Access Control Friendly Query Verification for Outsourced Data Publishing

  • Hong Chen
  • Xiaonan Ma
  • Windsor Hsu
  • Ninghui Li
  • Qihua Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5283)


Outsourced data publishing is a promising approach to achieve higher distribution efficiency, greater data survivability, and lower management cost. In outsourced data publishing (sometimes referred to as third-party publishing), a data owner gives the content of databases to multiple publishers which answer queries sent by clients. In many cases, the trustworthiness of the publishers cannot be guaranteed; therefore, it is important for a client to be able to verify the correctness of the query results. Meanwhile, due to privacy concerns, it is also required that such verification does not expose information that is outside a client’s access control area. Current approaches for verifying the correctness of query results in third-party publishing either do not consider the privacy preserving requirement, or are limited to one dimensional queries. In this paper, we introduce a new scheme for verifying the correctness of query results while preserving data privacy. Our approach handles multi-dimensional range queries. We present both theoretical analysis and experimental results to demonstrate that our approach is time and space efficient.


Access Control Range Query Query Result Data Privacy Security Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Devanbu, P., Gertz, M., Martel, C., Stubblebine, S.: Authentic data publication over the internet. Journal of Computer Security 11, 291–314 (2003)CrossRefzbMATHGoogle Scholar
  2. 2.
    Luo, Q., Krishnamurthy, S., Mohan, C., Pirahesh, H., Woo, H., Lindsay, B.G., Naughton, J.F.: Middle-tier database caching for e-business. In: SIGMOD (2002)Google Scholar
  3. 3.
    Saroiu, S., Gummadi, K.P., Dunn, R.J., Gribble, S.D., Levy, H.M.: An analysis of internet content delivery systems. SIGOPS Oper. Syst. Rev. 36(SI) (2002)Google Scholar
  4. 4.
    Cheng, W., Pang, H., Tan, K.L.: Authenticating multi-dimensional query results in data publishing. In: Proceedings of the 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sophia Antipolis, France, pp. 60–73. Springer, Berlin (2006)Google Scholar
  5. 5.
    Hacigumus, H., Iyer, B.R., Mehrotra, S.: Providing database as a service. In: ICDE (2002)Google Scholar
  6. 6.
    Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: SIGMOD (2006)Google Scholar
  7. 7.
    Pang, H., Jain, A., Ramamritham, K., Tan, K.: Verifying completeness of relational query results in data publishing. In: SIGMOD (2005)Google Scholar
  8. 8.
    Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. In: NDSS (2004)Google Scholar
  9. 9.
    Goodrich, M., Tamassia, R., Schwerin, A.: Implementation of an authenticated dictionary with skip lists and commutative hashing. In: DISCEX II (2001)Google Scholar
  10. 10.
    Naor, M., Nissim, K.: Certificate revocation and certificate update. In: Proceedings of the 7th USENIX Security Symposium (January 1998)Google Scholar
  11. 11.
    Merkle, R.C.: Secrecy, Authentication, and Public Key Systems. Ph.D thesis, Stanford University (1979)Google Scholar
  12. 12.
    Martel, C., Nuckolls, G., Devanbu, P., Gertz, M., Kwong, A., Stubblebine, S.: A general model for authenticated data structures (2001)Google Scholar
  13. 13.
    Cheng, W., Pang, H., Tan, K.L.: Authenticating multi-dimensional query results in data publishing. In: DBSec (2006)Google Scholar
  14. 14.
    Pang, H., Tan, K.: Authenticating query results in edge computing. In: ICDE, pp. 560–571 (2004)Google Scholar
  15. 15.
    Haber, S., Horne, W., Sander, T., Yao, D.: Privacy-preserving verification of aggregate queries on outsourced databases. Technical Report HPL-2006-128, HP Labs (2006)Google Scholar
  16. 16.
    Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: VLDB, pp. 898–909 (2003)Google Scholar
  17. 17.
    Bertino, E., Carminati, B., Ferrari, E., Thuraisingham, B., Gupta, A.: Selective and authentic third-party distribution of xml documents. IEEE Transactions on Knowledge and Data Engineering 16(10), 1263–1278 (2004)CrossRefGoogle Scholar
  18. 18.
    Carminati, B., Ferrari, E., Bertino, E.: Securing xml data in third-party distribution systems. In: CIKM 2005: Proceedings of the 14th ACM international conference on Information and knowledge management, pp. 99–106. ACM, New York (2005)Google Scholar
  19. 19.
    Finkel, R.A., Bentley, J.L.: Quad trees: a data structure for retrieval on composite keys. Acta Informatica 4(1), 1–9 (1974)CrossRefzbMATHGoogle Scholar
  20. 20.
    Bentley, J.L., Shamos, M.I.: Divide-and-conquer in multidimensional space. In: STOC 1976: Proceedings of the eighth annual ACM symposium on Theory of computing, pp. 220–230. ACM, New York (1976)CrossRefGoogle Scholar
  21. 21.
    Agarwal, P., Erickson, J.: Geometric range searching and its relatives. Advances in Discrete and Computational GeometryContemporary Mathematics 223, 1–56 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Chiang, Y., Tamassia, R.: Dynamic algorithms in computational geometry. Proceedings of IEEE, Special Issue on Computational Geometry 80(9), 362–381 (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Hong Chen
    • 1
  • Xiaonan Ma
    • 2
  • Windsor Hsu
    • 2
  • Ninghui Li
    • 1
  • Qihua Wang
    • 1
  1. 1.CERIAS & Department of Computer SciencePurdue UniversityUSA
  2. 2.IBM Almaden Research CenterUSA

Personalised recommendations