Privacy-Preserving Secure Computation of Skyline Query in Distributed Multi-Party Databases ^†

Abstract

Selecting representative objects from a large-scale database is an essential task to understand the database. A skyline query is one of the popular methods for selecting representative objects. It retrieves a set of non-dominated objects. In this paper, we consider a distributed algorithm for computing skyline, which is efficient enough to handle “big data”. We have noticed the importance of “big data” and want to use it. On the other hand, we must take care of its privacy. In conventional distributed algorithms for computing a skyline query, we must disclose the sensitive values of each object of a private database to another for comparison. Therefore, the privacy of the objects is not preserved. However, such disclosures of sensitive information in conventional distributed database systems are not allowed in the modern privacy-aware computing environment. Recently several privacy-preserving skyline computation frameworks have been introduced. However, most of them use computationally expensive secure comparison protocol for comparing homomorphically encrypted data. In this work, we propose a novel and efficient approach for computing the skyline in a secure multi-party computing environment without disclosing the individual attributes’ value of the objects. We use a secure multi-party sorting protocol that uses the homomorphic encryption in the semi-honest adversary model for transforming each attribute value of the objects without changing their order on each attribute. To compute skyline we use the order of the objects on each attribute for comparing the dominance relationship among the objects. The security analysis confirms that the proposed framework can achieve multi-party skyline computation without leaking the sensitive attribute value to others. Besides that, our experimental results also validate the effectiveness and scalability of the proposed privacy-preserving skyline computation framework.

1. Introduction

Data is an integral part of the current business and technology world. Every day, different organizations are producing a massive amount of data also known as “big data”. This “big data” analysis has attracted much attention to many organizations and researchers because it can assist in making strategic decisions and creating new knowledge. Product pricing for the open market place, investment risk estimation, mining customers’ spending/buying behaviors, credit card usage patterns, health issues, and so on are some common example of big data analytics. Designing a new framework for collecting, storing and analyzing this “big data” is undoubtedly a challenging task.

In the current IT era, multiple organizations dealing with similar kind of services want to perform analysis on their joint databases. It is often referred to as multi-party computation or analysis. This analysis may involve data-mining, querying over the joint dataset, data classification, statistical decision making, etc. [1,2]. Since the business applications contain sensitive data, such as personal health-related data or financial data, unveiling these data can potentially violate individual privacy and lead to significant financial loss to the organizations. Therefore, organizations do not want to disclose their data to anyone. However, when multiple organizations want to conduct a data-mining operation jointly, they are willing to get the result from the union of their databases without disclosing their sensitive data.

On the other hand, the skyline query is one of the popular methods for selecting representative objects from a large dataset. It retrieves a set of representative objects, each of which is not dominated by any other object within the database. For example, let us consider the issue of financial investment: an investor usually wants to purchase the stock that can minimize the commission costs and predicted risks. As a result, the target can be formalized as finding the skyline stock with minimal cost and minimal risk. Figure 1 shows a sample plot diagram of stock records along with their costs and risks. If we want to provide a suitable suggestion list for our clients using skyline query, the result will be $\{U,O,P,X,Q,Y,Z\}$. From Figure 1, it is obvious that no other object, within the given sample dataset, can dominate those seven objects. Therefore, they are in the skyline result. The skyline query attracts consistent attention in database research, due to its applications in decision making as well as analytics.

Like other data analysis applications, the distributed skyline computation certainly can benefit the participating organizations by producing skyline objects set from the joint database of the organizations. However, such computation also depends on managing data security and privacy challenges, especially for the skyline computation from the distributed multi-party databases. So far, several algorithms have been proposed for skyline computation, some of them are designed in a distributed computing environment and able to handle “big data” [3,4,5]. However, none of them considered database privacy issues.

Let us assume that several organizations have done surveys about commission cost and risk prediction where each of the organization has collected the same kind of privacy information from their customers/clients. This information is sensitive since the privacy of client information is a vital responsibility for each organization. Therefore, one organization does not want to disclose the dataset to other organization. Hence one organization cannot compute global skyline on organizations’ union databases but only compute skyline query of its own, although all parties (organizations) are willing to get the skyline result from their combined databases. In conventional skyline computation algorithm, it is not possible to get skyline query result without disclosing the objects’ attributes value to others.

When concerning the privacy of the database objects in a distributed multi-party computation environment, most of the existing work on privacy-preserving skyline computation focused on the secure comparison of encrypted values owned by participating organizations [6,7,8,9]. Although these frameworks can preserve the data objects privacy, they are not much suitable concerning computational efficiency. In our previous work [10], we introduced MapReduce framework-based secure ordering of database objects on each attribute in a semi-honest computation environment. Then computes the skyline by using the dominance relationship among the order of multi-party’s objects on each attribute. Although it is more efficient compared to secure comparison-based skyline query, it requires several rounds of ID encryption and decryption by the individual parties on each attribute of the database objects for creating the order of the objects. It also needs several rounds of data sorting by the coordinator on each dimension of the database objects. In this regard, our previous work consumes a significant amount of time for preparing the secure object order on each attribute. We also included the MapReduce framework only for sorting numeric values. However, using the MapReduce framework just for object ordering does not seem to be wise, since the framework itself requires a significant amount of time for inter-node communication and managing the process execution among multiple nodes.

In this work, we introduced an extended approach of [10] that can process the distributed object order more efficiently in a semi-honest computation environment; at the same time, it preserves the privacy of individual objects. In this extended work, we incorporate Paillier cryptosystem [11] for transforming the objects attributes value without changing the order of the objects on each attribute; where each participating party securely prepare encrypted object order on each attribute in collaboration with other participating parties. Then computes skyline from the order of the objects attribute value on each dimension without obtaining the original attributes’ value of the objects.

The remaining part of this paper is organized as follows. Section 2 reviews the related work. Section 3 discusses the notions and basic properties of skyline and Paillier cryptosystem. We briefly explain our secure skyline computation problem and proposed system model in Section 4. In Section 5, we specify the detailed algorithm with proper examples and analysis. Next, we discuss the privacy and security of our proposed framework in Section 6. We experimentally explain the efficiency of our algorithms in Section 7 under a variety of settings. Finally, Section 8 concludes this work.

Throughout this paper, we have used the hexadecimal number system for describing our proposed algorithm.

2. Related Work

Our previous research [10], as well as current research work, are motivated by earlier studies of skyline query processing, secure multi-party computation, and privacy-preserving secure skyline computation. Following Section 2.1 focuses on skyline query and Section 2.2 discuses about multi-party secure computation. Lastly, we highlighted on privacy-preserving secure skyline in Section 2.3.

