Abstract
SaaS is an emerging model that allows tenants to host computation and data to cloud service providers. However, untrustworthy service providers might violate tenants’ data integrity by deleting, modifying and falsifying tenants’ data due to some benefits. So it is important for tenants to verify their query results integrity. In this paper, we propose a tenant query result authentication structure, called MTAS(Multi-tenant Authentication Structure), that applies to multi-tenant shared pivot-universal storage model. MTAS separates indexes with authentication structures to support isolation and customization characteristics of multi-tenant application. And we present composite authentication tree-PUA tree for tenant data in pivot table and universal table in MTAS. Comparing with traditional authentication tree approaches, PUA tree only needs one tree travel to get verification object(VO) corresponding to query results in pivot table and universal table. And PUA tree saves about 30% hash computing at verification stage.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aulbach, S., Jacobs, D., Kemper, A., Seibold, M.: A comparison of flexible schemas for software as a service. In: SIGMOD 2009, pp. 881–888 (2009)
Aulbach, S., Grust, T., Jacobs, D., Kemper, A., Rittinger, J.: Multi-Tenant Databases for Software as a Service: Schema-Mapping Techniques. In: SIGMOD (2008)
Weissman, C.D., Bobrowski, S.: The Design of the Force.com Multitenant Internet Application Development Platform. In: SIGMOD (2009)
Merkle, R.C.: A Certified Digital Signature. In: Crypto, pp. 218–238 (1989)
Devanbu, P.T., Gertz, M., Martel, C.U., Stubblebine, S.G.: Authentic Third-party Data Publication. In: DBSec, pp. 101–112 (2000)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: SIGMOD, pp. 121–132 (2006)
Papadopoulos, S., Yang, Y., Papadias, D.: Continuous authentication on relational streams. VLDB J (VLDB) 19(2), 161–180 (2010)
Comer, D.: Ubiquitous B-Tree. ACM Computing Surveys 11(2), 121–137 (1979)
Wei, W., Yu, T., Xue, R.: iBigTable: practical data integrity for bigtable in public cloud. In: CODASPY, pp. 341–352 (2013)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Authenticated Index Structures for Aggregation Queries. ACM Trans. Inf. Syst. Secur (TISSEC) 13(4), 32 (2010)
Pang, H., Zhang, J., Mouratidis, K.: Scalable Verification for Outsourced Dynamic Databases. In: PVLDB, vol. 2(1), pp. 802–813 (2009)
Mouratidis, K., Sacharidis, D., Pang, H.: Partially Materialized Digest Scheme: An Efficient Verification Method for Outsourced Databases. International Journal on Very Large Data Bases 18(1), 363–381 (2009)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. TOS 2(2), 107–138 (2006)
Narasimha, M., Tsudik, G.: Authentication of Outsourced Databases Using Signature Aggregation and Chaining. In: Li Lee, M., Tan, K.-L., Wuwongse, V. (eds.) DASFAA 2006. LNCS, vol. 3882, pp. 420–436. Springer, Heidelberg (2006)
Pang, H., Jain, A., Ramamritham, K., Tan, K.-L.: Verifying Completeness of Relational Query Results in Data Publishing. In: ACM SIGMOD, pp. 407–418 (2005)
Xie, M., Wang, H., Yin, J., Meng, X.: Integrity Auditing of Outsourced Data. In: Proceedings of the 33rd International Conference on Very Large Data Bases (VLDB 2007), pp. 782–793 (2007)
Xie, M., Wang, H., Yin, J., Meng: Providing, X.: freshness guarantees for outsourced databases. In: EDBT 2008, pp. 323–332 (2008)
Wang, H., Yin, J., Perng, C., Yu, P.: Dual encryption for query integrity assurance. In: Proceedings of the 17th ACM Conference on Information and Knowledge Management (CIKM 2008), pp. 863–872 (2008)
Shi, Y., Zhang, K., Li, Q.: Meta-data Driven Data Chunk Based Secure Data Storage for SaaS. JDCTA 5(1), 173–185 (2011)
Brown, A., Chase, J.S.: Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications. In: CCSW 2011, pp. 15–20 (2011)
Alsouri, S., Feller, T., Malipatlolla, S., Katzenbeisser, S.: Hardware-based Security for Virtual Trusted Platform Modules. CoRR abs/1308.1539 (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Lin, L., Qingzhong, L., Lanju, K., Yuliang, S. (2014). Tenant-Oriented Composite Authentication Tree for Data Integrity Protection in SaaS. In: Li, F., Li, G., Hwang, Sw., Yao, B., Zhang, Z. (eds) Web-Age Information Management. WAIM 2014. Lecture Notes in Computer Science, vol 8485. Springer, Cham. https://doi.org/10.1007/978-3-319-08010-9_42
Download citation
DOI: https://doi.org/10.1007/978-3-319-08010-9_42
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08009-3
Online ISBN: 978-3-319-08010-9
eBook Packages: Computer ScienceComputer Science (R0)