Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Authentic data publication over the internet
Journal of Computer Security - IFIP 2000
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Data-centric storage in sensornets with GHT, a geographic hash table
Mobile Networks and Applications
Authenticating Query Results in Edge Computing
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Verifying completeness of relational query results in data publishing
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Data storage placement in sensor networks
Proceedings of the 7th ACM international symposium on Mobile ad hoc networking and computing
Fast binary and multiway prefix searches for packet forwarding
Computer Networks: The International Journal of Computer and Telecommunications Networking
Microhash: an efficient index structure for fash-based sensor devices
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
PRESTO: a predictive storage architecture for sensor networks
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
An Approximation Algorithm for Data Storage Placement in Sensor Networks
WASA '07 Proceedings of the International Conference on Wireless Algorithms,Systems and Applications
A privacy-preserving index for range queries
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Collaborative enforcement of firewall policies in virtual private networks
Proceedings of the twenty-seventh ACM symposium on Principles of distributed computing
Access Control Friendly Query Verification for Outsourced Data Publishing
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Secure multidimensional range queries in sensor networks
Proceedings of the tenth ACM international symposium on Mobile ad hoc networking and computing
Conjunctive, subset, and range queries on encrypted data
TCC'07 Proceedings of the 4th conference on Theory of cryptography
SafeQ: secure and efficient query processing in sensor networks
INFOCOM'10 Proceedings of the 29th conference on Information communications
Authenticating multi-dimensional query results in data publishing
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Authentication of outsourced databases using signature aggregation and chaining
DASFAA'06 Proceedings of the 11th international conference on Database Systems for Advanced Applications
Algorithms for packet classification
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
The architecture of two-tiered sensor networks, where storage nodes serve as an intermediate tier between sensors and a sink for storing data and processing queries, has been widely adopted because of the benefits of power and storage saving for sensors as well as the efficiency of query processing. However, the importance of storage nodes also makes them attractive to attackers. In this paper, we propose SafeQ, a protocol that prevents attackers from gaining information from both sensor collected data and sink issued queries. SafeQ also allows a sink to detect compromised storage nodes when they misbehave. To preserve privacy, SafeQ uses a novel technique to encode both data and queries such that a storage node can correctly process encoded queries over encoded data without knowing their values. To preserve integrity, we propose two schemes--one using Merkle hash trees and another using a new data structure called neighborhood chains--to generate integrity verification information so that a sink can use this information to verify whether the result of a query contains exactly the data items that satisfy the query. To improve performance, we propose an optimization technique using Bloom filters to reduce the communication cost between sensors and storage nodes.