2.1. Skyline Query

Borzsonyi et al., the original introducer of the skyline operator, proposed three algorithms for computing skyline from a large dataset: Block-Nested-Loops (BNL), Divide-and-Conquer (D&C), and B-tree-based schemes [12]. The BNL algorithm compares each object of the database with every other object and lists an object as a skyline object when any other object within the database does not dominate it. The D&C algorithm noticed the problem of memory limitation of a system. It divides the large dataset into several partitions and computes the skyline objects set for each partition by using a main-memory skyline algorithm. The skyline computation on the merged set of the skyline objects of each partition produces the final skyline. Later Kossmann et al. improved the D&C algorithm and proposed the Nearest Neighbor (NN) algorithm for pruning out dominated objects efficiently by iteratively partitioning the data space based on the nearest objects in the domain space [13]. Similarly, Chomicki et al. improved BNL by presorting, known as Sort-Filter-Skyline (SFS) [14]. The current most efficient algorithm is Branch-and-Bound Skyline (BBS) [15,16], which is a progressive algorithm based on the Fest-First Nearest Neighbor (BF-NN) algorithm proposed by Papadias et al. [17].

Presently, the distributed skyline computation becomes very popular. Balke et al. introduced skyline queries in distributed environments [18]. In their study, they presented several models for computing distributed skyline queries from the vertically partitioned web information. Wang et al. and Chen et al. both researched skyline query in structured P2P networks, named BATON networks, where peers are responsible for a partial region of data space [19,20]. Alternatively, a grid-based approach for distributed skyline processing (AGiDS) proposed by Rocha-Junior et al. [21] assuming that each peer maintains a grid-based data summary structure for describing its data distribution. Arefin et al. [22] worked on agent-based privacy skyline-set for the distributed database, but their query is different from us.

2.2. Multi-Party Secure Computation

The story of secure multi-party computation problem is widespread. Yao, who is the first introducer of this problem, presented a secure function evaluation process [23]. The process allows a set $P=\{p_1,\cdots ,p_m\}$ of m players/parties to compute an arbitrary agreed function of their private data. The function preserves the privacy of data even if an adversary may corrupt and control some players/parties in various ways. After that, Goldreich, Micali, and Wigderson [24] and many others extended the research. According to Goldreich et al. [24], Security in Multi-party Computation means that the parties’ data remain secret except the intended results of the computation. Fundamentally, secure multi-party computation protocols are relatively less efficient than specific purpose protocols.

Privacy-preserving data-mining problems are another example of secure multi-party computation problem. We addressed it in this literature. Lindell et al. and Agrawal et al. proposed two different privacy-preserving data-mining approach [1,25]. Lindell defines the problem considering two parties; each of them has a nonpublic database, where the parties want to conduct a data-mining operation jointly on the union of their databases without disclosing their database to other parties, or any third party. In Agrawal’s paper, the problem was defined in another way, assuming two parties: Alice and Bob. The problem is to allow Alice to conduct data-mining operation on a private database owned by Bob, where Bob wants to prevent Alice from accessing precise information in individual data records. Although the problems are quite similar, the solution of these two similar problems proposed by Lindell and Agrawal are different: Lindell and Pinkas adopted secure multi-party computation protocols to solve their problem, while Agrawal applied the data perturbation method.

Most of the existing solutions used homomorphic encryption for secure comparison [26,27,28] although these protocols are highly expensive concerning computation and communication complexity [29]. Lin et al. introduced an efficient comparison protocol based on homomorphic encryption [30]. They have improved the secure comparison protocol by comparing two secret values in two rounds of data communication between two participating parties. However, this protocol is only limited to comparing secure attribute values owned by two parties, and it is not scalable.

Besides that, several multi-party computation tasks could be performed over the sorting order of the objects’ attributes. Such as skyline computation, querying with aggregation function, statistical analysis, and so on [10,31,32,33]. The oblivious radix sort is a renowned protocol for sorting privacy-preserving multi-party objects, proposed by Hamada et al. [31]. However, it demands multiple rounds of computation and communication between the participating parties for sorting multi-party objects based on attribute value. Recently Xin et al. also proposed a solution for secure multi-party sorting problem [34]. However, their protocol is based on the assumption that the attributes’ value are elements of a universal set, which is known by all participating parties and the computational complexity of the protocol will become high when the size of the universal set is large.

2.3. Secure Skyline Query

Due to the information privacy and security awareness of the present era, privacy-preserving secure data analysis is considered to be one of the major research areas in “big data” processing. The privacy-preserving secure skyline query is also being researched for multi-criteria data analysis considering different application aspect. Liu et al. have proposed secure skyline queries on cloud platform [7]. On the other hand, Hua et al. have proposed another privacy-preserving skyline computation model, called CINEMA [8]. They have considered computing skyline based on the user’s dynamic query. Using their proposed framework, they have considered keeping the privacy of the user’s dynamic query point and keep the database objects secret from the users, so that the users cannot access the secure database objects, and the database owner cannot obtain the user’s query point during computation. Although their proposed model produces a secure computation environment concerning data privacy, their circumstances are entirely different from us. Moreover, both models involve computationally expensive secure comparison protocols. Where Liu et al. integrates secure comparison and secure bit-decomposition protocols proposed by Veugen et al. [27] and Samanthula et al. [35]. On the other hand, Hua et al. reduced the communication overhead of secure comparison by using 0-encoding and 1-encoding scheme proposed by Lin et al. [30].

Liu et al. proposed another privacy-preserving skyline computation framework [6], which can be deployable in a multi-party computation platform. They also improved the efficiency of multi-party secure skyline computation by using secure comparison protocol based on the 0-encoding and 1-encoding scheme proposed by [30] and Lightweight Additive Homomorphic Public Key Encryption(LAHE) Scheme. They also reduce the number of secure comparisons by using the additivity property of skyline [36]. They considered that each party computes local skyline objects set at first. Then the global skyline object set could be computed by using secure dominance relationship computation among each party’s local skyline objects. However, their proposed framework is based on pairwise secure skyline computation for computing global skyline. So, the computational complexity increases rapidly with the number of participating parties. Moreover, the complexity of 0-encoding and 1-encoding scheme used by their framework for comparing two private attributes value increase with the length of the attribute value in the number of binary bits.

Recently, Liu et al. also proposed a new framework for privacy-preserving user-centric dynamic skyline query over multi-party databases, called PUSC [9]. Although it is a new framework for dynamic skyline query over distributed multi-party databases, it is not efficient enough since it requires a massive time for execution due to the complexity of different protocols integrated with the computation process. And the skyline computation time of PUSC increases with the total number of encrypted data objects supplied by data providers.

