Fine-Grained Cloud DB Damage Examination Based on Bloom Filters

More and more cloud database services have emerged recently which is economical, convenient and highly scalable. However the security concerns in these services are more prominent than ever before. The users should not rely on the Cloud Service Providers(CSPs) only to protect the integrity and retrievability of their cloud databases. We argue that it is not enough for the cloud db owners to know the existence of damage, but more importantly, they should be able to locate the damages precisely for the recovery afterwards. In this paper we provide fine-grained cloud DB damage examination methods by checking the results of sampling queries. The examination process support element/tuple level damage identification and is cost-efficient based on bloom filters. The process is also server transparent and imperceptible which prevent the CSP be inconsistent to different users.

[1]  Kian-Lee Tan,et al.  Authenticating query results in edge computing , 2004, Proceedings. 20th International Conference on Data Engineering.

[2]  Yin Yang,et al.  Spatial Outsourcing for Location-based Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[3]  Ernesto Damiani,et al.  Data and Applications Security XX, 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sophia Antipolis, France, July 31-August 2, 2006, Proceedings , 2006, DBSec.

[4]  Michael Gertz,et al.  Authentic Third-party Data Publication , 2000, DBSec.

[5]  Kian-Lee Tan,et al.  Authenticating Multi-dimensional Query Results in Data Publishing , 2006, DBSec.

[6]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[7]  Radu Sion,et al.  Query Execution Assurance for Outsourced Databases , 2005, VLDB.

[8]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[9]  Gene Tsudik,et al.  Authentication of Outsourced Databases Using Signature Aggregation and Chaining , 2006, DASFAA.

[10]  Chen Chi,et al.  Server Transparent Query Authentication of Outsourced Database , 2010 .

[11]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[12]  Josef Pieprzyk,et al.  Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7-11, 2008. Proceedings , 2008, ASIACRYPT.

[13]  Sushil Jajodia,et al.  A fragile watermarking scheme for detecting malicious modifications of database relations , 2006, Inf. Sci..

[14]  Xiaofeng Meng,et al.  Integrity Auditing of Outsourced Data , 2007, VLDB.

[15]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[16]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[17]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[18]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.