Skip to main content
SpringerLink
Log in

Authenticated Index Structures for Outsourced Databases

  • Chapter
Handbook of Database Security

Summary

In an outsourced database (ODB) system the database owner publishes data through a number of remote servers, with the goal of enabling clients at the edge of the network to access and query the data more efficiently. As servers might be untrusted or can be compromised, query authentication becomes an essential component of ODB systems. In this chapter we present three techniques to authenticate election range queries and we analyze their performance over different cost metrics. In addition, we discuss extensions to other query types.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hacigumus, H., Iyer, B.R., Mehrotra, S.: Providing database as a service. In: Proc. of International Conference on Data Engineering (ICDE). (2002) 29–40

    Google Scholar 

  2. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proc. of Very Large Data Bases (VLDB). (2004) 720–731

    Google Scholar 

  3. Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: Proc. of ACM Management of Data (SIGMOD). (2000) 439–450

    Google Scholar 

  4. Evfimievski, A., Gehrke, J., Srikant, R.: Limiting privacy breaches in privacy preserving data mining. In: Proc. of ACM Symposium on Principles of Database Systems (PODS). (2003) 211–222

    Google Scholar 

  5. Hacigumus, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database service provider model. In: Proc. of ACM Management of Data (SIGMOD). (2002) 216–227

    Google Scholar 

  6. Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: Proc. of Very Large Data Bases (VLDB). (2003) 898–909

    Google Scholar 

  7. Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: Proc. of ACM Management of Data (SIGMOD). (2004) 551–562

    Google Scholar 

  8. Bouganim, L., Ngoc, F.D., Pucheral, P., Wu, L.: Chip-secured data access: Reconciling access rights with data encryption. In: Proc. of Very Large Data Bases (VLDB). (2003) 1133–1136

    Google Scholar 

  9. Pang, H., Jain, A., Ramamritham, K., Tan, K.L.: Verifying completeness of relational query results in data publishing. In: Proc. of ACM Management of Data (SIGMOD). (2005) 407–418

    Google Scholar 

  10. Sion, R.: Query execution assurance for outsourced databases. In: Proc. of Very Large Data Bases (VLDB). (2005) 601–612

    Google Scholar 

  11. Anagnostopoulos, A., Goodrich, M., Tamassia, R.: Persistent authenticated dictionaries and their applications. In: ISC. (2001) 379–393

    Google Scholar 

  12. Goodrich, M., Tamassia, R., Triandopoulos, N., Cohen, R.: Authenticated data structures for graph and geometric searching. In: CT-RSA. (2003) 295–313

    Google Scholar 

  13. Tamassia, R., Triandopoulos, N.: Computational bounds on hierarchical data processing with applications to information security. In: ICALP. (2005) 153–165

    Google Scholar 

  14. Li, F., Yi, K., Hadjieleftheriou, M., Kollios, G.: Proof-infused streams: Enabling authentication of sliding window queries on streams. In: Proc. of Very Large Data Bases (VLDB). (2007)

    Google Scholar 

  15. Papadopoulos, S., Yang, Y., Papadias, D.: CADS: Continuous authentication on data streams. In: Proc. of Very Large Data Bases (VLDB). (2007)

    Google Scholar 

  16. McCurley, K.: The discrete logarithm problem. In: Proc. of the Symposium in Applied Mathematics, American Mathematical Society (1990) 49–74

    Google Scholar 

  17. National Institute of Standards and Technology: FIPS PUB 180-1: Secure Hash Standard. National Institute of Standards and Technology (1995)

    Google Scholar 

  18. Wang, X., Yin, Y., Yu, H.: Finding collisions in the full sha-1. In: CRYPTO. (2005)

    Google Scholar 

  19. Wang, X., Yao, A., Yao, F.: New collision search for SHA-1 (2005) Presented at the rump session of Crypto 2005.

    Google Scholar 

  20. Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2) (1988) 96–99

    Article  MathSciNet  Google Scholar 

  21. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM (CACM) 21(2) (1978) 120–126

