Abstract
We present a general method, based on the usage of typical DBMS primitives, for maintaining authenticated relational tables. The authentication process is managed by an application external to the DBMS, that stores just one hash information of the authentication structure. The method exploits techniques to represent hierarchical data structures into relational tables and queries that allow an efficient selection of the elements needed for authentication.
Keywords
This work was supported in part by grant IIS–0324846 from the National Science Foundation and a gift from IAM Technology, Inc.
Download to read the full chapter text
Chapter PDF
References
Web based Database Software Solutions On-Demand. http://www.teamdesk.net
Buldas, A., Laud, P., Lipmaa, H.: Accountable certificate management using undeniable attestations. In: ACM Conference on Computer and Communications Security, pp. 9–17 (2000)
Buldas, A., Roos, M., Willemson, J.: Undeniable replies for database queries. In: Proceedings of the Fifth International Baltic Conference on DB and IS, vol. 2, pp. 215–226 (2002)
Carminati, B.:Selective and authentic third-party distribution of xml documents. IEEE Transactions on Knowledge and Data Engineering. Fellow-Elisa Bertino and Member-Elena Ferrari and Fellow-Bhavani Thuraisingham and Senior Member-Amar Gupta. vol.16(10), pp.1263–1278 (2004)
Celko, J.: Joe Celko’s Trees and hierarchiesin SQL for smarties. Morgan-Kaufmann, Seattle, Washington, USA (2004)
Date, C.J.: Why is it so difficult to provide a relational interface to ims. In: Relational Database– Selected Writings, pp. 241–257. Addison-Wesley, London (1986)
Devanbu, P.T., Gertz, M., Martel, C.U., Stubblebine, S.G.: Authentic third-party data publication. In: Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security, Deventer, The Netherlands, pp. 101–112. Kluwer Academic Publishers, Dordrecht (2001)
Goodrich, M., Schwerin, A., Tamassia, R.: An efficient dynamic and distributed cryptographic accumulator. Technical report, Johns Hopkins Information (2000)
Goodrich, M., Tamassia, R.: Efficient authenticated dictionaries with skip lists and commutative hashing. Technical report, Johns Hopkins Information (2000)
Goodrich, M.T., Shin, M., Tamassia, R., Winsborough, W.H.: Authenticated dictionaries for fresh attribute credentials. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, Springer, Heidelberg (2003)
Goodrich, M.T., Tamassia, R.: Data Structures and Algorithms in Java. John Wiley & Sons, Inc, New York (2000)
Kocher, P.C.: On certificate revocation and validation. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 172–177. Springer, Heidelberg (1998)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: SIGMOD 2006. Proceedings of the 2006 ACM SIGMOD international conference on Management of data, pp. 121–132. ACM Press, New York (2006)
Martel, C., Nuckolls, G., Devanbu, P., Gertz, M., Kwong, A., Stubblebine, S.G.: A general model for authenticated data structures. Algorithmica 39(1), 21–41 (2004)
Meier, A., Dippold, R., Mercerat, J., Muriset, A., Untersinger, J., Eckerlin, R., Ferrara, F.: Hierarchical to relational database migration. IEEE Softw. 11(3), 21–27 (1994)
Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)
Miklau, G., Suciu, D.: Implementing a tamper-evident database system. In: ASIAN: 10th Asian Computing Science Conference, pp. 28–48 (2005)
Ian Munro, J., Papadakis, T., Sedgewick, R.: Deterministic skip lists. In: SODA 1992: Proceedings of the third annual ACM-SIAM symposium on Discrete algorithms, Philadelphia, PA, USA, pp. 367–375 (1992)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. Trans. Storage 2(2), 107–138 (2006)
Naor, M., Nissim, K.: Certificate revocation and certificate update. In: Proceedings 7th USENIX Security Symposium (January 1998)
Nuckolls, G., Martel, C., Stubblebine, S.: Certifying data from multiple sources. In: EC 2003. Proceedings of the 4th ACM conference on Electronic commerce, New York, pp. 210–211. ACM Press, New York (2003)
Caspio Bridge online database. http://www.caspio.com
Pang, H., Jain, A., Ramamritham, K., Tan, K.: Verifying completeness of relational query results in data publishing. In: SIGMOD Conference, pp. 407–418 (2005)
Pang, H., Tan, K.: Authenticating query results in edge computing. In: ICDE 2004. Proceedings of the 20th International Conference on Data Engineering, Washington, DC, USA, p. 560. IEEE Computer Society, Los Alamitos (2004)
Livebase project Blog on Web-based db. http://livebase.blog.com/1142527/
Pugh, W.: Skip lists: A probabilistic alternative to balanced trees. In: Workshop on Algorithms and Data Structures, pp. 437–449 (1989)
Sion, R.: Query execution assurance for outsourced databases. In: VLDB 2005, pp. 601–612. VLDB Endowment (2005)
Tamassia, R., Triandopoulos, N.: On the cost of authenticated data structures. Technical report, Brown University (2003)
Tamassia, R.: Authenticated data structures. In: Di Battista, G., Zwick, U. (eds.) ESA 2003. LNCS, vol. 2832, Springer, Heidelberg (2003)
online database Zoho Creator. http://creator.zoho.com
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Di Battista, G., Palazzi, B. (2007). Authenticated Relational Tables and Authenticated Skip Lists. In: Barker, S., Ahn, GJ. (eds) Data and Applications Security XXI. DBSec 2007. Lecture Notes in Computer Science, vol 4602. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73538-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-73538-0_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73533-5
Online ISBN: 978-3-540-73538-0
eBook Packages: Computer ScienceComputer Science (R0)