7/28/2019 06047135

1/5

A Completeness and Freshness Guarantee Scheme for Outsourced

Database

Dai Jiazhu1,* Zhang Yurong1,# Li Xin2,3,

Luo Shuangyan1,

1 School of Computer Engineering and Science Shanghai UniversityShanghai 200072

2The Third Research Institute of Ministry of Public Security, Shanghai 310027

3Shanghai Chen Rui Information Technology Corporation, Shanghai 310027

* daijz@shu.edu.cn

#zhyrcn@163.com

ndlixin@sina.com

+sukishuangyan@126.com

AbstractOutsourced database system

(ODS) has become more and more popular

recently. In ODS, the database is outsourced

on the third-party service provider andusually the providers are untrusted. Thus, the

security of the outsourced database become

an important challenge, the ODS must

introduce some mechanisms to protect the

security of the database information. Previous

work has used encryption to provide the

protection for the privacy and confidentiality

of the database, and integrity can be

guaranteed by adopting one-way hash

function. In contrast, the other aspects of

security, especially freshness and

completeness, are important issues but have

not been researched in detail. In this paper,

we develop a mechanism to provide freshness

guarantee while ensuring the completeness. In

our mechanism, we use small amounts of data

insertion in the outsourced database, called

fake attribute, to achieve our goals.

Keywords-outsourced database; security;freshness, completeness; fake attribute

I. INTRODUCTIONWith the great progress of Internet technologies,

outsourced database become more and more

attractive, meanwhile, Outsourced Database

System (ODS) has gain great improvement in

performance and optimization. The gap between

local database and the outsourced one become

smaller and smaller. Also, compared with

traditional database, outsourced database has

many advantages: reducing equipment costs,

on-demand lease, flexible management and so

on. As shown in Figure 1, there are three roles in

ODS: database owner, the third-party service

provider and the user.

Figure 1 An Outsourced database system (ODS)

2011 Second International Conference on Networking and Distributed Computing

978-0-7695-4427-4/11 $26.00 2011 IEEE

DOI 10.1109/ICNDC.2011.48

201

7/28/2019 06047135

2/5

In this scenario, the database owners upload and

store the data on the service provide. When users

want to access the data, they will send the search

request to the service provider, and the provider

will send the query results.

In normal circumstances or in local databasesystem, users can trust the results sent back by

the provider. But in outsourced scenario, the

service provider is untrusted, so outsourced

database presents many challenges, and the

security of the data becomes a concern of the

users. It is important to provide a mechanism for

the users to verify the data and decide to trust

and accept the sent back query results or not. In

ODS, the security contains the following

aspects: privacy, integrity, completeness and

freshness. The privacy, also called

confidentiality means only authorized users can

get the data. This problem can be solved by

taking encryption method. The integrity means

the results received by the users are not

destroyed or tampered by attacker, the integrity

can be guaranteed by adopting one-way hash

function signature. Much research has been done

in these two areas. In contrast completeness,

especially freshness has drawn people's attention

just recently [6,7,8,9,10]. Concretely, the

completeness means the query results contains

all the tuples that satisfy the search requests

without any omission, and the freshness means

the query results received by client is up-to-date

instead of the outdated data. Research in these

areas is very little [7]. In this paper, we use the

additional attribute which we called fake

attribute to provide completeness and freshness

guarantee.

Structure of this paper is as follows. In section 2,

we introduce the previous work related to

provide completeness and freshness guarantee

for outsourced database. In section 3, we

describe our solution to this problem. In section

4, we will analyze the security and performance

of the proposed solution and draw the

conclusion. In section 5 we summarize our

solution and outline the future work.

II. RELATED WORKAuthenticating query results from untrusted

databases has been an active area of research in

the past few years.In this section we introduce

some related research in this area. In theoutsourced scenario data were created by a

trusted source and encrypted before outsourcing

to the untrusted remote service provider.

Extensive related work exists on authenticated

data structures. Its usually employing

encryption and one way hash function to

protect the privacy and integrity of the

outsourced database. In this paper, we will focus

more on the other two issues: completeness and

freshness. Research on these issues has made

some achievements. In[1] author proposed a

solution to protect the integrity based on

Merkles Hash Tree(MHT)[2], and MHT

become one of the most common method.