Besides that, our previous work introduced secure objects’ ordering-based skyline computation framework [10]. In this framework, the participating parties jointly construct their database objects’ order in collaboration with a semi-honest third party, called the coordinator. It requires several rounds of ID encryption and decryption by individual parties and requires several rounds of data sorting by the coordinator for generating objects’ order securely on each attribute. In this regard, our previous work consumes a significant time for preparing a secure object order. We also deployed the MapReduce framework for sorting the numeric values there. However, employing the MapReduce framework just for sorting values does not improve the efficiency of the computation, since the framework requires significant time for inter-node communication and controlling the task execution using multiple computing nodes.

3. Preliminaries

This section defines related properties of the proposed algorithm.

3.1. Dominance and Skyline

Given a dataset $DS$ with d-dimensions $\{d_1,d_2,\cdots ,d_d\}$ and n objects $\{O_1,O_2,$$\cdots ,O_n\}$. We use $O_i$.$d_j$ to denote the j-th dimension value of object $O_i$. We assume that the smaller value in each attribute is better, without loss of generality.

Dominance: An object $O_i\in DS$ is said to dominate another object $O_j\in DS$, denoted as $O_i\prec O_j$, if $O_i.d_r\le O_j.d_r$ ($1\le r\le d$) for all d dimensions and $O_i.d_t<O_j.d_t$ ($1\le t\le d$) for at least one dimension. We call such $O_i$ as dominant object and such $O_j$ as dominated object between $O_i$ and $O_j$. For example, in Figure 2 object W is dominated by object P.

Skyline: An object $O_i\in DS$ is said to be a skyline object of $DS$, if and only if there is no such object $O_j\in DS$ ($j\ne i$) that dominates $O_i$. The skyline of $DS$, denoted by $Sky\left(DS\right)$, is the set of skyline objects in $DS$. For dataset shown in Figure 2, objects $\{U,O,P,X,Q,Y,Z\}$ are not dominated by any other objects. Thus, skyline query retrieves $Sky\left(DS\right)=\{U,O,P,X,Q,Y,Z\}$.

Additivity of Skyline Computation [36]: Given a dataset $DS$ and p datasets such that $DS=D{S}_1\cup \cdots \cup D{S}_p$, the following equation holds: $Sky\left(DS\right)=Sky(Sky\left(D{S}_1\right)\cup \cdots \cup Sky\left(D{S}_p\right))$. In Figure 2, if we consider that the red bubbles represent the objects of $D{S}_1$ and green squares represents the objects of $D{S}_2$. Then the skyline objects set of $D{S}_1$ and $D{S}_2$ can be given by $Sky\left(D{S}_1\right)=\{M,N,O,P,Q,R,S\}$ and $Sky\left(D{S}_2\right)=\{U,V,W,X,Y,Z\}$. However, the common skyline objects set can be given by $Sky\left(DS\right)=\{U,O,P,X,Q,Y,Z\}$, where $\{O,P,Q\}\in Sky\left(D{S}_1\right)$ and $\{U,X,Y,Z\}\in Sky\left(D{S}_2\right)$.

3.2. Paillier Cryptosystem

In our proposed approach we use the Paillier cryptosystem, which is a probabilistic asymmetric algorithm for public key cryptography [11]. In Paillier cryptosystem both the public and private key consists of two integers, where the public key is given by $Paillie{r}_{pk}(n,g)$ and the private key is given by $Paillie{r}_{sk}(\lambda ,\mu )$. The scheme is additive homomorphic encryption; this means that given the public key and the encryption of plain messages $m_1$ and $m_2$, one can compute the encryption of $m_1+m_2$.

Let us consider two plain messages $m_1$ and $m_2$ and their corresponding cipher messages ${\zeta }_1$ and ${\zeta }_2$, where ${\zeta }_1=En(m_1,Paillie{r}_{pk})$ and ${\zeta }_2=En(m_2,Paillie{r}_{pk})$.

Then, the following equations give the homomorphic addition and multiplication properties of Paillier cryptosystem.

• Homomorphic Addition

  $$({\zeta }_1\times {\zeta }_2)\mathrm{mod}{n}^2=En((m_1+m_2)\mathrm{mod}n,Paillie{r}_{pk})$$
• Homomorphic Multiplication

  $${\zeta }_1^k\mathrm{mod}{n}^2=En(k\times m_1\mathrm{mod}n,Paillie{r}_{pk})$$

At the above equations, n is the part of Paillier public key and k is a positive integer constant.

4. Multi-Party Secure Skyline Computation Problem and Proposed System Model

In this section, we formalize privacy-preserving multi-party secure skyline computation problem and our proposed system model.

4.1. Multi-Party Secure Skyline Problem

Let us consider a situation where several organizations have done some surveys about commission cost and risk prediction. We assume that each of the organizations has collected similar private information of their customers. Also, assume that all the organizations computed the local skyline from their private dataset. Now each organization wants to find the resultant skyline from the union of these local skyline result also termed as the organizations’ global database. However, none of them is allowed to disclose the attributes’ value of their database objects to other organizations. We call participant organizations of the skyline computation as parties. Due to additivity property of skyline computation, it is apparent that the result of skyline query computed from the union of each party’s dataset must be equal to the skyline query result obtained from the merged results of individual skyline.

To simplify the problem, we keep the number of participant parties is equivalent to 2. They are denoted as $DataNod{e}^1$ and $DataNod{e}^2$, respectively. To describe the proposed algorithm, assume that Figure 2 represent the union dataset of these two parties. Where “Green Square” symbol represents that the objects come from $DataNod{e}^1$ and “Red Circle” symbol means objects comes from $DataNod{e}^2$.

Table 1. Secure skyline objects set, $Sky\left(D{S}_1\right)$ of $DataNod{e}^1$.

ID	${\mathit{d}}_1$	${\mathit{d}}_2$
M	2D	E3
N	3B	BF
O	41	A7
P	4D	72
Q	90	51
R	B6	4C
S	F4	42

and

Table 2. Secure skyline objects set, $Sky\left(D{S}_2\right)$ of $DataNod{e}^2$.

ID	${\mathit{d}}_1$	${\mathit{d}}_2$
U	25	B2
V	54	AC
W	5D	7F
X	6F	66
Y	A8	34
Z	D8	28

represents the two-dimensional secure skyline objects set of $DataNod{e}^1$ and $DataNod{e}^2$.

