Abstract
The notion of verifiable database (VDB) plays an important role in secure outsourcing of data storage, which allows a client, typically a resource-constraint one, to outsource the large-scale databases to an untrusted server and make retrieval and update queries. For each query request, the server responds with a query result and a proof which is used to verify the result. Plenty of research work has been done on designing efficient VDB schemes in the past years. However, it seems that all of the existing VDB schemes are presented in the amortized model. That is, all existing VDB schemes require a prohibitively expensive pre-processing stage. As a result, the overhead for the initialization algorithm (e.g., the key generation algorithm) is too heavy to afford by the client. Furthermore, VDB schemes can only ensure the integrality of the whole database. However, it is incapable of verifying a segment of the database and localizing the tampered record efficiently when the database is tampered with. In this paper, we firstly propose a new primitive called Vector Commitment Tree (VCT), in which each node is a vector commitment (VC) of its q children. Then, we utilize VCT as a building block to propose a hierarchical verifiable database scheme (HVDB) with scalable updates, which supports the hierarchical verification and the tampered record localization. Besides, HVDB can also greatly reduce the burden of initialization algorithm of VDB schemes. Finally, the analysis and experimental results show that the proposed HVDB scheme can achieve the desired security requirements and improve the efficiency for practical application.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
For the sake of clarity, in the rest of this paper, we will use Q instead of q to denote the total number of a outsourced database records.
This assumption is reasonable, because Q is typically the maximum size of a database, and the unused position can be set to some special value like null or 0 so as to be treated as other messages.
As pointed out in (Catalano and Fiore 2013), it is easy to extend the scheme to support arbitrary messages in \(\{0, 1\}^*\) by employing a collision-resistant hash function \(H:\{0, 1\}^* \rightarrow {\mathbb {Z}}_p\).
For security, we suggest that a verification of \(t_x'\) should be executed here, although few of the previous works have considered this verification.
References
Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I et al (2010) A view of cloud computing. Commun ACM 53(4):50–58
Benabbas S, Gennaro R, Vahlis Y (2011) Verifiable delegation of computation over large datasets. In: Annual Cryptology Conference, Springer, pp 111–131
Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I (2009) Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Gener Comput Syst 25(6):599–616
Catalano D, Fiore D (2013) Vector commitments and their applications. In: Public Key Cryptography, Springer, pp 55–72
Chang X, Yang Y (2017) Semisupervised feature analysis by mining correlations among multiple tasks. IEEE Trans Neural Netw Learn Syst 28(10):2294–2305
Chen X, Li J, Huang X, Li J, Xiang Y, Wong DS (2014a) Secure outsourced attribute-based signatures. IEEE Trans Parallel Distrib Syst 25(12):3285–3294
Chen X, Li J, Ma J, Tang Q, Lou W (2014b) New algorithms for secure outsourcing of modular exponentiations. IEEE Trans Parallel Distrib Syst 25(9):2386–2396
Chen X, Huang X, Li J, Ma J, Lou W, Wong DS (2015a) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans Inf Forensics Secur 10(1):69–78
Chen X, Li J, Huang X, Ma J, Lou W (2015b) New publicly verifiable databases with efficient updates. IEEE Trans Dependable Secure Comput 12(5):546–556
Chen X, Li J, Weng J, Ma J, Lou W (2016) Verifiable computation over large database with incremental updates. IEEE Trans Comput 65(10):3184–3195
Chow R, Golle P, Jakobsson M, Shi E, Staddon J, Masuoka R, Molina J (2009) Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM workshop on Cloud computing security, pp 85–90
Gennaro R, Gentry C, Parno B (2010) Non-interactive verifiable computing: outsourcing computation to untrusted workers. In: Annual Cryptology Conference, Springer, pp 465–482
Gentry C, Halevi S (2011) Implementing gentry’s fully-homomorphic encryption scheme. EUROCRYPT, Springer 6632:129–148
Goldwasser S, Kalai YT, Rothblum GN (2016) Delegating computation: interactive proofs for muggles. J ACM 62(4):1–64
