Vector Map Random Encryption Algorithm Based on Multi-Scale Simplification and Gaussian Distribution

: In recent years, GIS (Geographical Information System) vector maps are widely used in everyday life, science, and the military. However, the production process of vector maps is expensive, and a large volume of vector map data is easily stolen and illegally distributed. Therefore, original providers desire an encryption solution to encrypt GIS vector map data before being stored and transmitted in order to prevent pirate attacks and to ensure secure transmission. In this paper, we propose an encryption algorithm for GIS vector map data for preventing illegal copying, and ensuring secured storage and transmission. Polyline/polygon data of GIS vector maps are extracted to compute a backbone object. The backbone object is then selectively simplified by the multi-scale simplification algorithm in order to determine the feature vertices of the backbone object. The feature vertices of the backbone object are encrypted by the advanced encryption standard and the secret key. Finally, all vertices of the backbone object are randomized by the random Gaussian distribution algorithm to obtain the encrypted GIS vector map. Experimental results show that the entire map is altered completely after the encryption process. The proposed method is responsive to the various GIS vector map data formats, and also provides better security than previous methods. The computation time of the proposed method is also significantly shorter than that of previous methods.


Introduction
Currently, GIS vector maps are used in applications in many fields, such as science, navigation, and online or offline digital map services. GIS vector maps are created and developed by the merging of cartography, statistical analysis, and database technology based on vector models [1]. Due to the fact that GIS vector maps may have significant value, GIS vector map data may be stolen or easily purchased and redistributed or resold several times without obtaining any permission from the original data providers. In addition, some applications of vector maps by the military or some personal applications of vector maps must be secured from unauthorized users. Consequently, GIS vector map data protection is necessary to prevent illegal duplication and distribution. GIS vector map security includes copyright protection [2][3][4], access control for users, and vector map data encryption in order to prevent attacks or illegal distribution during storage and transmission, and damage in the integration process of geographical information [5][6][7][8][9][10][11][12][13][14]. However, access control on the Web is unable to prevent attacks or illegal duplication and distribution, and watermarking techniques are only useful in identifying ownership and for copyright protection, while unauthorized users should not be able to see, attack, or extract GIS vector map content. Therefore, GIS vector map data encryption is necessary and suitable for protection. Moreover, conversion between data formats is vulnerable to attack and security techniques based on database management systems are not responsive to the various data formats of vector maps [10,11]. Thus, the encryption techniques for GIS vector map should be responsive to the various data formats of GIS vector maps and the security requirements.
In order to meet the issues above, we propose an encryption algorithm for GIS vector map data in this paper. Our algorithm solves the current issues of GIS vector map security by encrypting the geometric objects of GIS vector maps. The main intent of the proposed algorithm is to extract geometric objects (polylines and polygons) from GIS vector maps in order to encrypt them. Geometric objects are used to compute the backbone object of polyline/polygon. The backbone object is then selectively simplified by the multi-scale simplification algorithm in order to determine the feature vertices of the backbone object. The feature vertices of the backbone object is encrypted by the AES (Advanced Encryption Standard) algorithm and the secret key. Finally, all vertices of the backbone object are randomized by the random Gaussian distribution in order to generate the encrypted vector map. To clarify the detailed contents of the proposed algorithm, this paper is organized as follows: In Section 2, we discuss vector map data security techniques and explain the relationship between vector map data and the proposed algorithm. In Section 3, we explain the proposed algorithm in detail. We then perform experiments, discuss the experimental results, and evaluate the performance of the proposed algorithm in Section 4. The conclusion is provided in Section 5.

