − erf



2σx2

v − by − my



1 4b y



 erf

v + by − my







2σ y2

 (18)

2σ y2 ¯z+ ( y )

where b x = Gx × max( iGx ) and b y = G y × max( iG y ). The entropy Ha + z(x, y ) of E (¯z+ i ) for an object is

0



u − b x − mx

¯z+ (x)

p a+z (u , v ) = p a+z (u ) p a+z ( v )

=



∞∞ H a+z (x, y ) = −





p a+z (x, y ) log2 p a+z (x, y ) dx dy 0

0

240

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 19. Encryption results of full layers of Coast city map (Fig. 10(a)); (a) original map, (b) direction encrypted map, (c) position encrypted map, and (d) position and direction encrypted map.

∞∞ =− 0

∞ =−



p a+z (x) p a+z ( y ) log2 p a+z (x) p a+z ( y ) dx dy

∞ H a+z (x, y ) = −2

0



0

where

∞

p a+z (x) =

p a+z ( y ) dy 0

1 4b x



0



p a+z ( y ) log2 p a+z ( y ) dy

∞ p a+z (x) dx

(19)

0

Assuming that the MBR of a layer is rectangular on two axes, p a+z (x) become the same as p a+z ( y ). Hereby, the entropy Ha + z(x, y ) is

∞ p a+z (x) dx

(20)

0





b x = Gx × max

x + b x − mx



erf

and



p a+z (x) log2 p a+z (x) dx

0

p a+z (x) log2 p a+z (x) dx

∞





2σx2

(x) ¯z+ i Gx

 − erf

x − b x − mx





2σx2

 .

We compute numerically and approximately H a+z (x, y ) in the discrete sense:

H a+z (x, y ) ≈ −2

N j =1





p a+z (x j ) log2 p a+zi (x j ) x

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

241

Fig. 20. Encryption results of full layers of downtown map (Fig. 10(b)); (a) original map, (b) direction encrypted map, (c) position encrypted map, and (d) position and direction encrypted map.

×

N

 p a+z (x j )x,

x j = j x

(21)

j =1

H a+z (x, y ) depends mainly on the size of the GLA Gx × G y and } in a map. the maximum of {¯z+ i 4.4.2. Perceptual direction encryption Perceptual direction encryption performs a bitwise XOR operator of deviation signs Si and direction binary key K D in Eq. (11).









E (Si ) = Si ⊕ K D = E (si j ) = si j ⊕ ki j  j ∈ 1, |Pi |

(22)

Thus, the probability mass function p Si (n1 , n2 ) of encrypted deviation signs E (Si ) is

1 for n1 , n1 = [0, 1] 22|Pi | The entropy H Si (n1 , n2 ) of E (Si ) for an object is p Si (n1 , n2 ) = p Si (n1 ) p Si (n2 ) =

(23)

H S (n1 , n2 ) = − log2

1 22|Pi |

 = 2 |P i |

(24)

H Si (n1 , n2 ) depends on the number of vertices in an object |Pi |. In general |Pi | is from 10 to 20. Hereby, H Si (n1 , n2 ) is from 20 to 40. 4.4.3. Entropy computation The entropy of an MCO code for an object is the sum of two entropies H a+z (x, y ) and H Si (n1 , n2 ). We normalize a layer MBR (Bmin (L), Bmax (L)) to 103 × 103 and obtain 28 × 28 GLAs [N = 8 in Eq. (8)]. Then we compute the mean and variance of {¯z+ } in i all test maps and compute H a+z (x, y ) varying on the maximum of {¯z+ }. Fig. 21 shows the results of H a+z (x, y ) on the maximum of i {¯z+ } and H Si (n1 , n2 ) on |Pi |. H a+z (x, y ) is from 121 to 328 on i the maximum of {¯z+ }. In general, the entropy of an MCO code i for an object, H a+z (x, y ) + H Si (n1 , n2 ), is from 141 to 348. It is more secure than a 128-bit key.

242

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

Fig. 21. Entropy H a+z (x, y ) of position encryption on maximum mean difference and entropy H Si (n1 , n2 ) of direction entropy on number of vertices in an object.

