Skip to main content
SpringerLink
Log in

Continuous authentication on relational streams

  • Regular Paper
  • Published:
The VLDB Journal Aims and scope Submit manuscript

Abstract

According to the database outsourcing model, a data owner delegates database functionality to a third-party service provider, which answers queries received from clients. Authenticated query processing enables the clients to verify the correctness of query results. Despite the abundance of methods for authenticated processing in conventional databases, there is limited work on outsourced data streams. Stream environments pose new challenges such as the need for fast structure updating, support for continuous query processing and authentication, and provision for temporal completeness. Specifically, in addition to the correctness of individual results, the client must be able to verify that there are no missing results in between data updates. This paper presents a comprehensive set of methods covering relational streams. We first describe REF, a technique that achieves correctness and temporal completeness but incurs false transmissions, i.e., the provider has to inform the clients whenever there is a data update, even if their results are not affected. Then, we propose CADS, which minimizes the processing and transmission overhead through an elaborate indexing scheme and a virtual caching mechanism. In addition, we present an analytical study to determine the optimal indexing granularity, and extend CADS for the case that the data distribution changes over time. Finally, we evaluate the effectiveness of our techniques through extensive experiments.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. SIGMOD (2004)

  2. Atallah, M.J., Cho, Y., Kundu, A.: Efficient data authentication in an environment of untrusted third-party distributors. ICDE (2008)

  3. Babcock, B., Chaudhuri, S., Das, G.: Dynamic sample selection for approximate query processing. SIGMOD (2003)

  4. de Berg M., van Kreveld M., Overmars M., Schwarzkopf O.: Computational Geometry: Algorithms and Applications. Springer-Verlag, New York (1997)

    MATH  Google Scholar 

  5. Cheng, W., Pang, H., Tan, K.-L.: Authenticating multi-dimensional query results in data publishing. DBSec (2006)

  6. Damiani, E., Vimercati, C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. CCS (2003)

  7. Datta V., Vandermeer D., Celik A., Kumar V.: Broadcast protocols to support efficient retrieval from databases by mobile users. ACM TODS 24(1), 1–79 (1999)

    Article  Google Scholar 

  8. Devanbu P., Gertz M., Martel C., Stubblebine S.: Authentic data publication over the Internet. J. Comput. Secur. 11(3), 291–314 (2003)

    Google Scholar 

  9. Getoor, L., Taskar, B., Koller, D.: Selectivity estimation using probability models. SIGMOD (2001)

  10. Goodrich, M., Tamassia, R., Triandopoulos, N., Cohen, R.: Authenticated data structures for graph and geometric searching. CT-RSA (2003)

  11. Guha, S., Shim, K., Woo, J.: Rehist: Relative Error Histogram Construction Algorithms. VLDB (2004)

  12. Hacıgümü ş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. SIGMOD (2002)

  13. Hacıgümüş, H., Iyer, B., Mehrotra, S.: Providing databases as a service. ICDE (2002)

  14. Kundu, A., Bertino, E.: Structural signatures for tree data structures. VLDB (2008)

  15. Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. SIGMOD (2006)

  16. Li, F., Yi, K., Hadjieleftheriou, M., Kollios, G.: Proof-infused streams: enabling authentication of sliding window queries on streams. VLDB (2007)

  17. Martel C., Nuckolls G., Devanbu P., Gertz M., Kwong A., Stubblebine S.: A general model for authenticated data structures. Algorithmica 39(1), 21–41 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  18. Merkle, R.: A certified digital signature. CRYPTO (1989)

  19. Mykletun, E., Narasimha, M., Tsudik, G.: Signature bouquets: immutability for aggregated/condensed signatures. ESORICS (2004)

  20. Narasimha, M., Tsudik, G.: Authentication of outsourced databases using signature aggregation and chaining. DASFAA (2006)

  21. National Institute of Standards and Technology. FIPS PUB 180-1: Secure Hash Standard. National Institute of Standards and Technology (1995)

  22. Pang, H., Jain, A., Ramamritham, K., Tan, K.-L.: Verifying completeness of relational query results in data publishing. SIGMOD (2005)

  23. Pang, H., Mouratidis, K.: Authenticating the query results of text search engines. VLDB (2008)

  24. Pang, H., Tan, K.-L.: Authenticating query results in edge computing. ICDE (2004)

  25. Rivest R.L., Shamir A., Adleman L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  26. Sion, R.: Query execution assurance for outsourced databases. VLDB (2005)

  27. Tamassia, R., Triandopoulos, N.: Efficient content authentication in peer-to-peer networks. International Conference on Applied Cryptography and Network Security (2007)

  28. Wong, W.K., Cheung, D., Hung, E., Kao, B., Mamoulis, N.: Security in outsourcing of association rule mining. VLDB (2007)

  29. Xie, M., Wang, H., Yin, J., Meng, X.: Integrity audit of outsourced data. VLDB (2007)

  30. Yang Y., Papadopoulos S., Papadias D., Kollios G.: Authenticated indexing for outsourced spatial databases. VLDB J. 18(3), 631 (2009)

    Article  Google Scholar 

  31. Yang, Y., Papadopoulos, S., Papadias, D., Kollios, G.: Spatial outsourcing for location-based services. ICDE (2008)

  32. Yi, K., Li, F., Hadjieleftheriou, M., Kollios, G., Srivastava, D.: Randomized synopses for query assurance on data streams. ICDE (2008)

  33. Zobel, J., Moffat, A.: Inverted files for text search engines. ACM Comput. Surv. 38(2), (2006)

Download references

Author information

Authors and Affiliations

  1. The Hong Kong University of Science and Technology, Clear Water Bay, Hong Kong, China

    Stavros Papadopoulos, Yin Yang & Dimitris Papadias

Authors
  1. Stavros Papadopoulos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dimitris Papadias
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dimitris Papadias.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Papadopoulos, S., Yang, Y. & Papadias, D. Continuous authentication on relational streams. The VLDB Journal 19, 161–180 (2010). https://doi.org/10.1007/s00778-009-0145-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00778-009-0145-2

Keywords

Search

Navigation