Vector Map Data Security
The main idea of the watermarking schemes for GIS vector maps is to embed the watermark into the vector map by modifying the coordinates of vertices of geometric objects in the spatial domain [2,3], or embedding the watermark into the spectrum coefficients of a sequence of vertices or topologies in the frequency domain [4]. Thus, vector map watermarking is not suitable for preventing attacks and illegal copying.
The security techniques for GIS vector map data have been proposed in recent years [5][6][7][8][9]. Authors have mostly explained various methods to define an access control system for spatial data on the Web, or mentioned the security requirements for geospatial database management systems and privacy policies. However, access control on the Web and the management of databases do not prevent attacks, illegal duplication, and distribution. Wu et al. [10] proposed a compound chaosbased encryption algorithm for vector data by considering the storage characteristics and the parameters of a chaos-based system; however, this method is not responsive to the various data formats of vector maps. Li et al. [11] encrypted the spatial index of a set of vector data in an external Oracle database management system when it is transmitted to the client; however, this algorithm does not ensure the security of vector maps because the key length is very short. Yasser et al. [12] also described an encryption algorithm that combined AES and RSA (Rivest-Shamir-Adleman) cryptography with a simple watermarking technique in order to protect the copyright protection of vector maps in online and offline services. This method encrypts all parts of a shape-file using an AES block cipher operator of 256 bits. This approach is typical because it encrypts the data stream of a shape-file using the AES cipher, and the computation time is very long. Jang et al [13] proposed a perceptual encryption method that is combined with the compression process for vector map data. This method only encrypted the direction and position of data units in the compression process. This method has low security. Bang et al. [14] proposed a selective encryption method for vector map data based on a chaotic map in the frequency of discrete wavelet transform (DWT); however, this method only selects some objects and encrypts DC (Direct Current) values in the DWT domain by a common secret key. This method is very simple and weak because it does not encrypt all contents of vector maps and uses a common key. Moreover, this research did not present performance or security evaluations. In summary, the weakness of previous methods is solved by the proposed algorithm, which is presented in Section 3.

Vector Map Data-Based Encryption
GIS vector map data is stored in layers. Each layer contains a number of geometric objects, such as points, polylines, and polygons, and annotations, such as symbols. This notation is shown in Figure  1a. Annotation is used to display notes on vector maps, while geometric objects are used to represent geographical objects on vector maps. Points are used to represent simple objects, such as position, while polygons and polylines are used to represent complex objects. A polyline is a set of ordered vertices used to represent objects such as roads, contour lines, rivers, and railways. A polygon is a set of connected polylines used to represent objects such as buildings, areas, lakes, and boundaries. Thus, polylines and polygons are considered the important components of a vector map.
In addition to annotation and geometric objects, vector maps also contain the storage information as header and text. Because points, polylines, and polygons determine the content of vector maps, we consider these geometry data, while the annotation, header, and text are considered attribute data. Figure 1b shows the data components of a GIS vector map. The attribute data of a GIS vector map does not contain geographical information or determines the shape of the GIS vector map; thus, it is only required to extract polylines and polygons to perform the random encryption process for GIS vector maps.

Overview
The proposed algorithm is shown in detail in Figure 2. To begin, each geometric object (polyline/polygon) is extracted from the GIS vector map to compute a backbone object. The backbone object is then selectively simplified by the multi-scale simplification algorithm with differential scale factors in order to obtain new geometric objects. If the backbone object cannot be simplified, it is then encrypted by a key value and randomized by a set of random Gaussian numbers to generate an encrypted object. The key value is generated by a hashing function with a user's key input. New geometric objects, which are simplified from the backbone object, are then used to compute the feature vertices of the backbone object. Here, the backbone object can be divided into two parts: feature vertices and the remaining vertices. The feature vertices of the backbone object will be continuously encrypted by a key value in order to generate the encrypted feature vertices. Finally, the remaining vertices and encrypted feature vertices of the backbone object will be randomly encrypted by a set of random Gaussian numbers in order to obtain the encrypted object. The encrypted GIS vector map is a set of the encrypted geometric objects.
A GIS vector map contains a number of data layers. Each layer L contains a number of objects (polyline/polygon) = { | ∈ [1, | |]} and each object contains a number of vertices = { , | ∈ [1, | |]}. We briefly define the main notations as the following: indicates a polyline/polygon object, and |L| and | | are the cardinalities of a layer L and an object respectively. Thus, , indicates the vertex in the object of a layer L and is defined by two coordinates , = ( , , , ). Next, is the backbone object of and is the simplified object of after the multi-scale simplification process with the differential scales. ′ is the changed backbone object after the feature vertices encryption process or the backbone object encryption process.
represents the feature vertices of the backbone object , is a set of random Gaussian numbers, K is the secret key, and is the encrypted object of . Finally, (. ), (. ) , and (. ) are the cipher function, the random Gaussian number function, and the randomization function, respectively.