4.2. System Model

In our proposed system model, we introduced a skyline computation procedure from secure multi-party databases in an efficient and privacy-preserving way. Like some existing model of privacy-preserving multi-party computation [7,8,9,10], we also adopted the semi-honest adversary model in our study, as defined in [37], and included a semi-honest third party adversary, called the coordinator, which will be trusted by all participating parties. We considered that the coordinator is honest-but-curious. Specifically, all participating parties along with the coordinator strictly executes the protocol but intend to extract the private data from the computation. Therefore, any participating party will not expose their object directly to the coordinator or other participating parties. Therefore, we consider that all parties securely transform their objects’ attributes’ value without changing their order on each dimension and the coordinator computes the multi-party skyline objects set from the order of the objects’ attributes value. The detailed process of this skyline query, which does not use actual attributes’ value but the order of the attributes, can be found in [32]. The sorting order generation process should need to be secure enough so that nothing could be obtained by the coordinator other than the relative order of objects’ secret attributes’ value on each dimension. The proposed framework also needs to confirm that the participating parties should be unable to guess the value of the secret objects’ attributes of other party’s objects during computation. Therefore, the transformed order information should need to be secret to all participating parties. In this regard, we consider using the Paillier cryptosystem, and its properties for transforming the objects’ attributes’ value. As a semi-honest model, our proposed framework implicitly assumes that there will be no collude among the coordinator and some of the corrupted parties.

5. Privacy-Preserving Multi-Party Secure Skyline Computation Algorithm

In this section, we provide details of the proposed algorithm. It consists of eight steps.

• Local skyline computation.
• Fix the bit-slice length and maximum bit-length of substitute vector element.
• Paillier key-pair generation.
• Generate and share the encrypted substitute vectors.
• Combine the encrypted substitute vectors.
• Encrypt the object order and resultant dataset generation.
• Decrypt the objects order and global skyline computation.
• Qualified global skyline objects identification.

Figure 3 describes the simplified block-diagram of our proposed privacy-preserving skyline computation model. Where we use one coordinator and p is the number of participating parties. Each ${\mathit{V}}^{\mathit{m}}$ represents the substitute vector generated by $DataNod{e}^m$, and $En\left({\mathit{V}}^{\mathit{m}}\right)$ represents the encrypted substitute vector of ${\mathit{V}}^{\mathit{m}}$, where each element of ${\mathit{V}}^{\mathit{m}}$ is encrypted using the Paillier public key.

5.1. Local Skyline Computation

Due to the additivity property of skyline computation, we can say that each global skyline object must be a member of any one of the local skyline objects set of the participating parties. So, we consider that each participating party initially computes respective local skyline objects set from their secure private dataset to compute global skyline. The local skyline query minimizes the risk of database disclosure by analyzing the objects’ attributes’ order information by the coordinator. This process also reduces the complexity of skyline computation from the combined large database of multi-party objects’ attributes’ order.

5.2. Fix the Bit-Slice Length and Maximum Bit-Length of Substitute Vector Element

We admitted that the objects’ attribute value could be significantly large. Therefore, we need to split the attribute value into multiple slices for substituting the attribute value with the substitute vector element. These substitute vectors replace the attribute value without changing their order. We also need to keep the vector size within the acceptable memory capacity during computation. For example, if we consider the attribute value could have a variation from 0 to $(2^{32}-1)$, it is not feasible to create a single vector of length $2^{32}$ for replacing the attribute value. However, it could be possible to use three substitute vectors of length $2^{11}$ to substitute the attribute value without changing their sorting order. In this regard, at the beginning of our proposed framework, all participating parties mutually fix the bit-slice length for splitting the attributes’ value of each dimension to substitute it with substitute vector element. After that, it generates a separate objects order on each attribute. Each party also mutually fix the maximum bit-length of substitute vector element. The maximum bit-length of substitute vector element must need to be higher than the corresponding bit-slice length. It is also essential that the bit-slice length for splitting the attributes’ value should be long enough, since the coordinator may try to assume the actual attribute value by analyzing the incidence of the bit pattern of the transformed value of the objects’ attributes, while the bit-slice length is small.

Our proposed algorithm considered the most straightforward way for fixing the bit-slice length and maximum bit-length of substitute vector element without any concern of the coordinator. At first, each participating party recommend bit-slice length and maximum bit-length and shares it with other parties. Finally, each participating party computes the rounded-up integer average of all participating parties’ recommendation. All participating parties must follow this rounded-up integer average bit-slice length and maximum bit-length of the corresponding vector element for generating encrypted substitute vector.

Assume that two participating party recommendations are shown in

Table 3. Bit-slice length, $\mathit{N}$ and maximum bit-length, $\mathit{R}$ recommended by $DataNod{e}^1$.

$\mathit{Attribute},\mathit{i}$	$\mathit{Slice},\mathit{j}$	${\mathit{N}}_{\mathit{i},\mathit{j}}$	${\mathit{R}}_{\mathit{i},\mathit{j}}$
1	0	3	7
1	1	5	9
2	0	5	9
2	1	3	8

and

Table 4. Bit-slice length, $\mathit{N}$ and maximum bit-length, $\mathit{R}$ recommended by $DataNod{e}^2$.

$\mathit{Attribute},\mathit{i}$	$\mathit{Slice},\mathit{j}$	${\mathit{N}}_{\mathit{i},\mathit{j}}$	${\mathit{R}}_{\mathit{i},\mathit{j}}$
1	0	5	9
1	1	3	7
2	0	4	8
2	1	4	8

respectively, for generating encrypted substitute vector to substitute their two-dimensional integer dataset. Here each ${\mathit{N}}_{\mathit{i},\mathit{j}}$ indicates the bit-slice length of $i^{th}$ attribute and $j^{th}$ slice, where j is indexed from less significant bits slice to most significant bits slice of the corresponding attribute value. Similarly, each ${\mathit{R}}_{\mathit{i},\mathit{j}}$ indicates the maximum bit-length of substitute vector element for $i^{th}$ attribute and $j^{th}$ slice.

Table 5. Determined bit-slice length, $\mathit{N}$ and maximum bit-length, $\mathit{R}$.

$\mathit{Attribute},\mathit{i}$	$\mathit{Slice},\mathit{j}$	${\mathit{N}}_{\mathit{i},\mathit{j}}$	${\mathit{R}}_{\mathit{i},\mathit{j}}$
1	0	4	8
1	1	4	8
2	0	5	9
2	1	4	8

represent the computed common bit-slice length for splitting the attribute value and common maximum bit-length of the corresponding vector element.

Although we have considered 8-bit integer attribute values for our running example and 4 or 5-bit bit-slice length for splitting the attribute value, in the real experiment, we have examined our proposed protocol for 32-bit integer attribute value and bit-slice length higher than 10.

5.3. Paillier Key-Pair Generation

The coordinator generates Paillier public key, $Paillie{r}_{pk}(n,g)$ for data encryption and private key, $Paillie{r}_{sk}(\lambda ,\mu )$ for data decryption. The detail Paillier key construction process is explained in [11]. After generating the key-pair, the coordinator shares the public key with all participating parties.

