Conference Paper

Dynamic authenticated index structures for outsourced databases.

DOI: 10.1145/1142473.1142488 Conference: Proceedings of the ACM SIGMOD International Conference on Management of Data, Chicago, Illinois, USA, June 27-29, 2006
Source: DBLP

ABSTRACT In outsourced database (ODB) systems the database owner publishes its data through a number of remote servers, with the goal of enabling clients at the edge of the network to access and query the data more efficiently.As servers might be untrusted or can be compromised, query authentication becomes an essential component of ODB systems.Existing solutions for this problem concentrate mostly on static scenarios and are based on idealistic properties for certain cryptographic primitives.In this work, first we define a variety of essential and prac- tical cost metrics associated with ODB systems.Then, we analytically evaluate a number of different approaches, in search for a solution that best leverages all metrics.Most importantly, we look at solutions that can handle dynamic scenarios, where owners periodically update the data residing at the servers.Finally, we discuss query freshness, a new dimension in data au- thentication that has not been explored before.A comprehensive experimental evaluation of the proposed and existing approaches is used to validate the analytical models and verify our claims.Our findings exhibit that the proposed solutions improve performance substantially over existing approaches, both for static and dynamic environments.

  • [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we focus on the problem of result integrity verification for outsourcing of frequent item set mining. We design efficient cryptographic approaches that verify whether the returned frequent item set mining results are correct and complete with deterministic guarantee. The key of our solution is that the service provider constructs cryptographic proofs of the mining results. Both correctness and completeness of the mining results are measured against the proofs. We optimize the verification by minimizing the number of proofs. Our empirical study demonstrates the efficiency and effectiveness of the verification approaches.
    2013 IEEE International Conference on Data Mining (ICDM); 12/2013
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In the Database As Service(DAS) model, authenticated join processing is more difficult than authenticated range query because the previous approach of authenticated range query, signature on a single relation, can not be used to verify join results directly. In this paper, an authenticated hash join processing algorithm is described in detail, which can take full advantage of database service since most of work is pushed to database service provider. We analyze the performance with respect to cost factors, such as communication cost, server-side cost and client-side cost. Finally, results of experiments validating our approach are also presented.
    International Journal of Computer Network and Information Security. 02/2011; 3(1).
  • [Show abstract] [Hide abstract]
    ABSTRACT: Data are often stored at untrusted database servers. The lack of trust arises naturally when the database server is owned by a third party, as in the case of cloud computing. It also arises if the server may have been compromised, or there is a malicious insider. Ensuring the trustworthiness of data retrieved from such untrusted database is of utmost importance. Trustworthiness of data is defined by faithful execution of valid and authorized transactions on the initial data. Earlier work on this problem is limited to cases where data are either not updated, or data are updated by a single trustworthy entity. However, for a truly dynamic database, multiple clients should be allowed to update data without having to route the updates through a central server. In this demonstration, we present a system to establish authenticity and integrity of data in a dynamic database where the clients can run transactions directly on the database server. Our system provides provable authenticity and integrity of data with absolutely no requirement for the server to be trustworthy. Our system also provides assured provenance of data. This demonstration is built using the solutions proposed in our previous work[5]. Our system is built on top of Oracle with no modifications to the database internals. We show that the system can be easily adopted in existing databases without any internal changes to the database. We also demonstrate how our system can provide authentic provenance.
    2014 IEEE 30th International Conference on Data Engineering (ICDE); 03/2014


Available from