H a+z (x, y ) + H Si (n1 , n2 ) is the entropy for only an object. Consider entropies for two perceptual encryptions for all of the objects in a map. Because all of the objects are processed independently, the pdf of the encrypted mean distance for all objects in a map is |L| p (x, y ) = ( p a+z (x, y ))|L| and the pdf of the encrypted dei =1 a+z viation signs for all objects is pdfs are extremely high.

|L|

1 . i =1 22|Pi |

Two entropies of these

5. Conclusions In this paper, we focused on the issue of realizing perceptual encryption of vector maps with low complexity and object indexing in the compressed domain. We proposed vector compression with lossless and hierarchical precision as well as two perceptual encryption algorithms for position and direction of polyline and polygon objects. The position perceptual encryption changes all positions of polyline and polygon objects by encrypting mean points of objects. The direction perceptual encryption changes the shape of geographical feature objects by encrypting the deviation signs of vertices in objects. The encryption algorithm is used as a simple XOR cipher to minimize the complexity of a large volume of map datasets. Experimental results showed that the proposed algorithm is very effective in the perceptual encryption of a large volume of map datasets. Our algorithm can be applied to various file formats or standard vector maps because only polyline and polygon objects were encrypted and can be used for map database security of map services online/offline as well as of mobile GIS services. Furthermore, our algorithm can be applied to various vector contents such as CAD, computer graphics, and 3D content fields. Acknowledgments This work was supported under the framework of international cooperation program managed by National Research Foundation of Korea (2012K2A1A2032979) and by a grant from a Strategic Research Project (Development of Flood Warning and Snowfall Estimation Platform using Hydrological Radars) funded by the Korea Institute of Construction Technology. References [1] Geographic Information Systems as an Integrating Technology: Context, Concepts, and Definitions, ESRI, retrieved 9 June, 2011.

[2] M.F. Goodchild, Twenty years of progress: GIScience in 2010, J. Spatial Inform. Sci. 1 (2010) 3–20. [3] Geographic information system, http://en.wikipedia.org/wiki/Geographic_ information_system, accessed to November 2011. [4] E. Bertino, B. Thuraisingham, M. Gertz, M.L. Damiani, Security and privacy for geospatial data: Concepts and research directions, in: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS, 2008, pp. 6–19. [5] E. Bertino, M.L. Damiani, A controlled access to spatial data on web, in: 7th AGILE Conference on Geographic Information Science, 2004, pp. 369–377. [6] S.-C. Chen, X. Wang, N. Rishe, M.A. Weiss, A web-based spatial data access system using semantic R-trees, Inform. Sci. 167 (2004) 41–61. [7] N.B. Rybalov, O.I. Zhukovsky, Access to the spatial data in the web-oriented GIS, in: Siberian Conference on Control and Communications, SIBCON’07, 2007, pp. 104–107. [8] M. Fuguang, G. Yong, Y. Menglong, X. Fuchun, L. Ding, The fine-grained security access control of spatial data, in: 18th International Conference on Geoinformatics, 2010, pp. 1–4. [9] Y. Dakroury, I.A. El-ghafar, A. Tammam, Protecting GIS data using cryptography and digital watermarking, Int. J. Comput. Sci. Netw. Secur. 10 (2010) 75–84. [10] G. Li, Research of key technologies on encrypting vector spatial data in Oracle spatial, in: Proc. of ICIECS, 2010, pp. 1–4. [11] F. Wu, W. Cui, H. Chen, A compound chaos-based encryption algorithm for vector geographic data under network circumstance, in: Proc. of CISP, vol. 1, 2008, pp. 254–258. [12] R. Ohbuchi, Robust watermarking of vector digital maps, in: IEEE International Conference on Multimedia and Expo, vol. 1, 2002, pp. 577–580. [13] M. Vogit, C. Busch, Feature-based watermarking of 2D-vector data, in: Proc. of the SPIE, Security and Watermarking of Multimedia Content, 2003, pp. 359–366. [14] C. Wang, Z. Peng, Y. Peng, L. Yu, J. Wang, Q. Zhao, Watermarking geographical data on spatial topological relations, Multimed. Tools Appl. 57 (2012) 67–89. [15] H.-J. Chang, B.-J. Jang, S.-H. Lee, S.S. Park, K.-R. Kwon, 3D GIS vector map watermarking using geometric distribution, in: IEEE International Conference on Multimedia and Expo, 2009, pp. 1014–1017. [16] S.-H. Lee, K.-R. Kwon, Vector watermarking scheme for GIS vector map management, Multimed. Tools Appl. 63 (2011) 757–790. [17] V. Solachidis, I. Pitas, Watermarking polygonal lines using Fourier descriptors, IEEE Comput. Graph. Appl. 24 (2004) 44–51. [18] V.R. Doncel, N. Nikolaidis, I. Pitas, An optimal detector structure for the Fourier descriptors domain watermarking of 2D vector graphics, IEEE Trans. Vis. Comput. Graph. 13 (2007) 851–863. [19] S.-H. Lee, W.-J. Hwang, K.-R. Kwon, Polyline curvatures based robust vector data hashing, Multimed. Tools Appl. (2013), http://dx.doi.org/10.1007/ s11042-013-1661-z. [20] S.-H. Lee, S.-G. Kwon, K.-.R. Kwon, Robust hashing of vector data using generalized curvatures of polyline, IEICE Trans. Inform. Syst. E96-D (2013) 1105–1114. [21] Autodesk, AutoCAD 2009: DXF Reference, Autodesk, 2009. [22] Environmental Systems Research Institute, An ESRI White Paper: ESRI Shapefile Technical Description, ESRI, USA, 1998. [23] OpenGIS Geography Markup Language (GML) Encoding Standard, Retrieved 2011-03-25.

