Abstract
In spatial database outsourcing, a data owner delegates its data management tasks to a location-based service (LBS), which indexes the data with an authenticated data structure (ADS). The LBS receives queries (ranges, nearest neighbors) originating from several clients/subscribers. Each query initiates the computation of a verification object (VO) based on the ADS. The VO is returned to the client that can verify the result correctness using the public key of the owner. Our first contribution is the MR-tree, a space-efficient ADS that supports fast query processing and verification. Our second contribution is the MR*-tree, a modified version of the MR-tree, which significantly reduces the VO size through a novel embedding technique. Finally, whereas most ADSs must be constructed and maintained by the owner, we outsource the MR- and MR*-tree construction and maintenance to the LBS, thus relieving the owner from this computationally intensive task.
Similar content being viewed by others
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. SIGMOD (2004)
Agrawal P., de Berg M., Gudmundsson J., Hammar M., Haverkroft H.: Box-trees and R-trees with near-optimal query time. Discret. Comput. Geom. 28(3), 291–312 (2002)
de Berg M., van Kreveld M., Overmars M., Schwarzkopf O.: Computational Geometry: Algorithms and Applications. Springer, Heidelberg (1997)
Beckmann, N., Kriegel, H.-P., Schneider, R., Seeger, B.: The R*-tree: an efficient and robust access method for points and rectangles. SIGMOD (1990)
Cheng, W., Tan, K.-L.: Query assurance verification for outsourced multi-dimensional databases. J. Comput. Secur. (to appear)
Cheng, W., Tan, K.-L.: Authenticating kNN query results in data publishing. Secure Data Management (2007)
Cheng, W., Pang, H., Tan, K.-L.: Authenticating multi-dimensional query results in data publishing. DBSEC (2006)
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. VLDB (2007)
Crypto++ library.: www.eskimo.com/~weidai/benchmark.html
Devanbu P., Gertz M., Martel C., Stubblebine S.: Authentic data publication over the internet. J. Comput. Secur. 11(3), 291–314 (2003)
Datta V., Vandermeer D., Celik A., Kumar V.: Broadcast protocols to support efficient retrieval from databases by mobile users. ACM TODS. 24(1), 1–79 (1999)
Damiani, E., Vimercati, C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. CCS (2003)
Guttman, A.: R-trees: A dynamic index structure for spatial searching. SIGMOD (1984)
Goodrich, M., Tamassia, R., Triandopoulos, N., Cohen, R.: Authenticated data structures for graph and geometric searching. CT-RSA (2003)
Ge, T., Zdonik, S.: Answering aggregate queries in a secure system model. VLDB (2007)
Haber, S., Horne, W., Sander, T., Yao, D.: Privacy-preserving verification of aggregate queries on outsourced databases. HP Labs Tech-Report 2006-128 (2006)
Hacıgümüş, H., Iyer, B., Mehrotra, S.: Providing databases as a service. ICDE (2002)
Hacıgümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the data-service-provider model. SIGMOD (2002)
Hjaltason G., Samet H.: Distance browsing in spatial databases. ACM TODS. 24(2), 265–318 (1999)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. SIGMOD (2006)
Li, F., Yi, K., Hadjieleftheriou, M., Kollios, G.: Proof-infused streams: enabling authentication of sliding window queries on streams. VLDB (2007)
Merkle, R.: A certified digital signature. CRYPTO (1989)
Martel C., Nuckolls G., Devanbu P., Gertz M., Kwong A., Stubblebine S.: A general model for authenticated data structures. Algorithmica 39(1), 21–41 (2004)
Mykletun, E., Narasimha, M., Tsudik, G.: Signature bouquets: immutability for aggregated/condensed signatures. ESORICS (2004)
Menezes A., van Oorschot P., Vanstone S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Naor, M., Nissim, K.: Certificate revocation and certificate update. USENIX (1998)
Narasimha, M., Tsudik, G.: Authentication of outsourced databases using signature aggregation and chaining. DASFAA (2006)
Pang, H., Jain, A., Ramamritham, K., Tan, K.-L.: Verifying completeness of relational query results in data publishing. SIGMOD (2005)
Pagel, B., Six, H., Toben, H., Widmayer, P.: Towards an analysis of range query performance in spatial data structures. PODS (1993)
Papadias D., Tao Y., Fu G., Seeger B.: Progressive skyline computation in database systems. ACM TODS. 30(1), 41–82 (2005)
Pang, H., Tan, K.-L.: Authenticating query results in edge computing. ICDE (2004)
Papadopoulos, S., Yang, Y., Papadias, D.: CADS: continuous authentication on data streams. VLDB (2007)
R-tree portal.: www.rtreeportal.org
Sion R.: Query execution assurance for outsourced databases. VLDB (2005)
Theodoridis, Y., Sellis, T.: A model for the prediction of R-tree performance. PODS (1999)
Tamassia, R., Triandopoulos, N.: Efficient content authentication in Peer-to-Peer networks. ACNS (2007)
Wong, W., Cheung, D., Hung, E., Kao, B., Mamoulis, N.: Security in outsourcing of association rule mining. VLDB (2007)
Xie, M., Wang, H., Yin, J., Meng, X. Integrity audit of outsourced data. VLDB (2007)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Yang, Y., Papadopoulos, S., Papadias, D. et al. Authenticated indexing for outsourced spatial databases. The VLDB Journal 18, 631–648 (2009). https://doi.org/10.1007/s00778-008-0113-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00778-008-0113-2