Access Control Friendly Query Verification for Outsourced Data Publishing

Outsourced data publishing is a promising approach to achieve higher distribution efficiency, greater data survivability, and lower management cost. In outsourced data publishing (sometimes referred to as third-party publishing), a data owner gives the content of databases to multiple publishers which answer queries sent by clients. In many cases, the trustworthiness of the publishers cannot be guaranteed; therefore, it is important for a client to be able to verify the correctness of the query results. Meanwhile, due to privacy concerns, it is also required that such verification does not expose information that is outside a client's access control area. Current approaches for verifying the correctness of query results in third-party publishing either do not consider the privacy preserving requirement, or are limited to one dimensional queries. In this paper, we introduce a new scheme for verifying the correctness of query results while preserving data privacy. Our approach handles multi-dimensional range queries. We present both theoretical analysis and experimental results to demonstrate that our approach is time and space efficient.

[1]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[2]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[3]  Michael T. Goodrich,et al.  Implementation of an authenticated dictionary with skip lists and commutative hashing , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[4]  Krishna P. Gummadi,et al.  An analysis of Internet content delivery systems , 2002, OPSR.

[5]  Kian-Lee Tan,et al.  Authenticating query results in edge computing , 2004, Proceedings. 20th International Conference on Data Engineering.

[6]  Elisa Bertino,et al.  Selective and authentic third-party distribution of XML documents , 2004, IEEE Transactions on Knowledge and Data Engineering.

[7]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[8]  Pankaj K. Agarwal,et al.  Geometric Range Searching and Its Relatives , 2007 .

[9]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[10]  Michael Gertz,et al.  A General Model for Authenticated Data Structures , 2004, Algorithmica.

[11]  Stuart Haber,et al.  Privacy-Preserving Verification of Aggregate Queries on Outsourced Databases , 2006 .

[12]  Jon Louis Bentley,et al.  Quad trees a data structure for retrieval on composite keys , 1974, Acta Informatica.

[13]  Roberto Tamassia,et al.  Dynamic algorithms in computational geometry , 1992, Proc. IEEE.

[14]  Elisa Bertino,et al.  Securing XML data in third-party distribution systems , 2005, CIKM '05.

[15]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[16]  Michael Ian Shamos,et al.  Divide-and-conquer in multidimensional space , 1976, STOC '76.

[17]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[18]  J. K. Wong Middle-Tier Database Caching for e-Business , 2002 .

[19]  Kian-Lee Tan,et al.  Authenticating Multi-dimensional Query Results in Data Publishing , 2006, DBSec.

[20]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[21]  Michael Gertz,et al.  Authentic Data Publication Over the Internet , 2003, J. Comput. Secur..