5.4. Generate and Share the Encrypted Substitute Vectors

To conceal the actual attribute value from the coordinator, all participating parties generate $2^{{\mathit{N}}_{\mathit{i},\mathit{j}}}$ unique values between 0 to $(2^{{\mathit{R}}_{\mathit{i},\mathit{j}}}-1)$ for substituting $j^{th}$ slice of $i^{th}$ dimension. Then each participating party $DataNod{e}^m$ sort the generated random values into a vector table, ${\mathit{V}}_{\mathit{i},\mathit{j}}^{\mathit{m}}$. After that, each element of sorted vector table multiplied with $2^{{\mathit{K}}_{\mathit{i},\mathit{j}}}$, except the sorted vector table constructed for the less significant bit-slice of each attribute (i.e., $j=0$). Value of ${\mathit{K}}_{\mathit{i},\mathit{j}}$ can be computed using the following equation.

$${\mathit{K}}_{\mathit{i},\mathit{j}}=\sum _{l=0}^{j-1}{\mathit{R}}_{\mathit{i},\mathit{l}}$$

After multiplying with $2^{{\mathit{K}}_{\mathit{i},\mathit{j}}}$, the participating parties encrypt each element of their generated vector table using Paillier public key, $Paillie{r}_{pk}$ to construct encrypted substitute vector table, ${\mathit{\rho }}_{\mathit{i},\mathit{j}}^{\mathit{m}}$. Assume that all parties has determined to construct an encrypted substitute vector table for substituting the attributes’ value of $i^{th}$ dimension and $j^{th}$ slice of a dataset, where the bit-slice length, ${\mathit{N}}_{\mathit{i},\mathit{j}}=4$ and the maximum bit-length, ${\mathit{R}}_{\mathit{i},\mathit{j}}=8$. The construction of encrypted substitute vector, ${\mathit{\rho }}_{\mathit{i},\mathit{j}}^{\mathbf{1}}$ for $DataNod{e}^1$ described in

Table 6. Example of Encrypted Substitute Vector Generation for ${\mathit{N}}_{\mathit{i},\mathit{j}}=4$ and ${\mathit{R}}_{\mathit{i},\mathit{j}}=8$.

Index	Sorted Random	Encrypted Vector,
k	Number, ${\mathit{V}}_{\mathit{i},\mathit{j}}^1$	${\mathit{\rho }}_{\mathit{i},\mathit{j}}^1{=\mathit{En}(2}^{{\mathit{K}}_{\mathit{i},\mathit{j}}}\times {\mathit{V}}_{\mathit{i},\mathit{j}}^1{,\mathit{Paillier}}_{\mathit{pk}})$
0	0D	${\rho }_{i,j,0}^1$
1	13	${\rho }_{i,j,1}^1$
2	26	${\rho }_{i,j,2}^1$
3	31	${\rho }_{i,j,3}^1$
4	3B	${\rho }_{i,j,4}^1$
5	40	${\rho }_{i,j,5}^1$
6	44	${\rho }_{i,j,6}^1$
7	51	${\rho }_{i,j,7}^1$
8	5E	${\rho }_{i,j,8}^1$
9	6C	${\rho }_{i,j,9}^1$
A	9F	${\rho }_{i,j,A}^1$
B	A6	${\rho }_{i,j,B}^1$
C	AF	${\rho }_{i,j,C}^1$
D	C2	${\rho }_{i,j,D}^1$
E	DC	${\rho }_{i,j,E}^1$
F	F4	${\rho }_{i,j,F}^1$

.

Following this way, all participating parties generate encrypted substitute vector for all attributes and slices according to Table 5. After encrypted substitute vectors generation, each participating party shares their generated vectors to other parties except the coordinator. The Paillier encryption hides the value of the sorted vector element from the other participating parties, while they shared the vector among each other. It allows homomorphic addition and multiplication on the encrypted vector elements.

5.5. Combine the Encrypted Substitute Vectors

After receiving the encrypted substitute vector from all participating parties, each party adds (using homomorphic addition property) all the encrypted substitute vectors supplied by the individual parties to obtain the ultimate consolidated encrypted substitute vectors.

Table 7. Example of Combined Encrypted Substitute Vector Construction for N_i,j = 4.

Index	Encrypted Vectors		Combined Vector
k	${\mathit{\rho }}_{\mathit{i},\mathit{j}}^1$	${\mathit{\rho }}_{\mathit{i},\mathit{j}}^2$	${\mathit{\xi }}_{\mathit{i},\mathit{j}}={\mathit{\rho }}_{\mathit{i},\mathit{j}}^1+{\mathit{\rho }}_{\mathit{i},\mathit{j}}^2$
0	${\rho }_{i,j,0}^1$	${\rho }_{i,j,0}^2$	${\xi }_{i,j,0}$
1	${\rho }_{i,j,1}^1$	${\rho }_{i,j,1}^2$	${\xi }_{i,j,1}$
2	${\rho }_{i,j,2}^1$	${\rho }_{i,j,2}^2$	${\xi }_{i,j,2}$
3	${\rho }_{i,j,3}^1$	${\rho }_{i,j,3}^2$	${\xi }_{i,j,3}$
4	${\rho }_{i,j,4}^1$	${\rho }_{i,j,4}^2$	${\xi }_{i,j,4}$
5	${\rho }_{i,j,5}^1$	${\rho }_{i,j,5}^2$	${\xi }_{i,j,5}$
6	${\rho }_{i,j,6}^1$	${\rho }_{i,j,6}^2$	${\xi }_{i,j,6}$
7	${\rho }_{i,j,7}^1$	${\rho }_{i,j,7}^2$	${\xi }_{i,j,7}$
8	${\rho }_{i,j,8}^1$	${\rho }_{i,j,8}^2$	${\xi }_{i,j,8}$
9	${\rho }_{i,j,9}^1$	${\rho }_{i,j,9}^2$	${\xi }_{i,j,9}$
A	${\rho }_{i,j,A}^1$	${\rho }_{i,j,A}^2$	${\xi }_{i,j,A}$
B	${\rho }_{i,j,B}^1$	${\rho }_{i,j,B}^2$	${\xi }_{i,j,B}$
C	${\rho }_{i,j,C}^1$	${\rho }_{i,j,C}^2$	${\xi }_{i,j,C}$
D	${\rho }_{i,j,D}^1$	${\rho }_{i,j,D}^2$	${\xi }_{i,j,D}$
E	${\rho }_{i,j,E}^1$	${\rho }_{i,j,E}^2$	${\xi }_{i,j,E}$
F	${\rho }_{i,j,F}^1$	${\rho }_{i,j,F}^2$	${\xi }_{i,j,F}$

illustrates this process, where we consider two participating parties and ${\mathit{N}}_{\mathit{i},\mathit{j}}=4$.

5.6. Encrypt the Object Order and Resultant Dataset Generation

All participating parties split each local skyline objects set attribute values according to predetermined bit-slice length. For our running example bit-slice is shown in Table 5. The split value should be used as the index of the combined encrypted vector elements corresponds to their respective attributes and slices. Finally, the corresponding encrypted vector elements for each attribute value added together using homomorphic addition to generate encrypted order sequence of the object on that attribute. For self-blinding, each party also add the encryption of 0 with the value of encrypted sorting order.

