Skip to main content
SpringerLink
Log in

An efficient key management scheme for user access control in outsourced databases

  • Published:
World Wide Web Aims and scope Submit manuscript

Abstract

Recently, researches on key management scheme for user access control in outsourced databases have been actively done. Because outsourced databases require dealing with a lot of users and data resources, an efficient key management scheme for reducing the number of authentication keys is required. However, the existing schemes have a critical problem that the cost of key management is rapidly increasing as the number of keys becomes larger. To solve the problem, we propose an efficient key management scheme for user access control in outsourced databases. For this, we propose an Resource Set Tree(RST)-based key generation algorithm to reduce key generation cost by merging duplicated data resources. In addition, we propose a hierarchical Chinese Remainder Theorem(CRT)-based key assignment algorithm which can verify a user permission to gain accesses to outsourced databases. Our algorithm can reduce key update cost because the redistribution of authentication keys is not required. We also provide the analytic cost models of our algorithms and verify the correctness of the theoretical analysis by comparing them with experiment results. Finally, we show from the performance analysis that the proposed scheme outperforms the existing schemes in terms of both key generation cost and update cost.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14
Figure 15
Figure 16
Figure 17

Similar content being viewed by others

References

  1. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In Proceedings of the 2004 ACM SIGMOD international conference on Management of data, pp. 563–574 (2004)

  2. Beaver, J., et al.: Improving the hybrid data dissemination model of web documents. World Wide Web. 11(3), 313–337 (2008)

    Article  Google Scholar 

  3. Blundoa, C., et al.: Managing key hierarchies for access control enforcement: heuristic schemees. Comput. Secur. 29(5), 533–547 (2010)

    Article  Google Scholar 

  4. Brodkin, J.: Gartner: seven cloud-computing security risks. Network World (2008)

  5. Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 (2009)

  6. Damiani, E., Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data encryption in outsourced dynamic environments. In: Proceedings of VODCA (2006)

  7. Hacigümüş, H., et al.: Executing SQL over encrypted data in the database-service-provider model. Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, ACM (2002)

  8. Hong,S.T., et al.: A hierarchical CRT-based user access control scheme using resource set tree on the cloud system. International Conference on Big Data and Smart Computing. 87–94 (2015). doi:10.1109/35021BIGCOMP.2015.7072816

  9. Khoshgozaran, A., Shahabi, C.: Private buddy search: enabling private spatial queries in social networks. In: Proceedings of the IEEE International Conference on Computational Science and Engineering, pp. 166–173 (2009)

  10. Kim, J.S., et al.: PARADISE: Big data analytics using the DBMS tightly integrated with the distributed file system. World Wide Web. 19(3), 299–322 (2016)

  11. Kim, H.I., et al.: Hilbert-curve based cryptographic transformation scheme for protecting data privacy on outsourced private spatial data. International Conference on Big Data and Smart Computing. (2014b). doi:10.1109/BIGCOMP.2014.6741411

    Google Scholar 

  12. Kong, Y., Seberry, J., Getta, J.R., Yu, P.: A cryptographic solution for general access control. Information Security (2005)

  13. Lee, W., Leung, C.K.-S., Lee, J.J.-H.: Mobile web navigation in digital ecosystems using rooted directed trees. IEEE Trans. Ind. Electron. 58(6), 2154–2162 (2011)

  14. Lee, W., et al.: Server authentication for blocking unapproved WOW access. International Conference on Big Data and Smart Computing. (2014). doi:10.1109/BIGCOMP.2014.6741427

    Google Scholar 

  15. Lim, J.H., et al.: System proposal and CRS model design applying personal information protection for BIG DATA analysis. International Conference on Big Data and Smart Computing. (2014). doi:10.1109/BIGCOMP.2014.6741442

    Google Scholar 

  16. Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: Proceedings of the 29th VLDB Conference (2003)

  17. Narayanan, A., Thiagarajan, N., Lakhani, M., Hamburg, M., Boneh, D.: Location privacy via private proximity testing. In: NDSS (2011)

  18. Odelu, V., Das, A.K., Goswami, A.: A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Inform. Sci. 269, 270–285 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  19. Terefe, M.B., Oh, S.: Web service proxy architecture using WS-eventing for reducing SOAP traffic. Journal of Information Technology and Architecture, 10(2), 159–167 (2013)

  20. Tourani, P., Hadavi, M.A., Jalili, R.: Access Control Enforcement on Outsourced Data Ensuring Privacy of Access Control Policies. In: 2011 International Conference on High Performance Computing and Simulation (HPCS) (2011)

  21. Vimercati, S.D.C., et al.: Private data indexes for selective access to outsourced data. Proceedings of the 10th annual ACM workshop on Privacy in the electronic society. ACM (2011)

  22. Wang, W., Li, Z., Owens, R., Bhargava, B.: Secure and efficient access to outsourced data. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security (2009)

  23. Wong, C.K., Gouda, M., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Trans. Networking. 28(4), 16–30 (2000)

    Article  Google Scholar 

  24. Yang, K., Jia, X.: Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web. 15(4), 409–428 (2012)

    Article  Google Scholar 

  25. Yie, M., Assent, I., Jensen, C., Kalnis, P.: Outsourced similarity search on metric data assets. IEEE Trans. Knowl. Data Eng. 24(2), 338–352 (2012)

    Article  Google Scholar 

  26. Yiu, M.L., Ghinita, G., Jensen, C.S., Kalnis, P. Enabling search services on outsourced private spatial data. VLDB J. 19(3), 363–384 (2010)

    Article  Google Scholar 

  27. Yoon, C.W., et al.: Dynamic Collaborative Cloud Service Platform: Opportunities and Challenges. ETRI J. 32(4), 634–637 (2010)

    Article  Google Scholar 

  28. Yoon, S.H., et al.: Behavior signature for big data traffic identification. International Conference on Big Data and Smart Computing. (2014). doi:10.1109/BIGCOMP.2014.6741448

    Google Scholar 

  29. Yu, S., et al.: Achieving secure, scalable and fine-grained data access control in cloud computing. In: IEEE INFOCOM (2010)

  30. Zhang, Q., et al.: A key management scheme for hierarchical access control in group communication. Int. J. Netw. Secur. 7(3), 323–334 (2008)

    Google Scholar 

Download references

Acknowledgments

This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. R0113-15-0005, Development of an Unified Data Engineering Technology for Large-scale Transaction Processing and Real-time Complex Analytics). This work was also supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2014065816).

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institute (ETRI), Daejeon, Republic of Korea

    Seungtae Hong

  2. Chonbuk National University, Jeonju, Republic of Korea

    Hyeong-Il Kim & Jae-Woo Chang

Authors
  1. Seungtae Hong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hyeong-Il Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jae-Woo Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jae-Woo Chang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hong, S., Kim, HI. & Chang, JW. An efficient key management scheme for user access control in outsourced databases. World Wide Web 20, 467–490 (2017). https://doi.org/10.1007/s11280-016-0408-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11280-016-0408-y

Keywords

Search

Navigation