Secure Outsourced Top-k Selection Queries against Untrusted Cloud Service Providers

As cloud computing reshapes the global IT industry, an increasing number of business owners have outsourced their datasets to third-party cloud service providers (CSP), which in turn answer data queries from end users on their behalf. A well known security challenge in data outsourcing is that the CSP cannot be fully trusted, which may return inauthentic or unsound query results for various reasons. This paper considers top-k selection queries, an important type of queries widely used in practice. In a top-k selection query, a user specifies a scoring function and asks for the k objects with the highest scores. Despite several recent efforts, existing solutions can only support a limited range of scoring functions with explicit forms known in advance. This paper presents three novel schemes that allow a user to verify the integrity and soundness of any top-k selection query result returned by an untrusted CSP. The first two schemes support monotone scoring functions, and the third scheme supports scoring functions comprised of both monotonically non-decreasing and non-increasing subscoring functions. Detailed simulation studies using a real dataset confirm the efficacy and efficiency of the proposed schemes and their significant advantages over prior solutions.

[1]  Jie Wu,et al.  Efficient Authentication of Multi-Dimensional Top- $k$ Queries , 2019, IEEE Access.

[2]  Ihab F. Ilyas,et al.  A survey of top-k query processing techniques in relational database systems , 2008, CSUR.

[3]  Jie Wu,et al.  Authentication of Multi-Dimensional Top-$K$ Query on Untrusted Server , 2018, 2018 IEEE/ACM 26th International Symposium on Quality of Service (IWQoS).

[4]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[5]  Rui Zhang,et al.  Verifiable Fine-Grained Top-k Queries in Tiered Sensor Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[6]  Cyrus Shahabi,et al.  Spatial Query Integrity with Voronoi Neighbors , 2013, IEEE Transactions on Knowledge and Data Engineering.

[7]  Yennun Huang,et al.  SFTopk: Secure Functional Top- $k$ Query via Untrusted Data Storage , 2015, IEEE Access.

[8]  Erol Gelenbe,et al.  Top-$k$ Query Result Completeness Verification in Tiered Sensor Networks , 2014, IEEE Transactions on Information Forensics and Security.

[9]  Rui Zhang,et al.  Secure Top- $k$ Query Processing in Unattended Tiered Sensor Networks , 2014, IEEE Transactions on Vehicular Technology.

[10]  Chi Zhang,et al.  Secure top-k query processing via untrusted location-based service providers , 2012, 2012 Proceedings IEEE INFOCOM.

[11]  J. R. Scotti,et al.  Available From , 1973 .

[12]  Kyriakos Mouratidis,et al.  Efficient verification of shortest path search via authenticated hints , 2010, 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010).

[13]  Suman Nath,et al.  Publicly verifiable grouped aggregation queries on outsourced data streams , 2013, 2013 IEEE 29th International Conference on Data Engineering (ICDE).

[14]  Man Lung Yiu,et al.  Authentication of moving range queries , 2012, CIKM '12.

[15]  Rui Li,et al.  Privacy and Integrity Preserving Top- $k$ Query Processing for Two-Tiered Sensor Networks , 2017, IEEE/ACM Transactions on Networking.

[16]  Feifei Li,et al.  Proof-Infused Streams: Enabling Authentication of Sliding Window Queries On Streams , 2007, VLDB.

[17]  Jianliang Xu,et al.  Authenticating Top-k Queries in Location-based Services with Confidentiality , 2013, Proc. VLDB Endow..

[18]  Rui Zhang,et al.  Secure outsourced skyline query processing via untrusted cloud service providers , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[19]  Rui Zhang,et al.  KV-Fresh: Freshness Authentication for Outsourced Multi-Version Key-Value Stores , 2020, IEEE INFOCOM 2020 - IEEE Conference on Computer Communications.

[20]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[21]  Jonathan Katz,et al.  IntegriDB: Verifiable SQL for Outsourced Databases , 2015, CCS.

[22]  Chi Zhang,et al.  Secure Spatial Top-k Query Processing via Untrusted Location-Based Service Providers , 2015, IEEE Transactions on Dependable and Secure Computing.

[23]  Cyrus Shahabi,et al.  Enforcing k nearest neighbor query integrity on road networks , 2012, SIGSPATIAL/GIS.

[24]  Ying Cai,et al.  Authentication of function queries , 2016, 2016 IEEE 32nd International Conference on Data Engineering (ICDE).

[25]  Erol Gelenbe,et al.  Top-k query result completeness verification in sensor networks , 2013, 2013 IEEE International Conference on Communications Workshops (ICC).

[26]  Qiang Zhou,et al.  EVTQ: An Efficient Verifiable Top-k Query Processing in Two-Tiered Wireless Sensor Networks , 2013, MSN.

[27]  Yin Yang,et al.  Authenticated indexing for outsourced spatial databases , 2009, The VLDB Journal.

[28]  Man Lung Yiu,et al.  Authentication of moving kNN queries , 2011, 2011 IEEE 27th International Conference on Data Engineering.

[29]  Jonathan Katz,et al.  vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[30]  Tian Wang,et al.  SLS-STQ: A Novel Scheme for Securing Spatial–Temporal Top- $k$ Queries in TWSNs-Based Edge Computing Systems , 2019, IEEE Internet of Things Journal.

[31]  Jiyong Jang,et al.  Lightweight authentication of freshness in outsourced key-value stores , 2014, ACSAC '14.