Certifying Data from Multiple Sources

  • Glen Nuckolls
  • Chip Martel
  • Stuart G. Stubblebine
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 142)


Data integrity can be problematic when integrating and organizing information from many sources. In this paper we describe efficient mechanisms that enable a group of data owners to contribute data sets to an untrusted third-party publisher, who then answers users’ queries. Each owner gets a proof from the publisher that his data is properly represented, and each user gets a proof that the answer given to them is correct. This allows owners to be confident that their data is being properly represented and for users to be confident they are getting correct answers. We show that a group of data owners can efficiently certify that an untrusted third party publisher has computed the correct digest of the owners’ collected data sets. Users can then verify that the answers they get from the publisher are the same as a fully trusted publisher would provide, or detect if they are not. The results presented support selection and range queries on multi-attribute data sets and are an extension of earlier work on Authentic Publication which assumed that a single trusted owner certified all of the data.


Hash Function Data Item Range Query Data Owner Message Authentication Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    M. D. Berg, M. V. Kreveld, M. Overmars, and O. Schwarzkopf. Computational Geometry. Springer, New York, 2000.Google Scholar
  2. [2]
    A. Buldas, P. Laud, and H. Lipmaa. Eliminating counterevidence with applications to accountable certificate management. Journal of Computer Security, 10:273–296,2002.Google Scholar
  3. [3]
    A. Buldas, M. Roos, and J. Willemson. Undeniable replies for database queries. In Proceedings of the Fifth International Baltic Conference on DB and IS, volume 2, pages 215–226, 2002.Google Scholar
  4. [4]
    S. Charanjit and M. Yung. Paytree: Amortized signature for flexible micropayments. Second Usenix Workshop on Electronic Commerce Proceedings, 1996.Google Scholar
  5. [5]
    P. Devanbu, M. Gertz, A. Kwong, C. Martel, G. Nuckolls, and S. G. Stubblebine. Flexible authentication of xml documents. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8), pages 136–145, 2001.Google Scholar
  6. [6]
    P. Devanbu, M. Gertz, C. Martel, and S. G. Stubblebine. Authentic publication over the internet. Journal of Computer Security, 3(11):291–314, 2003.Google Scholar
  7. [7]
    P. Devanbu and S. Stubblebine. Stack and queue integrity on hostile platforms. IEEE Transactions on Software Engineering, 26(2), 2000.Google Scholar
  8. [8]
    M. Goodrich, R. Tamassia, N. Triandopoulos, and R. Cohen. Authenticated data structures for graph and geometric searching. Technical report, Center for Geometric Computing, Brown University, 2002.Google Scholar
  9. [9]
    S. Haber and W. S. Stornetta. How to timestamp a digital document. J. of Cryptology, 3(2), 1991.Google Scholar
  10. [10]
    Petros Maniatis and Mary Baker. Enabling the archival storage of signed documents. In Proceedings of the USENIX Conference on File and Storage Technologies (FAST 2002), pages 31–45, Monterey, CA, USA, January 2002. USENIX Association.Google Scholar
  11. [11]
    Petros Maniatis and Mary Baker. Secure history preservation through timeline entanglement. In Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 2002.Google Scholar
  12. [12]
    C. Martel, G. Nuckolls, P. Devanbu, M. Gertz, A. Kwong, and S. Stubblebine. A general model for authentic data publication. To appear in Algorithmica,
  13. [13]
    R.C. Merkle. Protocols for public key cryptosystems. In Proceedings of the IEEE Symposium on Security and Privacy, pages 122–134. IEEE Computer Society Press, 1980.Google Scholar
  14. [14]
    R.C. Merkle. A certified digital signature. Advances in Cryptology-Crypto’ 89, Lecture Notes in Computer Science, 435:218–238, 1990.MathSciNetGoogle Scholar
  15. [15]
    M. Naor and K. Nissim. Certificate revocation and certificate update. Proceedings of the 7th USENIX Security Symposium, 1998.Google Scholar
  16. [16]
    G. Nuckolls, C. Martel, and S. Stubblebine. Certifying data from multiple sources. Available at

Copyright information

© Springer Science + Business Media, Inc. 2004

Authors and Affiliations

  • Glen Nuckolls
    • 1
  • Chip Martel
    • 2
  • Stuart G. Stubblebine
    • 3
  1. 1.Department of Computer ScienceUniversity of TexasAustin
  2. 2.Department of Computer ScienceUniversity of CaliforniaDavis
  3. 3.Stubblebine Research LabsMadison

Personalised recommendations