Li H, Lin X, Yang H, Liang X, Lu R, Shen X (2014a) Eppdr: an efficient privacy-preserving demand response scheme with adaptive key evolution in smart grid. IEEE Trans Parallel Distrib Syst 25(8):2053–2064
Li H, Yang Y, Dai Y, Bai J, Yu S, Xiang Y (2017a) Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data. IEEE Transactions on Cloud Computing PP (99):1–1. https://doi.org/10.1109/TCC.2017.2769645
Li J, Huang X, Li J, Chen X, Xiang Y (2014b) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210
Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Li P, Li J, Huang Z, Gao CZ, Chen WB, Chen K (2017b) Privacy-preserving outsourced classification in cloud computing. Cluster Computing pp 1–10. https://doi.org/10.1007/s10586-017-0849-9
Liu X, Zhang Y, Wang B, Yan J (2013) Mona: secure multi-owner data sharing for dynamic groups in the cloud. IEEE Trans Parallel Distrib Syst 24(6):1182–1191
Miao M, Wang J, Ma J, Susilo W (2017) Publicly verifiable databases with efficient insertion/deletion operations. J Comput Syst Sci 86:49–58
Motahari-Nezhad HR, Stephenson B, Singhal S (2009) Outsourcing business to cloud computing services: opportunities and challenges. IEEE Internet Comput 10(4):1–17
Pallis G, Vakali A (2006) Insight and perspectives for content delivery networks. Commun ACM 49(1):101–106
Reingold O, Rothblum GN, Rothblum RD (2016) Constant-round interactive proofs for delegating computation. In: Proceedings of the forty-eighth annual ACM symposium on Theory of Computing, pp 49–62
Rittinghouse JW, Ransome JF (2016) Cloud computing: implementation, management, and security. CRC Press, Inc., Boca Raton
Shen J, Zhou T, Chen X, Li J, Susilo W (2018) Anonymous and traceable group data sharing in cloud computing. IEEE Trans Inf Forensics Secur 13(4):912–925
Spagna S, Liebsch M, Baldessari R, Niccolini S, Schmid S, Garroppo R, Ozawa K, Awano J (2013) Design principles of an operator-owned highly distributed content delivery network. IEEE Commun Mag 51(4):132–140
Stergiou C, Psannis KE, Kim BG, Gupta B (2018) Secure integration of iot and cloud computing. Future Gen Comput Syst 78:964–975
Stojmenovic I, Wen S, Huang X, Luan H (2016) An overview of fog computing and its security issues. Concurr Comput: Pract Exp 28(10):2991–3005
Takabi H, Joshi JB, Ahn GJ (2010) Security and privacy challenges in cloud computing environments. IEEE Secur Priv 8(6):24–31
Tang S, Li X, Huang X, Xiang Y, Xu L (2016) Achieving simple, secure and efficient hierarchical access control in cloud computing. IEEE Trans Comput 65(7):2325–2331
Vimercati SDCD, Foresti S, Jajodia S, Paraboschi S, Samarati P (2007) A data outsourcing architecture combining cryptography and access control. In: ACM Workshop on Computer Security Architecture, pp 63–69
Vu V, Setty S, Blumberg AJ, Walfish M (2013) A hybrid architecture for interactive verifiable computation. In: IEEE Symposium on Security and Privacy (SP), pp 223–237
Wang C, Ren K, Lou W, Li J (2010) Toward publicly auditable secure cloud data storage services. IEEE Netw 24(4):19–24
Wang C, Chow SS, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375
Wen S, Haghighi MS, Chen C, Xiang Y, Zhou W, Jia W (2015) A sword with two edges: propagation studies on both positive and negative information in online social networks. IEEE Trans Comput 64(3):640–653
Wu J, Ping L, Ge X, Wang Y, Fu J (2010) Cloud storage as the infrastructure of cloud computing. In: International Conference on Intelligent Computing and Cognitive Informatics (ICICCI), IEEE, pp 380–383
Xiao Z, Xiao Y (2013) Security and privacy in cloud computing. IEEE Commun Surv Tutor 15(2):843–859
Zhang L, Safavi-Naini R (2014) Verifiable delegation of computations with storage-verification trade-off. In: European Symposium on Research in Computer Security, Springer, pp 112–129
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61
Acknowledgements
This work is supported by National Natural Science Foundation of China (No. 61572382), Key Project of Natural Science Basic Research Plan in Shaanxi Province of China (No. 2016JZ021), China 111 Project (No. B16037), Guangxi Cooperative Innovation Center of cloud computing and Big Data (No. YD17X07), and Guangxi Colleges and Universities Key Laboratory of cloud computing and complex systems(No. YF17103).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, Z., Chen, X., Li, J. et al. HVDB: a hierarchical verifiable database scheme with scalable updates. J Ambient Intell Human Comput 10, 3045–3057 (2019). https://doi.org/10.1007/s12652-018-0757-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-018-0757-8