Efficient query integrity for outsourced dynamic databases

Zheng, Qingji; Xu, Shouhuai; Ateniese, Giuseppe

doi:10.1145/2381913.2381927

Cited by 28 publications

(24 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Though there has been considerable amount of work on authenticated query processing on relational databases, but it has been acknowledged (for example in [37]) that the problem of query authentication largely remains open. An unified cryptographic treatment of the problem is missing in the literature.…”

Section: Incomplete Resultmentioning

confidence: 99%

“…Providing an experimental comparison of our scheme with the existing ones is beyond the scope of this work. Some authors (for example [37]) compare the storage and communication cost of the protocols in asymptotic terms, which also do not reveal the complete picture. Here we would point out some of the differences of our framework in comparison to the others with respect to functionality and costs.…”

Section: Discussion and Comparisonsmentioning

confidence: 99%

“…Most work in the literature on authenticated query processing focus on static databases. The proposals for dynamic scenario are quite few [14,29,37]. However, our proposal can be extended to dynamic scenarios also; this extension is not straightforward and we would report this separately soon.…”

Section: Dynamic Databasesmentioning

confidence: 97%

See 2 more Smart Citations

RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

Rodríguez-Henríquez

Chakraborty

2013

Security and Trust Management

View full text Add to dashboard Cite

Abstract. In this paper we address the problem of authenticated query processing in outsourced databases. An authenticated query processing mechanism allows a client to verify the validity of the query responses that it gets from an un-trusted and remote server, who stores the client's database on its behalf. We introduce a general framework called RDAS for the problem of authenticated query processing, and define the security goals for this task in line with concrete provable security. We propose several schemes which enable a client to verify both the completeness and correctness of the query responses of a server. All the schemes follow the proposed framework and are provably secure in terms of the proposed security definition. The novelty of the proposed schemes is that they use bitmap indexes as a main component for providing authentication. Bitmap indexes have recently seen lot of applications for accelerated query processing and many commercial databases implement such indexes. Bitmaps have not been previously used for a security goal. We show that the proposed schemes can match in both functionality and efficiency compared to the existing schemes. We also implement the schemes on a real database and provide extensive experimental studies on the schemes.

show abstract

Section: Incomplete Resultmentioning

confidence: 99%

Section: Discussion and Comparisonsmentioning

confidence: 99%

See 1 more Smart Citation

RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

Rodríguez-Henríquez

Chakraborty

2013

Security and Trust Management

View full text Add to dashboard Cite

show abstract

“…A number of techniques [11], [13], [7], [9], [10], [14], [8], [12], [16] have been proposed, aiming to provide both completeness and correctness of queries to remote databases. These existing techniques can be mainly divided into two groups: tree-based techniques [11], [7], [8], [12] and signature-based techniques [13], [9], [10], [14].…”

Section: Introductionmentioning

confidence: 99%

“…Trivial extension of these techniques for enabling more aggregation queries inevitably introduces tremendous communication cost or storage overhead for the system. Using homomorphic authenticators, Zheng et.al [16] recently proposed an integrity checking scheme that supports weighted sum query in addition to simple SQL queries. Their signature design allow all attributes in one tuple to share one signature and make the storage overhead independent to the number of attributes.…”

Section: Introductionmentioning

confidence: 99%

Flexible and publicly verifiable aggregation query for outsourced databases in cloud

