research-article

Free access

Providing freshness guarantees for outsourced databases

Authors:

Xiaofeng MengAuthors Info & Claims

EDBT '08: Proceedings of the 11th international conference on Extending database technology: Advances in database technology

Pages 323 - 332

https://doi.org/10.1145/1353343.1353384

Published: 25 March 2008 Publication History

Abstract

Database outsourcing becomes increasingly attractive as advances in network technologies eliminate the perceived performance difference between in-house databases and out-sourced databases, and price advantages of third-party data-base service providers continue to increase due to economy of scale. However, the potentially explosive growth of database outsourcing is hampered by security concerns, namely data privacy and query integrity of outsourced databases. While privacy issues of outsourced databases have been extensively studied, query integrity for outsourced databases has just started to draw attention from the database community. Currently, there still does not exist a solution that can provide complete integrity. In particular, previous studies have not examined the mechanisms for providing freshness guarantees, that is, the assurance that queries are executed against the most up-to-date data, instead of just some version of the data in the past. Providing a practical solution for freshness guarantees is challenging because continuously monitoring data's up-to-dateness is expensive. In this paper, we perform a thorough study on how to add freshness guarantees over proposed schemes (including authenticated data structure-based and probabilistic-based approaches) to provide integrity assurance. We implement our solutions and perform extensive experiments to quantify the cost. Our experiment results show that we can provide reasonable tight freshness guarantees without sacrificing much performance.

References

[1]

Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. Order-preserving encryption for numeric data. In SIGMOD, 2004.

Digital Library

[2]

Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. Order-preserving encryption for numeric data. In Gerhard Weikum, Arnd Christian König, and Stefan Deßloch, editors, SIGMOD Conference, pages 563--574. ACM, 2004.

Digital Library

[3]

Mihir Bellare. Practice-oriented provable-security. In Eiji Okamoto, George I. Davida, and Masahiro Mambo, editors, ISW, volume 1396 of Lecture Notes in Computer Science, pages 221--231. Springer, 1997.

Digital Library

[4]

Mihir Bellare, Anand Desai, E. Jokipii, and Phillip Rogaway. A concrete security treatment of symmetric encryption. In FOCS, pages 394--403, 1997.

Digital Library

[5]

Premkumar T. Devanbu, Michael Gertz, Charles U. Martel, and Stuart G. Stubblebine. Authentic third-party data publication. In Bhavani M. Thuraisingham, Reind P. van de Riet, Klaus R. Dittrich, and Zahir Tari, editors, DBSec, volume 201 of IFIP Conference Proceedings, pages 101--112. Kluwer, 2000.

Digital Library

[6]

Hakan Hacigümüş, Balakrishna R. Iyer, Chen Li, and Sharad Mehrotra. Executing SQL over encrypted data in the database service provider model. In SIGMOD, 2002.

Digital Library

[7]

Hakan Hacigümüs, Balakrishna R. Iyer, Chen Li, and Sharad Mehrotra. Executing sql over encrypted data in the database-service-provider model. In Michael J. Franklin, Bongki Moon, and Anastassia Ailamaki, editors, SIGMOD Conference, pages 216--227. ACM, 2002.

Digital Library

[8]

Hakan Hacigümüs, Sharad Mehrotra, and Balakrishna R. Iyer. Providing database as a service. In ICDE, pages 29-. IEEE Computer Society, 2002.

Digital Library

[9]

Feifei Li, Marios Hadjieleftheriou, George Kollios, and Leonid Reyzin. Authenticated Index Structures Library. http://www.cs.fsu.edu/lifeifei/aisl/index.html.

[10]

Feifei Li, Marios Hadjieleftheriou, George Kollios, and Leonid Reyzin. Dynamic authenticated index structures for outsourced databases. In Surajit Chaudhuri, Vagelis Hristidis, and Neoklis Polyzotis, editors, SIGMOD Conference, pages 121--132. ACM, 2006.

Digital Library

[11]

Ralph C. Merkle. A certified digital signature. In Gilles Brassard, editor, CRYPTO, volume 435 of Lecture Notes in Computer Science, pages 218--238. Springer, 1989.

Digital Library

[12]

Einar Mykletun, Maithili Narasimha, and Gene Tsudik. Authentication and integrity in outsourced databases. In NDSS. The Internet Society, 2004.

[13]

HweeHwa Pang, Arpit Jain, Krithi Ramamritham, and Kian-Lee Tan. Verifying completeness of relational query results in data publishing. In Fatma Özcan, editor, SIGMOD Conference, pages 407--418. ACM, 2005.

Digital Library

[14]

Radu Sion. Query execution assurance for outsourced databases. In Klemens Böhm, Christian S. Jensen, Laura M. Haas, Martin L. Kersten, Per-Åke Larson, and Beng Chin Ooi, editors, VLDB, pages 601--612. ACM, 2005.

Digital Library

[15]

Min Xie, Haixun Wang, Jian Yin, and Xiaofeng Meng. Integrity auditing of outsourced data. In VLDB, 2007.

