Abstract
Security of outsourced databases is an important problem of current practical interest. In this paper we address the problem of authenticated query processing in outsourced databases. We describe the syntax of a generic scheme for authenticated query processing called RDAS, and provide security definitions for RDAS in line with concrete provable security. Then, we propose a new scheme called RDAS1 which enables a client to ensure both correctness and completeness of the query results obtained from a server. Our solution involves use of bitmap indices and message authentication codes in a novel manner. We prove that RDAS1 is secure relative to our security definition. Finally, we discuss a concrete improvement over RDAS1 (which we call RDAS2) and provide performance data for both RDAS1 and RDAS2 on a real data base.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Chan, C.Y., Ioannidis, Y.E.: Bitmap index design and evaluation. In: Haas, L.M., Tiwary, A. (eds.) SIGMOD Conference, pp. 355–366. ACM Press (1998)
Chan, C.Y., Ioannidis, Y.E.: An efficient bitmap encoding scheme for selection queries. In: Delis, A., Faloutsos, C., Ghandeharizadeh, S. (eds.) SIGMOD Conference, pp. 215–226. ACM Press (1999)
Devanbu, P.T., Gertz, M., Martel, C.U., Stubblebine, S.G.: Authentic data publication over the internet. Journal of Computer Security 11(3), 291–314 (2003)
Frank, A., Asuncion, A.: UCI machine learning repository (2010)
Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Super-efficient verification of dynamic outsourced databases. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 407–424. Springer, Heidelberg (2008)
Hacigümüs, H., Mehrotra, S., Iyer, B.R.: Providing database as a service. In: ICDE, p. 29. IEEE Computer Society (2002)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Chaudhuri, S., Hristidis, V., Polyzotis, N. (eds.) SIGMOD Conference, pp. 121–132. ACM (2006)
Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)
Mouratidis, K., Sacharidis, D., Pang, H.: Partially materialized digest scheme: an efficient verification method for outsourced databases. VLDB J. 18(1), 363–381 (2009)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. In: NDSS, The Internet Society (2004)
Narasimha, M., Tsudik, G.: DSAC: integrity for outsourced databases with signature aggregation and chaining. In: Herzog, O., Schek, H.-J., Fuhr, N., Chowdhury, A., Teiken, W. (eds.) CIKM, pp. 235–236. ACM (2005)
Narasimha, M., Tsudik, G.: Authentication of outsourced databases using signature aggregation and chaining. In: Li Lee, M., Tan, K.-L., Wuwongse, V. (eds.) DASFAA 2006. LNCS, vol. 3882, pp. 420–436. Springer, Heidelberg (2006)
Nuckolls, G.: Verified query results from hybrid authentication trees. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 84–98. Springer, Heidelberg (2005)
Palazzi, B., Pizzonia, M., Pucacco, S.: Query racing: Fast completeness certification of query results. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security and Privacy XXIV. LNCS, vol. 6166, pp. 177–192. Springer, Heidelberg (2010)
Pang, H., Jain, A., Ramamritham, K., Tan, K.-L.: Verifying completeness of relational query results in data publishing. In: Özcan, F. (ed.) SIGMOD Conference, pp. 407–418. ACM (2005)
Pang, H., Zhang, J., Mouratidis, K.: Scalable verification for outsourced dynamic databases. PVLDB 2(1), 802–813 (2009)
Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004)
Wrembel, R., Koncilia, C.: Data warehouses and OLAP: concepts, architectures, and solutions. Gale virtual reference library. IRM Press (2007)
Yang, Y., Papadopoulos, S., Papadias, D., Kollios, G.: Spatial outsourcing for location-based services. In: Alonso, G., Blakeley, J.A., Chen, A.L.P. (eds.) ICDE, pp. 1082–1091. IEEE (2008)
Zheng, Q., Xu, S., Ateniese, G.: Efficient query integrity for outsourced dynamic databases. IACR Cryptology ePrint Archive, 2012:493 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rodríguez-Henríquez, L.M., Chakraborty, D. (2013). RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases. In: Accorsi, R., Ranise, S. (eds) Security and Trust Management. STM 2013. Lecture Notes in Computer Science, vol 8203. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41098-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-41098-7_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41097-0
Online ISBN: 978-3-642-41098-7
eBook Packages: Computer ScienceComputer Science (R0)