A guide to the SQL standard
CRYPTO '89 Proceedings on Advances in cryptology
Database security
Building the data warehouse (2nd ed.)
Building the data warehouse (2nd ed.)
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Materialized views and data warehouses
ACM SIGMOD Record
Open problems in electronic commerce
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
An introduction to database systems (7th ed.)
An introduction to database systems (7th ed.)
SQL:1999: understanding relational language components
SQL:1999: understanding relational language components
Flexible authentication of XML documents
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Research Directions in Database Security
Research Directions in Database Security
Database System Concepts
Persistent Authenticated Dictionaries and Their Applications
ISC '01 Proceedings of the 4th International Conference on Information Security
Authentic Publication of XML Document Data
WISE '01 Proceedings of the Second International Conference on Web Information Systems Engineering (WISE'01) Volume 1 - Volume 1
Secure coprocessors in electronic commerce applications
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Authenticating Query Results in Edge Computing
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
Flexible authentication of XML documents
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
Dynamic authenticated index structures for outsourced databases
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
CADS: continuous authentication on data streams
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Proof-infused streams: enabling authentication of sliding window queries on streams
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Verifying Completeness of Relational Query Answers from Online Servers
ACM Transactions on Information and System Security (TISSEC)
Ensuring correctness over untrusted private database
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
Efficient Content Authentication in Peer-to-Peer Networks
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Scalable and efficient provable data possession
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Access Control Friendly Query Verification for Outsourced Data Publishing
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Security and privacy for geospatial data: concepts and research directions
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Query assurance verification for outsourced multi-dimensional databases
Journal of Computer Security - Selected papers from the Third and Fourth Secure Data Management (SDM) workshops
Partially materialized digest scheme: an efficient verification method for outsourced databases
The VLDB Journal — The International Journal on Very Large Data Bases
Authenticated indexing for outsourced spatial databases
The VLDB Journal — The International Journal on Very Large Data Bases
Small synopses for group-by query verification on outsourced data streams
ACM Transactions on Database Systems (TODS)
Continuous Spatial Authentication
SSTD '09 Proceedings of the 11th International Symposium on Advances in Spatial and Temporal Databases
Scalable verification for outsourced dynamic databases
Proceedings of the VLDB Endowment
How to authenticate graphs without leaking
Proceedings of the 13th International Conference on Extending Database Technology
On the cost of persistence and authentication in skip lists
WEA'07 Proceedings of the 6th international conference on Experimental algorithms
Continuous authentication on relational streams
The VLDB Journal — The International Journal on Very Large Data Bases
Super-efficient verification of dynamic outsourced databases
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Enabling search services on outsourced private spatial data
The VLDB Journal — The International Journal on Very Large Data Bases
SafeQ: secure and efficient query processing in sensor networks
INFOCOM'10 Proceedings of the 29th conference on Information communications
Efficient data structures for tamper-evident logging
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Query racing: fast completeness certification of query results
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Independently verifiable decentralized role-based delegation
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Secure authenticated comparisons
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Authentication of range query results in mapreduce environments
Proceedings of the third international workshop on Cloud data management
Implementing a tamper-evident database system
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
Computational bounds on hierarchical data processing with applications to information security
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Indexing information for data forensics
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Verified query results from hybrid authentication trees
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Efficient verification of web-content searching through authenticated web crawlers
Proceedings of the VLDB Endowment
Efficient query integrity for outsourced dynamic databases
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Privacy- and integrity-preserving range queries in sensor networks
IEEE/ACM Transactions on Networking (TON)
iBigTable: practical data integrity for bigtable in public cloud
Proceedings of the third ACM conference on Data and application security and privacy
Lightweight authentication of linear algebraic queries on data streams
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Verifying correctness of inner product of vectors in cloud computing
Proceedings of the 2013 international workshop on Security in cloud computing
Validating web content with senser
Proceedings of the 29th Annual Computer Security Applications Conference
CorrectDB: SQL engine with practical query authentication
Proceedings of the VLDB Endowment
| Hi-index | 0.00 |
Integrity critical databases, such as financial information used in high-value decisions, are frequently published over the Internet. Publishers of such data must satisfy the integrity, authenticity, and nonrepudiation requirements of clients. Providing this protection over public data networks is an expensive proposition. This is, in part, due to the difficulty of building and running secure systems. In practice, large systems can not be verified to be secure and are frequently penetrated. The negative consequences of a system intrusion at the publisher can be severe. The problem is further complicated by data and server replication to satisfy availability and scalability requirements.To our knowledge this work is the first of its kind to give general approaches for reducing the trust required of publishers of large databases. To do this, we separate the roles of data owner and data publisher. With a few digital signatures on the part of the owner and no trust required of a publisher, we give techniques based on Merkle hash trees that publishers can use to provide authenticity and nonrepudiation of the answer to database queries posed by a client. This is done without requiring a key to be held in an on-line system, thus reducing the impact of system penetrations. By reducing the trust required of the publisher, our solution is a step towards the publication of large databases in a scalable manner.