论文信息 - A New Query Integrity Verification Method for Encrypted Data in Database Outsourcing

A New Query Integrity Verification Method for Encrypted Data in Database Outsourcing

In database outsourcing, two issues of data security emerge: data confidentiality and data integrity. Existing data transformation schemes were widely studied for preserving data confidentiality, but they are vulnerable to data leakage problem because they do not consider data distribution when encrypting data. Meanwhile, query authentication schemes verifying data integrity, suffer from transmission overhead for verification data. In this paper, we propose a privacy-aware query authentication scheme which guarantees the data confidentiality and the query result integrity of sensitive data. To solve the original data leakage problem, we propose a bitmap-based data transformation scheme with anchor selection based on data distribution. Also, we devise a query result authentication index that stores an encrypted signature for each anchor so that it can reduce the amount of auditing data. Through performance evaluation, we show that our scheme outperforms the state-of-the-art method in terms of query processing time and verification overhead.

[1] Ralph C. Merkle,et al. A Certified Digital Signature , 1989, CRYPTO.

[2] Lata Ragha,et al. Data Integrity and Confidentiality in Outsourced Database , 2012 .

[3] Panos Kalnis,et al. Outsourced Similarity Search on Metric Data Assets , 2012, IEEE Transactions on Knowledge and Data Engineering.

[4] Gene Tsudik,et al. Authentication and integrity in outsourced databases , 2006, TOS.

[5] Xiaoyong Du,et al. Bucket-based authentication for outsourced databases , 2010 .

[6] Murat Kantarcioglu,et al. Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.

[7] Dimitris Sacharidis,et al. K-anonymity in the Presence of External Databases , 2022 .