Backbone Object Simplification and Feature Vertices Computation
The backbone object is a set of vertices, in which each vertex is the average point between two continuous vertices in that object. Thus, the backbone object of is where | | = | | and the value of , is computed as shown in Equation (1). Figure 3a shows a backbone object of a polyline object. Our purpose is to simplify the backbone object with the scale factor s in order to compute the feature vertices of the backbone object. Thus, we must check the condition before simplifying. The condition of a backbone object can be simplified as: If the value of | | ≤ , that backbone object is encrypted by the cipher function (. ) as shown in Equation (3).
The backbone object is simplified by the multi-scale simplification algorithm in order to obtain the simplified backbone object as shown in Equation (4): Here, we obtain three simplified objects / , / , / with differential scales s = 1/2, s = 1/3, and s = 1/4 (see Figure 3b). We then calculate the feature vertices , which is a set of the common vertices of three simplified backbone / , / and / as shown in Equation (5). From Equations (4) and (5), we can see that will be determined if | | 4. Figure 3b shows three simplified backbone objects of a polyline object with differential scales 1/2, 1/3, and ¼, and the feature vertices of the backbone object.

Random Encryption
The secret key K is generated by the SHA-512 hashing algorithm [15] with user's key input. We use the secret key K to compute a set of random numbers by the Gaussian distribution [16,17] as shown in Equation (6): Therein, | | = | |, , is calculated by the Gaussian function as shown in Equation (7), and is the value of K: As mentioned above, after the feature vertices computation process, we have a set of feature vertices and the remaining vertices of the backbone object ( − ). We then encrypt the feature vertices by the cipher function (. ) using the secret key K, as shown in Equation (8), in order to obtain the encrypted feature vertices ′ . The cipher function (. ) can be the AES cipher function, the DES cipher function, or others.
The encrypted feature vertices ′ and the remaining vertices ( − ) are used for the random encryption process in order to obtain the encrypted object . From Section 3.2, the changed backbone object ′ is computed by Equation (3) when | | ≤ . Here, ′ includes the encrypted feature vertices ′ and the remaining vertices ( − ) as shown in Equation (9).
The random encryption process is performed by a randomization process using the random Gaussian numbers : where | | = | | and , is computed as follows: Figure 4 shows the random encryption process for the backbone object when the value of | | (Figure 4a with | | = 17) and when | | ≤ (Figure 4b with | | = 4). When the value of | | 4 , the feature vertices of will be encrypted by the cipher function (. ). Then, the randomization process is performed as shown in Figure 4a. In case | | = 4, the backbone object will be directly encrypted by the cipher function (. ) and then randomized by a set of Gaussian numbers, as shown in Figure 4b.

Decryption Process
The decryption process is the inverse of the encryption process. Firstly, the key value K us generated from the user's key by the SHA-512 hashing algorithm. The key value K is then used to compute a set of random Gaussian numbers as described by Equations (6) and (7) in Section 3.3. The encrypted objects are then extracted from the encrypted vector map and vertices are re-randomized by the random Gaussian numbers before decryption using the key value K. After the vertex rerandomization process, if the encrypted object cannot be simplified, it is decrypted by the key value K to generate the backbone object. If the encrypted object can be simplified, it is simplified to compute the encrypted feature vertices. These encrypted feature vertices are then decrypted by the key value K to generate the backbone object. From the backbone object, we can calculate the decrypted objects based on Equation (1). The decrypted GIS vector map is a set of the decrypted objects.

Experimental Results and Analysis
We used the GIS vector maps of the country of Scotland [18] with differential scales in visualization experiments, and evaluation of security and computation time. The detailed information of the GIS vector maps is shown in Table. 1. The data format of the GIS vector map was the shape-file (SHP) format [19], which is a popular geographical vector data format. The proposed algorithm was applied to the polylines and polygons of the vector maps. The backbone encryption process and the feature vertices encryption process were performed by the AES algorithm. We selected the AES algorithm because its security is higher than others. Compared with conventional approaches, the proposed algorithm is more original than previous methods because it encrypts objects based on encrypting the value of feature vertices in polylines/polygons. Consequently, it does not alter or expand the size of the encrypted file, thus preventing data loss. The GIS vector maps are completely altered after the random encryption process (see Figure 5 to Figure 9).

Visualization Experiments
Experimental results are shown in Figures 5-9, which show the original map and a part of the original map beside the encrypted map for comparison. Figure 5a shows the original railway map of Scotland and a part of the original railway map. The content of the railway map is presented by polylines. After encryption, polylines are altered, broken into segments, and positioned in a disorderly manner (Figure 5b). In the experiment with the land-use map of Scotland, the content of the map includes polygons (Figure 6a). After encryption, the shape of all polygons is changed to smaller polygons on the map, and the shape of the entire map is altered completely (Figure 6b). Experiments on the waterway map (Figure 7a), the nature map (Figure 8a), and the road map ( Figure  9a) of Scotland also yields similar results. Waterway lines and roads on the maps are broken into shorter polylines and positioned in a disorderly manner (Figures 7b and 9b), and the shape of the original polygons are altered and moved to other positions (Figure 8b). Consequently, the content of the GIS vector maps is altered completely.