    Article  MATH  MathSciNet  Google Scholar 

  22. Pang, H., Tan, K.L.: Authenticating query results in edge computing. In: Proc. of International Conference on Data Engineering (ICDE). (2004) 560–571

    Google Scholar 

  23. Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. In: Symposium on Network and Distributed Systems Security (NDSS). (2004)

    Google Scholar 

  24. Narasimha, M., Tsudik, G.: Dsac: Integrity of outsourced databases with signature aggregation and chaining. In: Proc. of Conference on Information and Knowledge Management (CIKM). (2005) 235–236

    Google Scholar 

  25. Mykletun, E., Narasimha, M., Tsudik, G.: Signature bouquets: Immutability for aggregated/condensed signatures. In: European Symposium on Research in Computer Security (ESORICS). (2004) 160–176

    Google Scholar 

  26. Merkle, R.C.: A certified digital signature. In: Proc. of Advances in Cryptology (CRYPTO). (1989) 218–238

    Google Scholar 

  27. Naor, M., Nissim, K.: Certificate revocation and certificate update. In: Proceedings 7th USENIX Security Symposium (San Antonio, Texas). (1998)

    Google Scholar 

  28. Martel, C., Nuckolls, G., Devanbu, P., Gertz, M., Kwong, A., Stubblebine, S.: A general model for authenticated data structures. Algorithmica 39(1) (2004) 21–41

    Article  MATH  MathSciNet  Google Scholar 

  29. Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proc. of ACM Management of Data (SIGMOD). (2006)

    Google Scholar 

  30. Comer, D.: The ubiquitous B-tree. ACM Computing Surveys 11(2) (1979) 121–137

    Article  MATH  Google Scholar 

  31. Cheng, W., Pang, H., Tan, K.: Authenticating multi-dimensional query results in data publishing. In: DBSec. (2006)

    Google Scholar 

  32. Nuckolls, G.: Verified query results from hybrid authentication trees. In: DBSec. (2005) 84–98

    Google Scholar 

  33. Micali, S.: Efficient certificate revocation. Technical Report MIT/LCS/TM-542b, Massachusetts Institute of Technology, Cambridge, MA (1996)

    Google Scholar 

  34. Narasimha, M., Tsudik, G.: Authentication of outsourced databases using signature aggregation and chaining. In: DASFAA. (2006) 420–436

    Google Scholar 

  35. Lazaridis, I., Mehrotra, S.: Progressive approximate aggregate queries with a multi-resolution tree structure. In: Proc. of ACM Management of Data (SIGMOD). (2001) 401–412

    Google Scholar 

  36. Tao, Y., Papadias, D.: Range aggregate processing in spatial databases. IEEE Transactions on Knowledge and Data Engineering (TKDE) 16(12) (2004) 1555–1570

    Article  Google Scholar 

  37. Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Authenticated index sturctures for aggregation queries in outsourced databases. Technical report, CS Dept., Boston University (2006)]

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Florida State University, Florida

    Feifei Li

  2. AT&T Labs Inc., NJ

    Marios Hadjileftheriou

  3. Computer Science Department, Boston University, Boston

    George Kollios & Leonid Reyzin

Authors
  1. Feifei Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marios Hadjileftheriou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. George Kollios
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Leonid Reyzin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Computer Science, University of California at Davis, One Shields Avenue, Davis, CA 95616-8562

    Michael Gertz

  2. George Mason University Center for Secure Information Systems Research I, Suite 417, Fairfax, VA 22030-4444

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer Science+Business Media, LLC.

About this chapter

Cite this chapter

Li, F., Hadjileftheriou, M., Kollios, G., Reyzin, L. (2008). Authenticated Index Structures for Outsourced Databases. In: Gertz, M., Jajodia, S. (eds) Handbook of Database Security. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-48533-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-48533-1_5

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-48532-4

  • Online ISBN: 978-0-387-48533-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation