Hyo-Sang Lim

Continuous query processing in data streams using duality of data and queries

Recent data stream systems such as TelegraphCQ have employed the well-known property of duality between data and queries. In these systems, query processing methods are classified into two dual categories -- data-initiative and query-initiative -- depending on whether query processing is initiated by selecting a data element or a query. Although the duality property has been widely recognized, previous data stream systems do not fully take advantages of this property since they use the two dual methods independently: data-initiative methods only for continuous queries and query-initiative methods only for ad-hoc queries. We contend that continuous query processing can be better optimized by adopting an approach that integrates the two dual methods. Our primary contribution is based on the observation that spatial join is a powerful tool for achieving this objective. In this paper, we first present a new viewpoint of transforming the continuous query processing problem to a multi-dimensional spatial join problem. We then present a continuous query processing algorithm based on spatial join, which we name Spatial Join CQ. This algorithm processes continuous queries by finding the pairs of overlapping regions from a set of data elements and a set of queries, both defined as regions in the multi-dimensional space. The algorithm achieves the advantages of the two dual methods simultaneously. Experimental results show that the proposed algorithm outperforms earlier algorithms by up to 36 times for simple selection continuous queries and by up to 7 times for sliding window join queries.

FENCE: continuous access control enforcement in dynamic data stream environments

In this paper, we present FENCE framework that addresses the problem of continuous access control enforcement in dynamic data stream environments. The distinguishing characteristics of FENCE include: (1) the stream-centric approach to security, (2) the symmetric modeling of security for both continuous queries and streaming data, and (3) security-aware query processing that considers both regular and security-related selectivities. In FENCE, both data and query security restrictions are modeled in the form of streaming security metadata, called “security punctuations”, embedded inside data streams. We have implemented FENCE in a prototype DSMS and briefly summarize our performance observations.

Similar sequence matching supporting variable-length and variable-tolerance continuous queries on time-series data stream

We propose a new similar sequence matching method that efficiently supports variable-length and variable-tolerance continuous query sequences on time-series data stream. Earlier methods do not support variable lengths or variable tolerances adequately for continuous query sequences if there are too many query sequences registered to handle in main memory. To support variable-length query sequences, we use the window construction mechanism that divides long sequences into smaller windows for indexing and searching the sequences. To support variable-tolerance query sequences, we present a new notion of intervaled sequences whose individual entries are an interval of real numbers rather than a real number itself. We also propose a new similar sequence matching method based on these notions, and then, formally prove correctness of the method. In addition, we show that our method has the prematching characteristic, which finds future candidates of similar sequences in advance. Experimental results show that our method outperforms the naive one by 2.6-102.1 times and the existing methods in the literature by 1.4-9.8 times over the entire ranges of parameters tested when the query selectivities are low (<32%), which are practically useful in large database applications.

Research issues in data provenance for streaming environments

In this paper, we discuss research issues concerning data provenance for streaming environments. In data streams, especially in sensor networks, data provenance is a key information for assessing data quality since it gives important evidence about the origin of the data. We first show our initial approach for assessing trust scores of streaming data based on provenance. We then discuss open researches issues about using and delivering provenance in data streams.

Assuring data trustworthiness: concepts and research challenges

Today, more than ever, there is a critical need to share data within and across organizations so that analysts and decision makers can analyze and mine the data, and make effective decisions. However, in order for analysts and decision makers to produce accurate analysis and make effective decisions and take actions, data must be trustworthy. Therefore, it is critical that data trustworthiness issues, which also include data quality, provenance and lineage, be investigated for organizational data sharing, situation assessment, multi-sensor data integration and numerous other functions to support decision makers and analysts. The problem of providing trustworthy data to users is an inherently difficult problem that requires articulated solutions combining different methods and techniques. In the paper we first elaborate on the data trustworthiness challenge and discuss a framework to address this challenge. We then present an initial approach for assess the trustworthiness of streaming data and discuss open research directions.

Assessing the trustworthiness of location data based on provenance

Trustworthiness of location information about particular individuals is of particular interest in the areas of forensic science and epidemic control. In many cases, location information is not precise and may include fraudulent information. With the growth of mobile computing and positioning systems, e.g., GPS and cell phones, it has become possible to trace the location of moving objects. Such Systems provide us an opportunity to find out the true locations of individuals. In this paper, we present a model to compute trustworthiness of the location information of an individual based on different evidences from different sources. We also introduce a collusion attack that may bias the computation. Based on the analysis of the attack, we present the algorithm to detect and reduce the effect of collusion attacks. Our experimental results show the efficiency and effectiveness of our approach.

