Abstract
We propose a communication-efficient authentication scheme to authenticate query results disseminated by untrusted data publishing servers. In our scheme, signatures of multiple tuples in the result set are aggregated into one and thus the communication overhead incurred by the signature keeps constant. Next attr-MHTs (tuple based Merkle Hash Tree) are built to further reduce the communication overhead incurred by auxiliary authentication information (AAI). Besides the property of communication-efficiency, our scheme also supports dynamic SET operations (UNION, INTERSECTION) and dynamic JOIN with immunity to reordering attack.
Keywords
References
Bernstein, P., Goodman, N.: Concurrency control in districuted database systems. ACM Computing Surveys 13(2), 185–221 (1981)
Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)
Date, C.J.: An introduction to database systems, 4th edn. Addison-Wesley, Reading (1985)
Date, C.J., Darwen, H.: A guide to the SQL Standard, 4th edn. Addison-Wesley, Reading (1997)
Deng, R.H., Wu, Y., Ma, D.: Securing JPEG2000 Code-Streams. In: International Workshop on Advanced Developments in Software and Systems Security (December 2003)
Devanbu, P., Gertz, M., Kwong, A., Martel, C., Nuckolls, G., Stubblebine, G.: Flexible authentication of XML documents. In: Proc. of the 8th ACM conference on Computer and Communication Security, pp. 136–145 (2001)
Devanbu, P., Gertz, M., Kwong, A., Stubblebine, S.: Authentic data publication over the internet. In: 14th UFIP 11.3 Working Conference in Database Security, pp. 102–112 (2002)
Goodrich, M.T., Tamassia, R., Schwerin, A.: Implementation of an Authenticated Dictionary with Skip Lists and Commutative Hashing. In: Proc. of DISCEX II 2001, vol. 2, pp. 1068–1083 (2001)
Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. In: NDSS 2004 (February 2004)
Naor, M., Nissim, K.: Certificate Revocation and Certificate Update. In: Proc. of the 7th USENIX Security Symposium, pp. 217–230 (1999)
Pang, H.H., Tan, K.L.: Autehticating query results in edge computing. In: ICDE 2004 (March 2004)
Rivest, R., Shamir, A.: PayWord and MicroMint–Two Simple Micropayment Schemes. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 69–87. Springer, Heidelberg (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ma, D., Deng, R.H., Pang, H., Zhou, J. (2005). Authenticating Query Results in Data Publishing. In: Qing, S., Mao, W., López, J., Wang, G. (eds) Information and Communications Security. ICICS 2005. Lecture Notes in Computer Science, vol 3783. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11602897_32
Download citation
DOI: https://doi.org/10.1007/11602897_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30934-5
Online ISBN: 978-3-540-32099-9
eBook Packages: Computer ScienceComputer Science (R0)