Abstract
Outsourcing data to the cloud becomes a trend for the users to reduce database management and maintenance cost. However, storing data on the cloud brings many security problems. Data privacy and query authentication are two critical issues to be resolved. Specially, they are important to aggregate queries of cloud data. The data owner must keep the sensitive data hidden and only the aggregate result is revealed to the clients and cloud service provider. Furthermore, the client can ensure that the aggregate results are correct and complete. In this paper, we adopt multi-party computation to realize privacy-preserving aggregate computation in which at least t cloud servers can jointly calculate the aggregate results without gaining any knowledge of sensitive data. In addition, we introduce an authenticated structure, called PAAT, to provide query authentication for aggregate result. The experimental results show that our scheme is feasible and has good performance in practice.
Similar content being viewed by others
References
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 35(1), 1–11 (2011)
Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)
Feng, D.-G., Zhang, M., Zhang, Y., Zhen, X.: Study on cloud computing security. J. Softw. 22(1), 71–83 (2011)
Ramgovind, S., Eloff, M.M., Smith, E.: The management of security in cloud computing. In: Proceedings of the Information Security for South Africa (ISSA), 2010, pp. 1–7. IEEE (2010)
Zhao, Y., Yu, J.X., Wang, G., Chen, L., Wang, B., Yu, G.: Maximal subspace coregulated gene clustering. IEEE Trans. Knowl. Data Eng. 20(1), 83–98 (2007)
Hacigum̈üş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp. 216–227. ACM (2002)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574. ACM (2004)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Advances in Cryptology—EUROCRYPT 2009, Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26–30, 2009, vol. 5479, pp. 224–241 (2009)
Mykletun, E., Tsudik, G.: Aggregation queries in the database-as-a-service model. In: Proceedings of the Data and Applications Security XX, pp. 89–103. Springer (2006)
Hacigumus, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted databases. In: Lecture Notes in Computer Science. vol. 2973, pp. 125–136 (2004)
Thompson, B., Haber, S., Horne, W.G., Sander, T., Yao, D.: Privacy preserving computation and verification of aggregate queries on outsourced databases. In: Proceedings of the Privacy Enhancing Technologies, pp. 185–201. Springer (2009)
Alzain, M.A., Li, A.S., Soh, B., Pardede, E.: Multi-cloud data management using Shamir’s secret sharing and quantum Byzantine agreement schemes. Int. J. Cloud Appl. Comput. 5(3), 35–52 (2015)
Emekci, F., Agrawal, D., Abbadi, A.E., Gulbeden, A.: Privacy preserving query processing using third parties. In: Proceedings of the 22nd International Conference on Data Engineering, 2006. ICDE’06. IEEE (2006)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Hadavi, M.A., Damiani, E., Jalili, R., Cimato, S., Ganjei, Z.: AS5: a secure searchable secret sharing scheme for privacy preserving database outsourcing. In: Data Privacy Management and Autonomous Spontaneous Security (2013)
Haber, S., Horne, W.G., Sander, T., Yao, D.: Privacy-aware verification of aggregate queries on outsourced databases with applications to historic data integrity. In: Proceedings of the Privacy Enhancing Technologies (2009)
Nath, S., Venkatesan, R.: Publicly verifiable grouped aggregation queries on outsourced data streams. Proceedings of the IEEE, International Conference on Data Engineering, pp. 517–528. IEEE (2013)
Zhuo, G., Jia, Q., Guo, L., Li, M., Li, P.: Privacy-preserving verifiable data aggregation and analysis for cloud-assisted mobile crowdsourcing. Proceedings of the IEEE INFOCOM 2016—the IEEE International Conference on Computer Communications, pp. 1–9. IEEE (2016)
Pang, H., Jain, A., Ramamritham, K., Tan, K.-L.: Verifying completeness of relational query results in data publishing. In: Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data, pp. 407–418. ACM (2005)
Narasimha, M., Tsudik, G.: Dsac: integrity for outsourced databases with signature aggregation and chaining. In: Proceedings of the 14th ACM International Conference on Information and Knowledge Management, pp. 235–236. ACM (2005)
Hong, J., Wen, T., Gu, Q., Sheng, G.: Query integrity verification based-on mac chain in cloud storage. In: Proceedings of the 2014 IEEE/ACIS 13th International Conference onComputer and Information Science (ICIS), pp. 125–129. IEEE (2014)
Min, Z., Cheng, H., Chi, C.: Server transparent query authentication of outsourced database. J. Comput. Res. Dev. 1, 028 (2010)
Merkle, R.C.: A certified digital signature. In: Advances in CryptologyCRYPTO89 Proceedings, pp. 218–238. Springer (1990)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, pp. 121–132. ACM (2006)
Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Super-efficient verification of dynamic outsourced databases. In Proceedings of the Topics in Cryptology–CT-RSA 2008, pp. 407–424. Springer (2008)
Papadopoulos, S., Yang, Y., Papadias, D.: CADS: continuous authentication on data streams. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 135–146. VLDB Endowment (2007)
Wen, T., Sheng, G., Guo, Q., Guo-Jun, S.: Query results authentication of outsourced append-only databases. J. Comput. Res. Dev. 49(10), 2077–2085 (2012)
Sheng, G., Tang, C., Han, H., Gao, W., Hu, X.: Authentication of outsourced linear function query with efficient updates. Clust. Comput. 9, 1–9 (2017)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Authenticated index structures for aggregation queries. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(4), 32 (2010)
Chen, Q., Hu, H., Xu, J.: Authenticated online data integration services. Proceedings of the ACM SIGMOD International Conference, pp. 167–181. ACM (2015)
Chandrasekhar, S., Singhal, M.: Efficient and scalable query authentication for cloud-based storage systems with multiple data sources. IEEE Trans. Serv. Comput. (2015)
Chandrasekhar, S., Singhal, M.: Multi-trapdoor hash functions and their applications in network security. In: Proceedings of the IEEE Conference on Communications and Network Security, pp. 463–471. IEEE (2014)
Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Proceedings of the Advances in CryptologyCRYPTO91, pp. 129–140. Springer (1992)
Durfee, G., Franklin, M.: Distribution chain security. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 63–70. ACM (2000)
Acknowledgements
This work was supported by the National Nature Science Foundation of China (Nos. 61772101, 61772124, 61170169 and 61170168), Shanxi Province Natural Science Foundation for Young (No. 201601D202038) and Fundamental Research Funds for the Central Universities (Nos. 02190022116016 and 02190022116008).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Hong, J., Wen, T., Guo, Q. et al. Privacy protection and integrity verification of aggregate queries in cloud computing. Cluster Comput 22 (Suppl 3), 5763–5773 (2019). https://doi.org/10.1007/s10586-017-1521-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-017-1521-0