Despite MHT has many advantages, such as just

signing on the root node and saving storage

space, it also has some serious drawbacks:

before signature, the database tuples must be

sorted, and it cannot support dynamic update

well, because with any update it must build a

new MHT, that is a time consuming work. [4]

introduced MB (Merkle B-tree)to improve the

MHT, and [5] generalized the Merkle hash tree

ideas to work with DAG (Directed Acyclic

Graph) structure. In [6][7] author introduced a

mechanism called fake tuples to provide

integrity and freshness guarantee, they achieved

the goal by checking the fake tuples only known

by the owner and users. But this method must

update the fake tuples frequently and the user

should maintain some deterministic functions in

order to make sure the fake tuples inserted into

the ODS in a certain time, also it is a

probabilistic approach.[11]introduced a query

execution proofs, a cryptographic proof

mechanism that showed queries were actually

executed, and this solution mainly focused on

read-only queries.

202

7/28/2019 06047135

3/5

In this paper, we introduce a new mechanism to

provide completeness and freshness guarantee

for ODS. Analysis shows that in the

precondition of guaranteeing the completeness

and freshness, our solution can save storage

space and reduce the cost of transmission. In thefollowing text we will describe our solution in

detail.

III. OUR METHOD FOR COMPLETENESSAND FRESHNESS GUARANTEE

In this section we first introduce some concepts

that we will use in our solution, then present the

details of the proposed approach.

A. PreliminariesHomomorphic encryption. In 2009, Craig Gentry

showed the first fully homomorphic encryption

scheme as announced by IBM on June

25.Homomorphic encryption is a form of

encryption where a specific algebraic operation

performed on the plaintext is equivalent to

another (possibly different) algebraic operation

performed on the ciphertext. Depending on one's

viewpoint, this can be seen as either a positive or

negative attribute of the cryptosystem.

Homomorphic encryption schemes are malleable

by design. The homomorphic property of various

cryptosystems can be used to create secure

voting systems, collision-resistant hash

functions, private information retrieval schemesand enable widespread use of cloud computing

by ensuring the confidentiality of processed

data[12].

Fake attribute. In this paper, we consider a

database that contains many tuples

T, ai is an attribute of the

To and ai can be any type of data, such as

numeric, string, etc. In order to achieve the

anticipatory goal and realize our mechanism, we

add a fake attribute called af into the original

tuple, and the tuple changes to Tf. In our paper we suppose

that the fake attribute af is numeric for

simplicity, and for every tuple we add an

attribute which is different from the others, the

reason we will introduce in the following text.

Figure 2 shows the procedure.

Figure 2 New Tuple Structure

TTP(Trusted Third-Party). A trusted third party

(TTP) is an entity which facilitates interactions

between two parties who both trust the third

party; The Third Party reviews all critical

transaction communications between the parties,

based on the case of creating fraudulent digital

content. In TTP models, the relying parties use

this trust to secure their own interactions [13]. In

a word you can trust the data receiving from the

TTP.

In the following paper, we will introduce how to

realize our solution using fake attribute and hash

function.

B. The Verification ProcedureIn our mechanism there are four participants:

Database owner, the third-party service provider,

user and TTP (Trusted Third-Party). We have

introduced all participants in the earlier

paragraph.

Compared with Figure 1, we introduce TTP into

our mechanism which we use to store the

verification object. Before transmitting the

database to the service provider, the owner

should make some processing: First, the owner

inserts fake attributes f1,f2,f3,fn into the

original tuples, and then encrypts the tuples, here

the original tuples can be encrypted with the

same or different keys according to access con-

trol policies, but the fake attribute in a same da-

tabase must use a particular key, because in the

203

7/28/2019 06047135

4/5

next we will use fake attribute to get a check

value ,if the fake attribute is encrypted using

different keys, homomorphic encryption will not

work. We suppose the fake attribute is encrypted

using key k, then the value become

k(f1),k(f2),k(f3),,k(fn). After that the ownerwill adopt homomorphic encryption to compute

the cryptographic check value, here we use +

operation:

sum=k(f1)+k(f2)+k(f3)++k(fn)

At last the owner will store the encrypted

database on the service provider, and meanwhile

transmit the check value sum to the TTP. We

will use this check value to verify thecompleteness and freshness of the search results

sent back by the service provider.

Figure 3 Realization Mechanism

Figure 3 shows the specific process, we describe

it in detail as follows:

The owner stores the encrypted databasethat contains fake attribute on the service

provider.

The owner transmits the cryptographiccheck valuesum to the TTP.