Yuan

2013

2013 IEEE Conference on Communications and Network Security (CNS)

View full text Add to dashboard Cite

Abstract-For securing databases outsourced to the cloud, it is important to allow cloud users to verify that their queries to the cloud-hosted databases are correctly executed by the cloud. Existing solutions on this issue suffer from a high communication cost, a heavy storage overhead or an overwhelming computational cost on clients. Besides, only simple SQL queries (e.g., selection query, projection query, weighted sum query, etc) are supported in existing solutions. For practical considerations, it is desirable to design a client-verifiable (or publicly verifiable) aggregation query scheme that supports more flexible queries with affordable storage overhead, communication and computational cost for users. This paper investigates this challenging problem and proposes an efficient publicly verifiable aggregation query scheme for databases outsourced to the cloud. By designing a renewable polynomial-based authentication tag, our scheme supports a wide range of practical SQL queries including polynomial queries of any degrees, variance query and many other linear queries. Remarkably, our proposed scheme only introduces constant communication and computational cost to cloud users. Our scheme is provably secure under the Static Diffie-Hellman problem, the t-Strong Diffie-Hellman problem and the Computational DiffieHellman problem. We show the efficiency and scalability of our scheme through extensive numerical analysis. I. INTRODUCTIONBy outsourcing databases to the cloud, cloud users enjoy data sharing across geographical boundaries in addition to other benefits such as cost saving, on-demand self-service, resource elasticity, etc [15]. Despite appealing advantages, outsourcing databases to cloud also raises security concerns even for non-confidential databases. In particular, clients who query database outsourced to the cloud may wonder whether or not their queries are always correctly executed by cloud servers. This is because large-scale cloud infrastructures may suffer from hardware/software failures, errors caused by human operations, and even malicious attacks [1], [2]. To specify, clients need to verify the integrity and completeness of their queries over the outsourced databases: for any query request, we need to assure that the query is executed by the cloud on correct data and the returned results have not been modified (integrity); the results shall include the complete data set (completeness), e.g., if the query is on range [a, b], the results shall not be on other ranges [a , b ], where a = a and b = b.Related Work.

show abstract

Blockchain based integrity assurance framework for COVID‐19 information management & decision making at National Command Operation Center, Pakistan

Zaid

Akram

Rizvi

et al. 2023

Concurrency and Computation

View full text Add to dashboard Cite

The uncontrollable spread of contagious disease COVID-19 is a perennial threat to mankind and has resulted in an unprecedented lockdowns in several countries including Pakistan which in turn has caused an adverse socio-economic impact to all industries. The strategic leadership and concerned state authorities are trying hard to combat and control the spread of COVID-19 pandemic. The effective use of Information Management & Decision Support (IMDS) System can play significant role in combating pandemic and its spread, managing relief actions effectively, accessing vulnerable communities to roll out targeted subsidies by ensuring the coordinated effort and subsequent implementation. Reliable information is significantly critical to assist government and public health agencies in determining the best way forward to control this global health emergency. Therefore, this paper aims to strengthen capacity of IMDS System used by government institutions and authorities for decision making and information dissemination. In this research work, we addressed the integrity-based issues that include completeness, correctness, and freshness of data by proposing a block chain-based integrity protection mechanism. The proposed novel framework is a cascaded formulation of Integrity Assurance (IA) Protocol, Cryptographic Merkle Hash Tree, Digital Signature, and Blockchain. Beside cascaded formulation, two (2) schemes for MHT Generation are also presented in the framework. The proposed framework ensures fairness, completeness, and correctness of data that will be very helpful for secure data management, integration, and utilization in analysis for decision-making.The proposed framework achieved an accuracy of more than 98.09% with better quantitative performance in standard evaluation parameters. K E Y W O R D S block chain, COVID-19 variants delta & omicron, cryptographic hashing, decision support system, knowledge management 1 INTRODUCTION Contagious diseases are a perennial threat to mankind, since they cause fatalities (approximately 15 million mortalities per annum), fatal disabilities, as well as significantly critical socio-economic disruptions for nations. The disease Coronavirus 2019 (COVID-19) was reported for the first time in December of 2019 in the Wuhan, that is, capital of Hubei province in China. The outbreak subsequently spread across China and have

show abstract

Efficient query integrity for outsourced dynamic databases

Cited by 28 publications

References 34 publications

RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

Flexible and publicly verifiable aggregation query for outsourced databases in cloud

Blockchain based integrity assurance framework for COVID‐19 information management & decision making at National Command Operation Center, Pakistan

Contact Info

Product

Resources

About