Authenticating Aggregate Queries over Set-Valued Data with Confidentiality

Cheng Xu, Qian Chen, Haibo Hu, Jianliang Xu*, Xiaojun Hei

*Corresponding author for this work

Research output: Contribution to journalJournal articlepeer-review

31 Citations (Scopus)
57 Downloads (Pure)

Abstract

With recent advances in data-As-A-service (DaaS) and cloud computing, aggregate query services over set-valued data are becoming widely available for business intelligence that drives decision making. However, as the service provider is often a third-party delegate of the data owner, the integrity of the query results cannot be guaranteed and is thus imperative to be authenticated. Unfortunately, existing query authentication techniques either do not work for set-valued data or they lack data confidentiality. In this paper, we propose authenticated aggregate queries over set-valued data that not only ensure the integrity of query results but also preserve the confidentiality of source data. As many aggregate queries are composed of multiset operations such as set union and subset, we first develop a family of privacy-preserving authentication protocols for primitive multiset operations. Using these protocols as building blocks, we present a privacy-preserving authentication framework for various aggregate queries and further optimize their authentication performance. Security analysis and empirical evaluation show that our proposed privacy-preserving authentication techniques are feasible and robust under a wide range of system workloads.

Original languageEnglish
Pages (from-to)630-644
Number of pages15
JournalIEEE Transactions on Knowledge and Data Engineering
Volume30
Issue number4
Early online date14 Nov 2017
DOIs
Publication statusPublished - 1 Apr 2018

Scopus Subject Areas

  • Information Systems
  • Computer Science Applications
  • Computational Theory and Mathematics

User-Defined Keywords

  • aggregate queries
  • merkle hash tree
  • Query authentication
  • set-valued data

Fingerprint

Dive into the research topics of 'Authenticating Aggregate Queries over Set-Valued Data with Confidentiality'. Together they form a unique fingerprint.

Cite this