Security Evaluation
In order to evaluate the security of the proposed method, in this section we evaluate the randomness of the encrypted map. If the randomness of the encrypted map is high, it will also be difficult to attack. The randomness of the encrypted map is measured by its entropy. Thus, we calculate the entropy of the encrypted map to evaluate the security of the proposed method. From Section 3, we can see that the entropy of the encrypted object is dependent on the secret key K and the value of | |. Both K and | | are discrete random variables. Thus, the entropy of the encrypted object is the sum of the entropies of the random variables: Furthermore, the entropy of the encrypted map from the original map layer L will be the sum of the entropies of the encrypted objects : Clearly, is dependent on the values of |L| and K; the key value K is a random variable dependent on a user's key input. If the value of K is fixed, is only dependent on the value of |L|. As a result, if | | is high, the entropy is high. For example, the railway map of Scotland has |L|= 9724 and = 128,817 dB, but the natural map of Scotland has |L| = 99,835 and = 1.66×10 6 dB. In the vector maps of Scotland in Table 1, the entropy of the proposed method ranges from 1.3×10 5 dB to 6.88×10 6 dB with | | ∈ [9724, 372,138].
The method of Yasser [10] only uses the AES-256 cipher operator to encrypt the data stream of a shape-file. Thus, the entropy of this method is dependent on the length of the secret key and the length of the data stream. In the work of Bang [12], about 70% of polylines/polygons are selected for the encryption process. Bang used a common secret key to encrypt all DC values in a vector map in the DWT domain. The length of the secret key was 512 bits. Thus, the entropy of this method is dependent on the length of the secret key. We applied the methods of both Yasser and Bang for the GIS vector maps of Scotland for comparison. The entropy of our method was higher than that of Yasser (1.2×10 5 vs. 6.6×10 6 dB), while the entropy of Bang's method was fixed at 4608 dB for every GIS vector map (Table. 2). In conclusion, our method offers more security than previous methods. Figure  10 shows the difference between the entropy of our method and the entropy of the methods of Yasser and Bang according to the number of objects. The entropy of our method is much higher than that of Yasser or Bang.

Computation Time
We implemented the proposed method using the C# language in Visual Studio 2013. We then conducted our experiments on a PC with Intel Core i7 Quad 3.5 GHz, 8 GB of RAM, and Windows 7 64-bit. Section 3 indicates that the computation time of the proposed method is dependent on the number of objects in the vector maps. With the GIS vector maps of Scotland, the computation time of our method ranged from 77 ms to 1896 ms, with the size of maps ranging from 1951 Kbs to 78,136 Kbs. We also implemented the methods of Yasser and Bang using the C# language in Visual Studio 2013, in a similar environment, to measure and compare the computation time between methods. Yasser performed full encryption for GIS vector maps, which means he encrypted notation, header, text, and all geometric objects. Thus, the computation time of Yasser's method is dependent on the size of the GIS vector maps. Compared with Yasser's method, the computation time of our method was less (40 ms vs. 2870 ms; Table 3). In the method of Bang, the computation time is dependent on the computation time of the selection process, the number of selected objects, and the computation time of the DWT and inverse DWT processes. The computation time of the DWT and inverse DWT processes is dependent on the number of vertices in each object. If an object has many vertices, the computation time of the DWT process is long. Conversely, if the number of selected objects is small, the computation time is short (Table 3). Figure 11 shows the computation times of the proposed method compared to the methods of Yasser and Bang according to the size of the vector maps. The time of the proposed method is significantly shorter than that of previous methods.

Conclusions
In this paper, we proposed a random encryption algorithm based on multi-scale simplification and the Gaussian distribution for GIS vector maps. Experimental results showed that the proposed method is very effective with GIS vector maps that contain many geometric objects. The presented method provides higher security than previous methods. The computation time of the method is significantly shorter than that of previous methods, and it could be used to replace previous methods for secured storage and transmission. By encrypting only geometric objects, the proposed method can be responsive to the various formats of GIS vector maps. In addition, to apply the method presented in this paper, developers only need to extract geometric objects before performing the encryption process. Furthermore, the proposed method can be applied to the security of online and off-line map services [20,21].