Consider that both parties agreed to split the $i^{th}$ attribute value with $S_i$ slices and ${\mathit{\sigma }}_{\mathit{i},\mathbf{0}},\cdots ,{\mathit{\sigma }}_{\mathit{i},{\mathit{S}}_{\mathit{i}}-\mathbf{1}}$ represent the corresponding encrypted vector elements of the split pieces of that attribute value. Then the transformation to encrypted object order ${\mathit{\delta }}_{\mathit{i}}$ by using the encrypted substitute vector elements can be computed by the following equation:

$${\mathbf{\delta }}_{\mathit{i}}={\displaystyle \sum _{j=0}^{S_i-1}{\mathbf{\sigma }}_{\mathit{i},\mathit{j}}}+En(0,Paillie{r}_{pk})$$

The coordinator may assume the individual skyline object identity by identifying the object provider. To avoid such situation, we consider that the individual parties do not send their locally computed skyline objects attributes order separately to the coordinator. In this regard, each party anonymizes their local skyline object’s IDs as follows: (1) Each party adds redundant bits with their local skyline objects’ IDs by using CRC scheme [38]. (2) The IDs with padded CRC bits are then encrypted by the corresponding party’s symmetric encryption key. Let us consider the original $ID$ of a local skyline object belongs to $DataNod{e}^i$ is $\alpha$ and $DE{S}_i$ is the symmetric encryption key of $DataNod{e}^i$. If $i{d}_{\alpha }$ represents the encrypted $ID$ of that object, then $i{d}_{\alpha }$ can be computed by using the following equation:

$$i{d}_{\alpha }=En((\alpha \parallel CRC\left(\alpha \right)),DE{S}_i)$$

Table 8. Encrypted disguised object order generation by $DataNod{e}^1$.

ID	${\mathit{d}}_1$	${\mathit{d}}_2$	${\mathit{\sigma }}_{1,1}$	${\mathit{\sigma }}_{1,0}$	${\mathit{\sigma }}_{2,1}$	${\mathit{\sigma }}_{2,0}$	$\mathit{id}$	${\mathit{\delta }}_1$	${\mathit{\delta }}_2$
M	2D	E3	${\xi }_{1,1,2}$	${\xi }_{1,0,D}$	${\xi }_{2,1,7}$	${\xi }_{2,0,03}$	$i{d}_M$	${\delta }_{1,M}$	${\delta }_{2,M}$
N	3B	BF	${\xi }_{1,1,3}$	${\xi }_{1,0,B}$	${\xi }_{2,1,5}$	${\xi }_{2,0,1F}$	$i{d}_N$	${\delta }_{1,N}$	${\delta }_{2,N}$
O	41	A7	${\xi }_{1,1,4}$	${\xi }_{1,0,1}$	${\xi }_{2,1,5}$	${\xi }_{2,0,07}$	$i{d}_O$	${\delta }_{1,O}$	${\delta }_{2,O}$
P	4D	72	${\xi }_{1,1,4}$	${\xi }_{1,0,D}$	${\xi }_{2,1,3}$	${\xi }_{2,0,12}$	$i{d}_P$	${\delta }_{1,P}$	${\delta }_{2,P}$
Q	90	51	${\xi }_{1,1,9}$	${\xi }_{1,0,0}$	${\xi }_{2,1,2}$	${\xi }_{2,0,11}$	$i{d}_Q$	${\delta }_{1,Q}$	${\delta }_{2,Q}$
R	B6	4C	${\xi }_{1,1,B}$	${\xi }_{1,0,6}$	${\xi }_{2,1,2}$	${\xi }_{2,0,0C}$	$i{d}_R$	${\delta }_{1,R}$	${\delta }_{2,R}$
S	F4	42	${\xi }_{1,1,F}$	${\xi }_{1,0,4}$	${\xi }_{2,1,2}$	${\xi }_{2,0,02}$	$i{d}_S$	${\delta }_{1,S}$	${\delta }_{2,S}$

and

Table 9. Encrypted disguised object order generation by $DataNod{e}^2$.

ID	${\mathit{d}}_1$	${\mathit{d}}_2$	${\mathit{\sigma }}_{1,1}$	${\mathit{\sigma }}_{1,0}$	${\mathit{\sigma }}_{2,1}$	${\mathit{\sigma }}_{2,0}$	$\mathit{id}$	${\mathit{\delta }}_1$	${\mathit{\delta }}_2$
U	25	B2	${\xi }_{1,1,2}$	${\xi }_{1,0,5}$	${\xi }_{2,1,5}$	${\xi }_{2,0,12}$	$i{d}_U$	${\delta }_{1,U}$	${\delta }_{2,U}$
V	54	AC	${\xi }_{1,1,5}$	${\xi }_{1,0,4}$	${\xi }_{2,1,5}$	${\xi }_{2,0,0C}$	$i{d}_V$	${\delta }_{1,V}$	${\delta }_{2,V}$
W	5D	7F	${\xi }_{1,1,5}$	${\xi }_{1,0,D}$	${\xi }_{2,1,3}$	${\xi }_{2,0,1F}$	$i{d}_W$	${\delta }_{1,W}$	${\delta }_{2,W}$
X	6F	66	${\xi }_{1,1,6}$	${\xi }_{1,0,F}$	${\xi }_{2,1,3}$	${\xi }_{2,0,06}$	$i{d}_X$	${\delta }_{1,X}$	${\delta }_{2,X}$
Y	A8	34	${\xi }_{1,1,A}$	${\xi }_{1,0,8}$	${\xi }_{2,1,1}$	${\xi }_{2,0,14}$	$i{d}_Y$	${\delta }_{1,Y}$	${\delta }_{2,Y}$
Z	D8	28	${\xi }_{1,1,D}$	${\xi }_{1,0,8}$	${\xi }_{2,1,1}$	${\xi }_{2,0,08}$	$i{d}_Z$	${\delta }_{1,Z}$	${\delta }_{2,Z}$

describe the encrypted ordering sequence generation process of $DataNod{e}^1$ and $DataNod{e}^2$.

Finally, all participating parties send the encrypted local skyline objects order on each attribute along with their encrypted $ID$s to a common participating party. This party is also responsible for merging all encrypted skyline objects order on each attribute. After that, it sends the merged set of encrypted local skyline objects order to the coordinator.

5.7. Decrypt the Objects Order and Global Skyline Computation

After receiving the dataset with the encrypted disguised order of the local skyline objects on each attribute, the coordinator decrypts them by using Paillier private key, $Paillie{r}_{sk}$ and obtain the transformed value of local skyline objects without changing their relative order.