When one authenticated user wants toaccess the database, he will send search

request to the service provider. The search

request contains two parts: the real search

request and the verification one. For the real

one user can receive the expected results

and for the verification one we want to

receive a check value sumgenerated by the

service provider. User will use sum to

verify the completeness and freshness. In

this paper we suppose the service provider

cannot distinguish the two parts.

Service provider sends back the searchresults according to users request, In this

request there is a check value sum.

At the same time the user gets thecryptographic check value sum from TTP,

and then comparing the two check values

sum and sum. if the two values are same

we are sure that the completeness and

freshness have been guaranteed. In this

condition, we will accept the result, on the

contrary, we will refuse that.

IV. SECURITY AND PERFORMANCEANALYSIS

In this paper we introduce an additional data

called fake attribute to provide completeness and

freshness guarantee. Our solution has the

following advantages:

1) Secure. For every tuple we use differentfake attribute, the malicious attackers will

not find the additional attribute is fake, so

they cannot falsify it. Using fake attribute

we have provided completeness and

freshness guarantee for ODS.

2) Efficient and simple. The fake attribute isjust a simple field, it only need little storage,

and generating the also consumes little

computing power. So this is a simple and

efficient solution comparing with other

solutions.

3) Supporting dynamic update. When ownerwants to update the database, he just adds

different fake attribute into the new tuples

and then generates a new cryptographic

204

7/28/2019 06047135

5/5

check value, at last update the check value

on the TTP.

V. CONCLUSION

In this paper we propose a new mechanism

based on fake attribute. From the fake attribute

we can generate a check value which we can useto provide completeness and freshness

guarantee. Analysis shows that our solution is

secure and efficient. Furthermore, our method

can also support dynamic update.

ACKNOWLEDGEMENT

The work of this paper is supported by Shanghai

Key Subject Fund under grant NO: J50103

REFERENCES

[1] Devanbu P, Gertz M, Martel C, et al. Authentic

Third-party Data Publication[C]//Proc. of the 14th IFIP

TC11/WG11.3 Annual Working Conference on Database

Security. Schoorl, Netherlands: [s. n.], 2000.

[2] Merkle R C. Protocols for Public Key

Cryptosystems[C]//proc. of IEEE Symposium on Research in

Security and Privacy. [S. l.]: IEEE Press, 1980.

[3]Merkle RC. A certified digital signature. In: Proc. of the

9th Annual Intl Cryptology Conf. on Advances in

Cryptology. LNCS 435, Heidelberg, Berlin: Springer-Verlag,

1989.

[4] Li Feifei, Marios H, George K, et al. Dynamic Authenti-

cated Index Structures for Outsourced Database[C]//Proc. of

ACM SIGMOD06. Chicago, Illinois, USA: ACM Press,

2006.

[5] C. Martel, G. Nuckolls, P. Devanbu, M. Gertz, A.

Kwong, and S. Stubblebine. A general model for authenti-

cated data structures. Algorithmica, 39(1):2141, 2004.

[6] Min Xie, Haixun Wang, Jian Yin, and Xiaofeng Meng.

Integrity auditing of outsourced data. In VLDB, 2007.[7] Xie M, Wang HX, Yin J, Meng XF. Providing freshness

guarantees for outsourced databases. In: Kemper A, Valdu-

riez P, Mouaddib N, Teubner J, Bouzeghoub M, Markl V,

Amsaleg L, Manolescu I, eds. Proc. of the 11th Intl Conf. on

Extending Database Technology: Advances in Database

Technology, Vol.261. New York: ACM Press, 2008.

[8] Einar Mykletun, Maithili Narasimha, and Gene Tsudik.

Authentication and integrity in outsourced databases. In

NDSS. The Internet Society, 2004.

[9] HweeHwa Pang, Arpit Jain, Krithi Ramamritham, and

Kian-Lee Tan. Verifying completeness of relational query

results in data publishing. In Fatma A Ozcan, editor, SIG-

MOD Conference, ACM, 2005.

[10] Radu Sion. Query execution assurance for outsourced

databases. In: Bohm K, Jensen CS, eds. Proc. of the 31st Intl

Conf. on Very Large Data Bases. New York: ACM Press,

2005.

[11] Sion R. Query execution assurance for outsourced data-

base. In: Bohm K, Jensen CS, eds. Proc. of the 31st Intl

Conf. on Very Large Data Bases. New York: ACM Press,

2005.

[12] http://en.wikipedia.org/wiki/Homomorphic_encryption

[13] http://en.wikipedia.org/wiki/Trusted_third_party

205