Secure Traffic Monitoring With Spatio-Temporal Metadata Protection Using Oblivious RAM

In a traffic monitoring system, users report their driving data (e.g., routes and timestamps) to a server, aggregating them to acquire the information of interest and provide services, e.g., traffic flow prediction. Such systems have considerable promise for improving the quality of life and decreasing environmental pollution and economic losses. However, the threat to individual privacy is a critical problem that hinders the further development of such systems; e.g., the server can abuse the spatio-temporal metadata in the reports to infer sensitive user information, such as the home address. In this paper, we propose a privacy-preserving aggregation framework called secure Publish Aggregate Subscribe Data (<inline-formula> <tex-math notation="LaTeX">$s$</tex-math> </inline-formula>PASD) for traffic monitoring that can protect spatio-temporal metadata during driving data aggregation. The framework is built upon a trusted execution environment and two cryptographic tools: additive homomorphic encryption and oblivious RAM. It takes a hierarchical structure that boosts batch processing efficiency, making it more appropriate for traffic monitoring scenarios. Furthermore, we provide a cost model to derive the optimal settings from the efficiency perspective. Security analysis demonstrates that <inline-formula> <tex-math notation="LaTeX">$s$</tex-math> </inline-formula>PASD can protect individual privacy by hiding spatio-temporal information during aggregation. Moreover, we implement the proposed framework in Python and evaluate it together with other competitive methods over a real-world dataset. The experiment results verify the accuracy of the proposed cost model and show that the proposed framework can gain a <inline-formula> <tex-math notation="LaTeX">$51.39\%$</tex-math> </inline-formula> saving on computation cost.