Browse > Article
http://dx.doi.org/10.5626/JOK.2015.42.1.97

A Query Result Integrity Assurance Scheme Using an Order-preserving Encryption Scheme in the Database Outsourcing Environment  

Jang, Miyoung (Chonbuk National Univ.)
Chang, Jae Woo (Chonbuk National Univ.)
Publication Information
Journal of KIISE / v.42, no.1, 2015 , pp. 97-106 More about this Journal
Abstract
Recently, research on database encryption for data protection and query result authentication methods has been performed more actively in the database outsourcing environment. Existing database encryption schemes are vulnerable to order matching and counting attack of intruders who have background knowledge of the original database domain. Existing query result integrity auditing methods suffer from the transmission overhead of verification object. To resolve these problems, we propose a group-order preserving encryption index and a query result authentication method based on the encryption index. Our group-order preserving encryption index groups the original data for data encryption and support query processing without data decryption. We generate group ids by using the Hilbert-curve so that we can protect the group information while processing a query. Finally, our periodic function based data grouping and query result authentication scheme can reduce the data size of the query result verification. Through performance evaluation, we show that our method achieves better performance than an existing bucket-based verification scheme, it is 1.6 times faster in terms of query processing time and produces verification data that is 20 times smaller.
Keywords
Database outsourcing; Database encryption scheme; Query result integrity auditing method; Hilbert-curve based encryption;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 D. Sacharidis, K. Mouratidis and D. Papadias, "k-Anonymity in the Presence of External Databases," IEEE Transactions on Knowledge and Data Engineering, 2010.
2 Y. Yang, D. Papadias, S. Papadopoulos and P. Kalnis, "Authentcated Join Processing in Outsourced Databases," ACM SIGMOD, 2009.
3 M. L. Yiu, G. Ghinita, C. S. Jensen and P. Kalnis, "Outsourcing Search Services on Private Spatial Data," IEEE International Conference on Data Engineering, 2009.
4 R. Agrawal, J. Kiernan, R. Srikant, Y. Xu, "Order Preserving Encryption for Numeric Data," Proc. of the ACM SIGMOD conf. on Management of Data, 2004.
5 H. Lee, J. Chang, "A Group Order-Preserving Encryption Scheme based on Periodic Functions for Efficient Query Processing on Encrypted Data," Journal of KIISE : Database, Vol. 41, No. 3, pp. 145- 154, Jun. 2014. (in Korean)   과학기술학회마을
6 D. Liu, S. Wang, "Programmable Order-Preserving Secure Index for Encrypted Database Query," IEEE 5th International Conference on Cloud Computing, 2012.
7 R. C. Merkle, "A certified digital signature," Proc. of CRYPTO 1989, Santa Barbara, CA, USA, Aug. 1989.
8 E. Mykletun, M. Narasimha, G. Tsudik, "Authentication and integrity in outsourced databases," Journal ACM Transactions on Storage (TOS), Vol. 2, No. 2, pp. 107-138, May 2006.
9 P. Devanbu, M. Gertz, C. Martel and S. Stubblebine, "Authentic data publication over the internet," Journal of Computer Security, Vol. 11, No. 3, pp. 291- 314, 2003.
10 M. Narasimha, G. Tsudik, "Authentication of outsourced databases using signature aggregation and chaining," Proc. of DASFAA, 2006.
11 J. Wang, X. Du, J. Lu and W. Lu, "Bucket‐based authentication for outsourced databases," Concurrency and Computation: Practice and Experience, Vol. 22, No. 9, pp. 1160-1180, 2010.   DOI
12 R. Rivest, A. Shamir, L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, Vol. 21, No. 2, pp. 120-126, 1978.   DOI
13 M. Jang, M. Yoon and J. Chang, "A Query Result Integrity Auditing Method based on Bitmap Encryption for Spatial Database Outsourcing," Journal of KIISE : Database, Vol. 41, No. 1, pp. 28-36, Feb. 2014. (in Korean)   과학기술학회마을
14 Y Theodoridis, R. Jefferson, O. Silva, and M. A. Nascimento, "On the Generation of Spatiotemporal Datasets," Proc. of SSTD, Vol. 1651, pp. 147-164, 1999.