A New Query Integrity Verification Method with Cluster-based Data Transformation in Cloud Computing Environment

Due to advancement in cloud computing technology, the research on the outsourced database has been spotlighted. In database outsourcing, because the service provider might be untrusted or compromised, two issues of data security emerge: data confidentiality and data integrity. Many data transformation schemes were widely studied for preserving data confidentiality, but they are vulnerable to data leakage problem because they do not consider data distribution when encrypting original data. Meanwhile, several query authentication schemes were proposed to verity data integrity, but they suffer from transmission overhead of verification data. Motivated by these problems, we propose a privacy-aware query authentication scheme which guarantees the data confidentiality and the query result integrity of sensitive data. To solve the original data leakage problem, our clustering-based data transformation scheme is designed to select anchors based on data distribution. To verify the query result, we propose a query result authentication index that stores an encrypted signature for each anchor, which is a concatenated hash digest of cluster data. A user compares the verification information with the cluster signatures stored in the verification index. Through performance evaluation, we show that our method outperforms the existing method in terms of query processing time and verification data size.

[1]  Dongxi Liu,et al.  Query encrypted databases practically , 2012, CCS '12.

[2]  Wei-Shinn Ku,et al.  Efficient evaluation of skyline queries in wireless data broadcast environments , 2012, SIGSPATIAL/GIS.

[3]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[4]  Xiaoyong Du,et al.  Bucket‐based authentication for outsourced databases , 2010, Concurr. Comput. Pract. Exp..

[5]  Gene Tsudik,et al.  Signature Bouquets: Immutability for Aggregated/Condensed Signatures , 2004, ESORICS.

[6]  Dimitris Sacharidis,et al.  K-anonymity in the Presence of External Databases , 2022 .

[7]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[9]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[10]  Lata Ragha,et al.  Data Integrity and Confidentiality in Outsourced Database , 2012 .

[11]  Michael Gertz,et al.  Authentic Data Publication Over the Internet , 2003, J. Comput. Secur..

[12]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[13]  Yin Yang,et al.  Authenticated join processing in outsourced databases , 2009, SIGMOD Conference.

[14]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[15]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[16]  Vishal R. Shinde,et al.  Outsourced Similarity Search on Metric Data Assets , 2014 .

[17]  Murat Kantarcioglu,et al.  Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.

[18]  Gene Tsudik,et al.  DSAC: integrity for outsourced databases with signature aggregation and chaining , 2005, CIKM '05.

[19]  Gilles Brassard,et al.  Advances in Cryptology — CRYPTO’ 89 Proceedings , 2001, Lecture Notes in Computer Science.

[20]  Xiaoyong Du,et al.  Bucket-based authentication for outsourced databases , 2010 .

[21]  Elisa Bertino,et al.  PEAR: a hardware based protocol authentication system , 2010, SPRINGL '10.

[22]  Xiaoyong Du,et al.  A Secure Multi-dimensional Partition Based Index in DAS , 2008, APWeb.

[23]  Yannis Theodoridis,et al.  On the Generation of Spatiotemporal Datasets , 1999 .

[24]  Lars R. Knudsen,et al.  Advanced Encryption Standard (AES) - An Update , 1999, IMACC.