Table 10. Disguised Object Order Decryption by the coordinator.

ID	${\mathit{\delta }}_1$	${\mathit{\delta }}_2$	${\mathit{\theta }}_1$	${\mathit{\theta }}_2$
$i{d}_M$	${\delta }_{1,M}$	${\delta }_{2,M}$	4C9C	22A93
$i{d}_N$	${\delta }_{1,N}$	${\delta }_{2,N}$	7A60	18BEE
$i{d}_O$	${\delta }_{1,O}$	${\delta }_{2,O}$	C572	1891D
$i{d}_P$	${\delta }_{1,P}$	${\delta }_{2,P}$	C69C	F874
$i{d}_Q$	${\delta }_{1,Q}$	${\delta }_{2,Q}$	15060	CA6C
$i{d}_R$	${\delta }_{1,R}$	${\delta }_{2,R}$	185BF	C9DC
$i{d}_S$	${\delta }_{1,S}$	${\delta }_{2,S}$	1D1A5	C854
$i{d}_U$	${\delta }_{1,U}$	${\delta }_{2,U}$	4BAA	18A74
$i{d}_V$	${\delta }_{1,V}$	${\delta }_{2,V}$	F2A5	189DC
$i{d}_W$	${\delta }_{1,W}$	${\delta }_{2,W}$	F39C	F9EE
$i{d}_X$	${\delta }_{1,X}$	${\delta }_{2,X}$	FDED	F70E
$i{d}_Y$	${\delta }_{1,Y}$	${\delta }_{2,Y}$	15C22	869E
$i{d}_Z$	${\delta }_{1,Z}$	${\delta }_{2,Z}$	1B622	853A

illustrates the sample database with encrypted data obtained from individual parties. The transformed order value of the objects’ attributes on each dimension after decryption, where each value in column ${\mathit{\theta }}_{\mathit{i}}$ for $\mathit{i}=1,2$ obtained by decrypting each encrypted value in column ${\mathit{\delta }}_{\mathit{i}}$. This process can be represented by the following equation:

$${\mathbf{\theta }}_{\mathit{i}}=De({\mathbf{\delta }}_{\mathit{i}},Paillie{r}_{sk})$$

Here we discuss the procedure of obtaining ${\theta }_{1,i{d}_M}=4C9C_{16}$ for $i{d}_M$, where the original attribute value is $2D_{16}$. Let’s assume the value of substitute vector elements $V_{1,0,D}^1$ and $V_{1,0,D}^2$ for hexadecimal value $D_{16}$ generated by $DataNod{e}^1$ and $DataNod{e}^2$ are $C{2}_{16}$ and $D{A}_{16}$, respectively. Similarly, $V_{1,1,2}^1=1D_{16}$ and $V_{1,1,2}^2=2E_{16}$ for $2_{16}$.

After encrypting with $Paillie{r}_{pk}$, $DataNod{e}^1$ and $DataNod{e}^2$ obtain ${\rho }_{1,0,D}^1=En\left(C{2}_{16}\right)$ and ${\rho }_{1,0,D}^2=En\left(2E_{16}\right)$. Therefore, using homomorphic addition property, both parties can obtain the combine encrypted substitute vector element for $D_{16}$ as ${\xi }_{1,0,D}={\rho }_{1,0,D}^1+{\rho }_{1,0,D}^2=En\left(C{2}_{16}\right)+En\left(D{A}_{16}\right)=En\left(19C_{16}\right)$.

Since, $K_{1,1}=8$ for our running example. Hence, for $DataNod{e}^1$, ${\rho }_{1,1,2}^1=En(2^{K_{1,1}}\times V_{1,1,2}^1=En(2^8\times 1D_{16})=En\left(1D{00}_{16}\right)$. By using the same equation $DataNod{e}^2$ computes ${\rho }_{1,1,2}^2=En\left(2E{00}_{16}\right)$. Proceeding in the same way of obtaining combine encrypted substitute vector element for $D_{16}$, both parties can get ${\xi }_{1,1,2}={\rho }_{1,1,2}^1+{\rho }_{1,1,2}^2=En\left(4B{00}_{16}\right)$ for $2_{16}$.

Finally, by adding the encrypted substitute vector elements for original attribute value $2D_{16}$, $DataNod{e}^1$ can produce the encrypted order value as ${\delta }_{1,M}={\xi }_{1,0,D}+{\xi }_{1,1,2}=En\left(19C_{16}\right)+En\left(4B{00}_{16}\right)=En\left(4C9C_{16}\right)$.

After decryption, the coordinator uses the object order on each attribute for computing global skyline query. From Table 10, we observe that according to the transformed value of the objects secure attribute value, any other objects within the dataset do not dominate the dataset objects with IDs $\{i{d}_U,i{d}_O,i{d}_P,i{d}_X,i{d}_Q,i{d}_Y,i{d}_Z\}$. It can be confirmed from column ${\mathit{\theta }}_{\mathbf{1}}$ and ${\mathit{\theta }}_{\mathbf{2}}$. Therefore, the coordinator computes the skyline result as $\{i{d}_U,i{d}_O,i{d}_P,i{d}_X,i{d}_Q,i{d}_Y,i{d}_Z\}$. Since each $i{d}_{\alpha }$ representing the object with ID$\alpha$, hence the result is also correct according to their original attributes value, as illustrated in Figure 2. After computing the global skyline objects set $Sky\left(DS\right)$ the coordinator sends the encrypted IDs of qualified $Sky\left(DS\right)$ objects to all participating parties.

5.8. Qualified Global Skyline Objects Identification

After receiving the encrypted $ID$s of the global skyline objects each party tries to decrypt the encrypted $ID$s using their symmetric encryption key. If the party owns that skyline object, the party can quickly identify it by the decrypted $ID$s and CRC code checking. Proceeding in a similar way each participating party recognizes their respective globally qualified skyline objects.

6. Privacy and Security

Our proposed framework of privacy-preserving secure multi-party skyline computation is based on transforming the attributes’ value without changing the order of the objects‘ attributes on each dimension. As a semi-honest adversary model, this framework implicitly assumes that all participating parties trust the coordinator and the coordinator honestly executes the processes and does not make an alliance with any of the corrupted party for obtaining the combined encrypted substitute vector.

Since only the coordinator has the private decryption key, no other party can obtain the transformed order information of the objects’ attributes. So, the data privacy of honest parties will not be affected by the dishonesty of some of the corrupted parties. On the other hand, since the participating parties only share the attributes order of their local skyline objects set computed from their secure database, it is not possible to guess the attribute value by analyzing the frequency of the limited number of objects’ attributes order value. However, if the coordinator and any corrupted party make any conspiracy by sharing substitute vectors, those are used for transforming the objects’ attributes, then the proposed framework cannot meet the privacy and security expectation.

