期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种服务器透明的外包数据库查询验证方法 被引量:17

Server Transparent Query Authentication of Outsourced Database
在线阅读 下载PDF
导出
摘要 查询验证作为外包数据库(ODB)重要安全需求之一,旨在向用户证明其所得查询结果集的正确性与完备性.目前大多数查询认证方法以服务器为验证中心,这不仅需要扩展数据库服务器功能,而且增加了服务器负担.提出一种服务器透明模式的查询验证方法(签名链,简称CES),将验证对象(VO)嵌于外包数据库表内部,数据库服务器通过常规的数据库服务实现数据内容与验证对象的检索.该方法避免了对服务器功能扩展或成为计算瓶颈,并且保证了ODB并发更新操作时VO的一致性. With the rapid growth of database outsourcing,the security concerns in the outsourced database (ODB) paradigm are receiving more and more attentions. Query authentication is one of the important security requirements which enable the database clients to verify the authenticity and the completeness of the query results. Currently several query verification schemes are proposed based on the specially designed authentication data structures (ADS),in which the DBMS computes verification object (VO) for each query,and returns the result together with its VO. Since this "server-centric" model requires the functional extensions of DBMS and the modification of communication protocols,it will inevitably affect the application in practice. In this paper the authors propose a server transparent query authentication method called chain embedded signature (CES),which embeds the VO inside the ODB,therefore it supports the query authentication with commercial DBMS and standard SQL commands. This transparency also frees the server from heavy verification tasks,and prevents it from becoming the bottleneck of performance. Furthermore,since the VOs are stored inside ODB,the consistency of them is promised by the database transaction mechanism. The cost analysis and experimental results show that the time and space overhead are reasonable to be deployed in real systems.
作者 张敏 洪澄 陈驰
机构地区 中国科学院软件研究所信息安全国家重点实验室
出处 《计算机研究与发展》 EI CSCD 北大核心 2010年第1期182-190,共9页 Journal of Computer Research and Development
基金 国家"八六三"高技术研究发展计划基金项目(2007AA120404 2007AA120405)
关键词 查询验证 外包数据库(ODB) 验证对象(VO) 签名链(CES) 服务器透明 query authentication outsourced database(ODB) verification object(VO) chain embedded signature(CES) server transparent
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献13

  • 1Cheng W, Pang H, Tan K. Authenticating multidimensional query results in data publishing [C] // LNCS4127: Proc of the 20th IFIP 11. 3 Working Conf on Data and Applications Security (DBSEC 2006). Berlin: Springer, 2006:60-73.
  • 2Devanbu P, Gertz M, Martel C, et al. Stubblebine. Authentic third-party data publication [OL]. p2009-06-05]. http://seelab, cs. ucdavis.edu/-devanbu/authdbpub, pdf.
  • 3Merkle R C. A certified digital signature [C] //LNCS435: Proc of the 9th Annual Int Cryptology Conf on Advances in Cryptology (CRYPTO 1989). Berlin: Springer, 1989: 218- 238.
  • 4Li F, Hadjieleftheriou M, et al. Dynamic authenticated index structures for outsourced databases [C]//Proc of the 2006 ACM SIGMOD Int Conf on Management of Data (SIGMOD 2006). New York: ACM, 2006:121-132.
  • 5Li F, Yi K, Hadjieleftheriou M, et al. Proof-infused streams: Enabling authentication of sliding windows queries on streams [C] //Proc of the 33rd Int Conf on Very Large Data Bases ( VLDB 2007 ): Vienna, Austria: VLDB Endowment, 2007: 147-158.
  • 6Yang Y, Papadopoulos S, Papadias D, et al. Spatial outsourcing for location-based services [C] //Proc of the 24th Int Conf on Data Engineering CA: IEEE Computer Society, (ICDE 2008). Los Alamitos, 2008: 1082-1091.
  • 7Mykletun E, Tsudik G. Aggregation queries in the databaseas-a-service model [C]//LNCS4127: Proc of the 20th IFIP 11. 3 Working Conf on Data and Applications Security (DBSEC 2006). Berlin: Springer, 2006:89-103.
  • 8Mykletun E, Narasimha M, Tsudik G. Authentication and integrity in outsourced databases [J]. ACM Trans on Storage, 2006, 2(2) : 107-138.
  • 9Narasimha M, Tsudik G. DSAC: Integrity of outsourced databases with signature aggregation and chaining [C]//Proc of the ACM Conf on Information and Knowledge Management. New York: ACM, 2005:235-236.
  • 10Pang H, Tan K -L. Authenticating query results in edge computing [C] //Proc of the 20th Int Conf on Data Engineering. Los Alamitos, CA: IEEE Computer Society, 2004: 560-571.

同被引文献123

  • 1卿斯汉,周永彬,张振峰,刘娟.认证字典及其在PKI中的应用研究[J].电子学报,2004,32(8):1356-1359. 被引量:2
  • 2孟小峰,周龙骧,王珊.数据库技术发展趋势[J].软件学报,2004,15(12):1822-1836. 被引量:177
  • 3罗永龙,黄刘生,荆巍巍,徐维江.空间几何对象相对位置判定中的私有信息保护[J].计算机研究与发展,2006,43(3):410-416. 被引量:44
  • 4严和平,汪卫,施伯乐.安全数据库的推理控制[J].软件学报,2006,17(4):750-758. 被引量:11
  • 5朱勤,于守健,乐嘉锦,骆轶姝.外包数据库系统安全机制研究[J].计算机科学,2007,34(2):152-156. 被引量:17
  • 6Hacigumus H,Iyer B,Mehrotra S.Providing Database as a Service[C]//Proc.of the 18th International Conference on Data Engineering.Washington D.C,USA:IEEE Computer Society,2002.
  • 7Trusted Computing Group.TPM Specification Version 1.2[EB/OL].(2006-06-13).https://www.trustedcomputinggroup.org.
  • 8Arrarwal G,Mishra N,Pinks B.Secure Computation of the kth-Ranked Element[C]//Proc.of International Conference on the Theory and Applications of Cryptographic Techniques.Berlin,Germany:Springer-Verlag,2004.
  • 9Agrawal G,Bawa M,Ganesan P,et al.Two Can Keep a Secret:A Distributed Architecture for Secure Database Services[C]//Proc.of the 2nd Biennial Conference on Innovative Data Systems Research.Asilomar,USA:[s.n.],2005.
  • 10Ciriani V,Vimercati D,Foresti S,et al.Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients[C]//Lecture Notes in Computer Science.Berlin,Germany:Springer-Verlag,2009.

引证文献17

二级引证文献175

计算机研究与发展
2010年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部