Ensuring correctness over untrusted private database

Authors:
Sarvjeet Singh;Sunil Prabhakar
Affiliations:
Purdue University, West Lafayette, IN;Purdue University, West Lafayette, IN
Venue:
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
Year:
2008

Citing 10
Cited 3

Flexible authentication of XML documents

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A Certified Digital Signature

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Authentic data publication over the internet

Journal of Computer Security - IFIP 2000
Providing Database as a Service

ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Authenticating Query Results in Edge Computing

ICDE '04 Proceedings of the 20th International Conference on Data Engineering
Privacy preserving mining of association rules

Information Systems - Knowledge discovery and data mining (KDD 2002)
Privacy-Preserving Distributed Mining of Association Rules on Horizontally Partitioned Data

IEEE Transactions on Knowledge and Data Engineering
Tamper detection in audit logs

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Vision paper: enabling privacy for the paranoids

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
A privacy-preserving index for range queries

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30

Query racing: fast completeness certification of query results

DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Authenticated Index Structures for Aggregation Queries

ACM Transactions on Information and System Security (TISSEC)
CorrectDB: SQL engine with practical query authentication

Proceedings of the VLDB Endowment

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we address the problem of ensuring the correctness of query results returned by an untrusted private database. The database owns the data and may modify it at any time. The querier is allowed to execute queries over this database; however it may not learn anything more than the result of these legal queries. The querier does not necessarily trust the database and would like the owner to furnish proof that the data has not been modified in response to recent events such as the submission of the query. We develop two metrics that capture the correctness of query answers and propose a range of solutions that provide a trade-off between the degree of exposure of private data, and the overhead of generation and verification of the proof. Our proposed solutions are tested on real data through implementation using PostgreSQL.