Authenticated Top-K Aggregation in Distributed and Outsourced Databases

Top-k queries have attracted interest in many different areas like network and system monitoring, information retrieval, sensor networks, and so on. Since today many applications issue top-k queries on distributed and outsourced databases, authentication of top-k query results becomes more important. This paper addresses the problem of authenticated top-k aggregation queries (e.g. “find the k objects with the highest aggregate values”) in a distributed system. We propose a new algorithm, called Authenticated Three Phase Uniform Threshold (A-TPUT), which provides not only efficient top-k aggregation over distributed databases but also authentication on the top-k results. We also introduce several enhancements for A-TPUT to reduce both the computation cost and the communication cost. Finally, we confirm the efficiency of our solutions through an extensive experimental evaluation.

FENCE: Continuous access control enforcement in dynamic data stream environments

In this paper, we present FENCE framework that addresses the problem of continuous access control enforcement in dynamic data stream environments. The distinguishing characteristics of FENCE include: (1) the stream-centric approach to security, (2) the symmetric modeling of security for both continuous queries and streaming data, and (3) security-aware query processing that considers both regular and security-related selectivities. In FENCE, both data and query security restrictions are modeled in the form of streaming security metadata, called “security punctuations”, embedded inside data streams. We have implemented FENCE in a prototype DSMS and briefly summarize our performance observations.

Secure and resilient proximity-based access control

The ubiquity of mobile devices has increased the convenience of communication but it has also introduced personal privacy concerns. In the domain of portable medical records, it is vital to provide authentication which protects personal information from unauthorized users who are located out of legitimate regions. To support such location-based authentication, one possible approach in medical systems is exploiting distance-bounding protocols which allow detecting a users current location to determine whether the user is in trusted physical locations such as a doctors office. However, sensors that enable distance-bounding protocols are expensive and not widely deployed yet since the required protocols typically need special devices such as devices utilizing ultrasound. To overcome the lack of device deployment, we propose a secure proximity-based access control scheme based on the use of multiple location based service (LBS) devices utilizing Bluetooth which is cheap and already widely used. Furthermore, we provide several ways to prevent various attacks. We report experimental performance results which indicate that access control is executed within 100 ms on Intel i7 processor and in about two seconds on the Android platform. Furthermore, our proposed system achieves communication overhead in O(1) as opposed to digital signatures which grow in O(n).

Progressive Processing of Continuous Range Queries in Hierarchical Wireless Sensor Networks

In this paper, we study the problem of processing continuous range queries in a hierarchical wireless sensor network. Recently, as the size of sensor networks increases due to the growth of ubiquitous computing environments and wireless networks, building wireless sensor networks in a hierarchical configuration is put forth as a practical approach. Contrasted with the traditional approach of building networks in a “flat” structure using sensor devices of the same capability, the hierarchical approach deploys devices of higher-capability in a higher tier, i.e., a tier closer to the server. While query processing in flat sensor networks has been widely studied, the study on query processing in hierarchical sensor networks has been inadequate. In wireless sensor networks, the main costs that should be considered are the energy for sending data and the storage for storing queries. There is a trade-off between these two costs. Based on this, we first propose a progressive processing method that effectively processes a large number of continuous range queries in hierarchical sensor networks. The proposed method uses the query merging technique proposed by Xiang et al. as the basis. In addition, the method considers the trade-off between the two costs. More specifically, it works toward reducing the storage cost at lower-tier nodes by merging more queries and toward reducing the energy cost at higher-tier nodes by merging fewer queries (thereby reducing “false alarms”). We then present how to build a hierarchical sensor network that is optimalwith respect to the weighted sum of the two costs. This allows for a cost-based systematic control of the trade-off based on the relative importance between the storage and energy in a given network environment and application. Experimental results show that the proposed method achieves a near-optimal control between the storage and energy and reduces the cost by 1.002 - 3.210 times compared with the cost achieved using the flat (i.e., non-hierarchical) setup as in the work by Xiang et al.