Therefore, now we can claim that the proposed framework secures the privacy of the objects during multi-party skyline computation.

7. Experiments

In this section, we evaluate the performance and effectiveness of our proposed framework. We used four identical computers connected with Cisco Catalyst 2960-X Series Gigabit Switch for the experimental setup. Out of the four computers one was considered to be the coordinator and other three computers as individual parties containing private datasets. Each of the computers has an Intel^® Core™ i5-6500 3.20 GHz CPU and 8 GB memory. We used the 64-bit Ubuntu 16.04 operating system for our experiment. We compiled the source codes of the program under Java V8 and executed the program under Java™ 1.8.0 Runtime Environment. We generated synthetic datasets for evaluating the performance of our proposed framework. Each attribute value of the synthetic datasets was randomly picked from 32-bit unsigned integer. For the proposed study, we put our focus on the performance of generating secure object order targeting skyline computation from the privacy-preserved multi-party databases without unveiling the original attributes’ value of the objects to anyone. For evaluating the efficiency of our model, we considered that all participating parties begin to generate the encrypted substitute vectors and compute there local skyline objects set simultaneously after obtaining the Pallier public key, Paillier_pk from the coordinator.

From our experiment, we found that the significant time consumes for computing the local skyline objects set, for generating encrypted substitute vector and for combining the vectors generated by individual parties. However, since the individual parties compute the local skyline objects set from their plain dataset without any security protocol, the local skyline computation time remain same either for non-secured distributed skyline computation or for privacy-preserved multi-party skyline computation. We also comprehensively compared the complexity of our proposed framework with the frameworks proposed in [6,10].

A. Encrypted Substitute Vector Generation and Combining: We studied the runtime for encrypted substitute vector generation process according to the algorithm described in Section 5.4, which will be executed by each participating party simultaneously. Since the length of the substitute vector increases twice with each increase of the bit-slice length, the process runtime of generating the unique random numbers within a given range and encrypting the substitute vector elements also increases. However, using the larger bit-slice length reduces the number of partitions for splitting the attribute value to transform the attribute value and thus also reduces the number of the required substitute vector. For example, a 32-bit attribute value can be substitutable by using two vectors of 16-bit-slice length, but it requires three vectors to substitute using the vector of 11-bit-slice length. We examined runtime with varied bit-slice length from 10 to 16. Figure 4a shows the effect of encrypted substitute vector generation process with different bit-slice length.

We also studied the process execution time for joining the encrypted substitute vectors using homomorphic addition property according to Section 5.5. In this regard, we examined the runtime of combining three substitute vectors generated by three participating parties for varied bit-slice length. Our experimental result is illustrated in Figure 4b.

B. Privacy-Preserving Multi-Party Skyline Computation: To evaluate the performance of our proposed framework, we assumed that each participating party computes local skyline from the equal amount of data tuples. We evaluate the performance of our proposed framework for different data distribution and the varied number of objects’ dimension. For both experiments, we varied each participating parties’ tuples number from 10 k to 50 k.

To conduct this experiment, we used three different types of data distribution. They are correlated, anti-correlated, and independent distributions. As shown in Figure 5, this framework is affected by data distribution. We found that the framework is more efficient for the correlated dataset and less efficient for the anti-correlated dataset. However, the performance for independent dataset lies in between the performance for the anti-correlated and correlated dataset.

Figure 6 illustrates the effect of data dimension for computing skyline. We varied the data dimension from 2 to 6. Since the number of required encrypted substitute vector along with the number of comparisons and the amount of qualified local skyline objects increases with the vector dimension, the process execution time also increases. The results of our experiment also reflect it.

C. Comparison with Existing Privacy-Preserving Multi-party Skyline Computation Frameworks: The framework proposed in [6] applies the pairwise secure comparison of the objects’ attributes for computing dominance relationship between two participating parties’ objects. Therefore, the complexity of the algorithm increases with the number of participating parties, since each local skyline object of a party needs to be securely compared with other parties local skyline objects set separately. The author proposed to generate the homomorphic encryption key-pair twice for each comparison of the two private objects using the LAHE scheme. The complexity of the Fast Secure Integer Comparison (FSIC) protocol used by the framework depends on the maximum length of the attribute value in the number of bits. Furthermore, it also requires five rounds of information exchange between each pair of the participating parties for each comparison of their local skyline objects.

On the other hand, our proposed framework is comparatively less dependent on the number of participating parties. The coordinator generates the homomorphic encryption key-pair only for one time for the whole process. And our framework does not employ secure comparison protocol like [6]. Moreover, it just requires six rounds of data exchange for the entire computation process: at the beginning between the coordinator and the participating parties for sharing the public encryption key. After that, three rounds communication requires between the participating parties for fixing the bit-slice length, for sharing the encrypted substitute vector and merging the individual parties’ local skyline objects’ encrypted order on each attribute. Then, another round of communication required for sending the merged set of local skyline objects’ encrypted order to the coordinator. The final round of data communication needed between the coordinator and the participating parties, for sharing the encrypted $ID$s of the globally qualified skyline objects. Although it requires to transmit a large amount of data during the sharing of each party’s encrypted substitute vector, it is negligible compared to five rounds of information exchange for each dominance relationship comparison of two parties’ objects.

The method proposed in [10] is also scalable for any number of participating parties, although it requires multiple rounds of data interchange between the participating parties with the coordinator based on the number of slices of each attribute value and the number of dimension of the objects for preparing the order of the objects on each attribute. It also requires multiple rounds of sorting by the coordinator, and partial order merging by the individual parties for generating objects’ order securely on each attribute. On the other hand, our present work does not need several rounds of data exchange, data sorting and partial order merging like [10]. Besides that, we consider using homomorphic encrypted substitute vector to transform the objects’ attributes value securely without altering their order on each attribute.

Therefore, we claim that the proposed algorithm is more efficient and robust in terms of computation and communication complexity.

8. Conclusions

Our proposed approach addresses the problem of privacy-preserving skyline query in distributed multi-party databases. Considering privacy awareness, we must take the issue of data privacy during multi-party computation into account. We offered a secured but straightforward and efficient approach for skyline query in distributed multi-party databases without unveiling the objects’ attributes’ value, where most of the existing proposed framework for privacy-preserving multi-party skyline query requires time-consuming, expensive, and complex computation. We demonstrated the effectiveness and scalability of the proposed algorithm through intensive examples and experiments. It can also be possible to consider our proposed algorithm for the secure computation of the other variant of skyline query, such as k-dominant skyline and k-skyband. Besides that, the proposed algorithm of secured object ordering can also be applicable for retrieving the number of tuples with some given criteria of the database attributes from the privacy-preserved distributed multi-party databases.