B.-J. Jang et al. / Digital Signal Processing 25 (2014) 224–243

[24] MapInfo Universal Translator User Guide 2006, MapInfo, http://www.pbinsight. com/welcome/mapinfo/. [25] S. Lian, Multimedia Content Encryption: Techniques and Applications, Auerbach Publications, Boston, 2008. [26] M. Grangetto, E. Magli, G. Olmo, Multimedia selective encryption by means of randomized arithmetic coding, IEEE Trans. Multimedia 8 (2006) 905–917. [27] S. Sudharsanan, Shared key encryption of JPEG color image, IEEE Trans. Consum. Electron. 51 (2005) 1204–1211. [28] J.-L. Liu, Efficient selective encryption for JPEG 2000 images using private initial table, Pattern Recogn. 39 (2006) 1509–1517. [29] S.-K. Au Yeung, S. Zhu, B. Zeng, Partial video encryption based on alternating transforms, IEEE Signal Process. Lett. 16 (2009) 893–896. [30] Y. Zou, T. Huang, W. Gao, L. Huo, H.264 video encryption scheme adaptive to DRM, IEEE Trans. Consum. Electron. 52 (2006) 1289–1297. [31] A. Kolesnikov, Vector maps compression for progressive transmission, in: Proc. of the 2nd IEEE International Conference on Digital Information Management, 2007, pp. 81–86. [32] A. Kolesnikov, P. Fränti, Data reduction of large vector graphics, Pattern Recognit. Lett. 38 (2005) 381–394. [33] S. Shekhar, Y. Huang, J. Djugash, Dictionary design algorithm for vector map compression, in: IEEE Proceedings of the Data Compression Conference, 2002, p. 471. [34] J.W. Ioup, M.L. Gendron, M.C. Lohrenz, Vector map data compression with wavelet, J. Navig. 53 (2000) 437–449. [35] S. Xingchun, H. Wenbin, An accelerated algorithm for Douglas–Peucker algorithm, Science 20 (2009) 202–203. [36] W. Park, K. Yu, Hybrid line simplification for cartographic generalization, Pattern Recogn. 32 (2011) 1267–1273. [37] http://zlib.net/, April 2011. [38] http://7-zip.org/, June 2011. [39] http://www.altools.com/, October 2011. [40] Khalid Sayood, Instruction to Data Compression, second edition, Morgan Kaufmann Publishers, San Francisco, CA, 2000. [41] H. Lipmaa, P. Rogaway, D. Wagner, CTR-mode encryption, in: Public Workshop on Symmetric Key Block Cipher Modes of Operation, Baltimore, MD, October 2000, http://csrc.nist.gov/encryption/modes/workshop1/. [42] A. Swaminathan, Y. Mao, M. Wu, Robust and secure image hashing, IEEE Trans. Inform. Forensics Secur. 1 (2006) 215–230.

243

[43] S.-H. Lee, K.-R. Kwon, W.-J. Hwang, V. Chandrasekar, Key-dependent 3D model hashing for authentication using heat kernel signature, Digital Signal Process. 23 (2013) 1505–1522. [44] S.-H. Lee, K.-R. Kwon, Robust 3D mesh model hashing based on feature object, Digital Signal Process. 22 (2012) 744–759.

Bong-Joo Jang received B.S. and M.S. degrees in electronic engineering from Busan University of Foreign Studies, and Ph.D. degree in information security from Pukyong National University in 2002, 2004 and 2013 respectively. He visited Colorado State University in USA at 2011–2012 with visiting scholar. He is currently a Postdoctoral Research Fellow in Korea Institute of Construction Technique. His research interests include multimedia compression and security, digital image/video/vector processing and weather radar systems.

Suk-Hwan Lee received a B.S., an M.S., and a Ph.D. degrees in Electrical Engineering from Kyungpook National University, Korea in 1999, 2001, and 2004 respectively. He is currently an associate professor in Department of Information Security at Tongmyong University and a member of executive committee of IEEE R10 Changwon Section. His research interests include multimedia security, digital image processing, and computer graphics.

Ki-Ryong Kwon received the B.S., M.S., and Ph.D. degrees in electronics engineering from Kyungpook National University in 1986, 1990, and 1994 respectively. He worked at Hyundai Motor Company from 1986–1988 and at Pusan University of Foreign Language form 1996–2006. He is currently a professor in division of Electronics, Computer, and Telecommunication at the Pukyong National University. He is currently the Editor-of-Chief in Journal of Korea Multimedia Society. His current research interests are in the area of digital image processing, multimedia security and watermarking, wavelet transform.