Digital Library

Cited By

De Capitani di Vimercati SForesti SJajodia SParaboschi SSamarati PSassi R(2023)Sentinels and Twins: Effective Integrity Assessment for Distributed ComputationIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2022.321586334:1(108-122)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TPDS.2022.3215863
Loporchio MBernasconi ADi Francesco Maesa DRicci L(2023)An Analysis of Bitcoin Dust Through Authenticated QueriesComplex Networks and Their Applications XI10.1007/978-3-031-21131-7_39(495-508)Online publication date: 26-Jan-2023
https://doi.org/10.1007/978-3-031-21131-7_39
Zhang BDong BWang W(2021)Integrity Authentication for SQL Query Evaluation on Outsourced Databases: A SurveyIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2019.294706133:4(1601-1618)Online publication date: 1-Apr-2021
https://doi.org/10.1109/TKDE.2019.2947061
Show More Cited By

Index Terms

Providing freshness guarantees for outsourced databases
1. Information systems
  1. Data management systems
    1. Database management system engines

Recommendations

Authentication and integrity in outsourced databases

In the Outsourced Database (ODB) model, entities outsource their data management needs to a third-party service provider. Such a service provider offers mechanisms for its clients to create, store, update, and access (query) their databases. This work ...
Efficient query integrity for outsourced dynamic databases
CCSW '12: Proceedings of the 2012 ACM Workshop on Cloud computing security workshop

As databases are increasingly outsourced to the cloud, data owners require various security assurances. This paper investigates one particular assurance, query integrity, by which a database querier (either the data owner or a third party) can verify ...
Privacy in outsourced databases

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

EDBT '08: Proceedings of the 11th international conference on Extending database technology: Advances in database technology

March 2008

762 pages

ISBN:9781595939265

DOI:10.1145/1353343

Conference Chair:
Noureddine Mouaddib,
General Chair:
Patrick Valduriez,
Program Chairs:
Alfons Kemper
Technische Universität München, Germany
,
Mokrane Bouzeghoub,
Volker Markl,
Laurent Amsaleg,
Ioana Manolescu,
Publications Chair:
Jens Teubner

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Conference

EDBT '08

EDBT '08: 11th International Conference on Extending Database Technology

March 25 - 29, 2008

Nantes, France

Acceptance Rates

Overall Acceptance Rate 7 of 10 submissions, 70%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
670
Total Downloads

Downloads (Last 12 months)76
Downloads (Last 6 weeks)9

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

De Capitani di Vimercati SForesti SJajodia SParaboschi SSamarati PSassi R(2023)Sentinels and Twins: Effective Integrity Assessment for Distributed ComputationIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2022.321586334:1(108-122)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TPDS.2022.3215863
Loporchio MBernasconi ADi Francesco Maesa DRicci L(2023)An Analysis of Bitcoin Dust Through Authenticated QueriesComplex Networks and Their Applications XI10.1007/978-3-031-21131-7_39(495-508)Online publication date: 26-Jan-2023
https://doi.org/10.1007/978-3-031-21131-7_39
Zhang BDong BWang W(2021)Integrity Authentication for SQL Query Evaluation on Outsourced Databases: A SurveyIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2019.294706133:4(1601-1618)Online publication date: 1-Apr-2021
https://doi.org/10.1109/TKDE.2019.2947061
Loporchio MBernasconi AMaesa DRicci L(2021)Authenticating Spatial Queries on Blockchain SystemsIEEE Access10.1109/ACCESS.2021.31329909(163363-163378)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3132990
Roisum HUrizar LYeh JSalisbury KMagette M(2019)Completeness Integrity Protection for Outsourced Databases Using Semantic Fake Data2019 4th International Conference on Communication and Information Systems (ICCIS)10.1109/ICCIS49662.2019.00046(222-228)Online publication date: Dec-2019
https://doi.org/10.1109/ICCIS49662.2019.00046
Wang ZWang LZhou THong JZhang H(2019)An Efficient Verification Way for the Encrypted EMRs Based on Sub_MB Tree2019 International Conference on Communications, Information System and Computer Engineering (CISCE)10.1109/CISCE.2019.00087(368-372)Online publication date: Jul-2019
https://doi.org/10.1109/CISCE.2019.00087
Miao MMa JHuang XWang Q(2018)Efficient Verifiable Databases With Insertion/Deletion Operations From Delegating Polynomial FunctionsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2017.275874613:2(511-520)Online publication date: Feb-2018
https://doi.org/10.1109/TIFS.2017.2758746
Rady MAbdelkader TIsmail R(2018)SCIQ-CD: A Secure Scheme to Provide Confidentiality and Integrity of Query results for Cloud Databases2018 14th International Computer Engineering Conference (ICENCO)10.1109/ICENCO.2018.8636118(225-230)Online publication date: Dec-2018
https://doi.org/10.1109/ICENCO.2018.8636118
Morovat KPanda B(2017)Verifying Integrity of Big Data in Cloud Databases2017 International Conference on Computational Science and Computational Intelligence (CSCI)10.1109/CSCI.2017.270(1548-1553)Online publication date: Dec-2017
https://doi.org/10.1109/CSCI.2017.270
De Capitani di Vimercati SForesti SJajodia SParaboschi SSamarati P(2016)Efficient integrity checks for join queries in the cloud1Journal of Computer Security10.3233/JCS-16054524:3(347-378)Online publication date: 8-Jun-2016
https://doi.org/10.3233/JCS-160545
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten