Employing Bloom Filters for Enforcing Integrity of Outsourced Databases in Cloud Environments

With the ever increasing growth of cloud computing and the resulting outsourcing of data, concerns of data integrity, security, and privacy are also on the rise. Among these, evidence of data integrity, i.e., being tamper-evident and current, seem to be of immediate concern. While several integrity techniques currently exist, most result in significant overhead at the database owner site. For clients with large databases, these are not viable solutions. In this paper, we propose a computationally efficient alternative—database integrity with Bloom filters. We focus both on the tamper-evidence and freshness properties of the database as well as completeness of query results. We propose two schemes for integrity enforcement—first using aggregates signatures and second using authenticated data structures. We provide detailed analysis and experimental results to prove their efficiency and correctness. The results are compared with the traditional security hash functions such as SHA-1 and are shown to be computationally efficient. We have also implemented the schemes on multiprocessor systems which show further reduction in the execution time. Our results clearly demonstrate the feasibility and efficacy of employing Bloom filters to enforce integrity for outsourced databases in cloud environments.

[1]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[2]  Venkatachalam Chandrasekaran,et al.  Similarity coefficient generators for network forensics , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[3]  Xiaofeng Meng,et al.  Integrity Auditing of Outsourced Data , 2007, VLDB.

[4]  A. Kumar,et al.  Space-code bloom filter for efficient per-flow traffic measurement , 2004, IEEE INFOCOM 2004.

[5]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[6]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[7]  Joseph B. Gurman How Many Terabytes Was That? Archiving and Serving Solar Space Data Without Losing Your Shirt , 1999 .

[8]  Wilson C. Hsieh,et al.  Bigtable: A Distributed Storage System for Structured Data , 2006, TOCS.

[9]  Michael T. Goodrich,et al.  Super-Efficient Verification of Dynamic Outsourced Databases , 2008, CT-RSA.

[10]  Abraham Silberschatz,et al.  Operating System Concepts , 1983 .

[11]  Alberto Polzonetti,et al.  Cloud computing for network business ecosystem , 2010, 2010 IEEE International Conference on Industrial Engineering and Engineering Management.

[12]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[13]  Michael T. Goodrich,et al.  Athos: Efficient Authentication of Outsourced File Systems , 2008, ISC.

[14]  Yixian Yang,et al.  Cyclic redundancy code check algorithm based on small lookup table , 2009, 2009 IEEE International Conference on Communications Technology and Applications.

[15]  Michael Gertz,et al.  Authentic Data Publication Over the Internet , 2003, J. Comput. Secur..

[16]  Yongdae Kim,et al.  On protecting integrity and confidentiality of cryptographic file system for outsourced storage , 2009, CCSW '09.