TY - JOUR
T1 - Authenticating Aggregate Queries over Set-Valued Data with Confidentiality
AU - Xu, Cheng
AU - Chen, Qian
AU - Hu, Haibo
AU - Xu, Jianliang
AU - Hei, Xiaojun
N1 - Funding Information:
This work was supported by the Research Grants Council (RGC) of Hong Kong under GRF Projects 12244916, 15238116, 12202414, 12200114, 12200914, CRF Project C1008-16G, and NSFC Grant 61370231. Haibo Hu is also supported by the PolyU Start-up Fund.
Publisher copyright:
© 2017 IEEE
PY - 2018/4/1
Y1 - 2018/4/1
N2 - With recent advances in data-As-A-service (DaaS) and cloud computing, aggregate query services over set-valued data are becoming widely available for business intelligence that drives decision making. However, as the service provider is often a third-party delegate of the data owner, the integrity of the query results cannot be guaranteed and is thus imperative to be authenticated. Unfortunately, existing query authentication techniques either do not work for set-valued data or they lack data confidentiality. In this paper, we propose authenticated aggregate queries over set-valued data that not only ensure the integrity of query results but also preserve the confidentiality of source data. As many aggregate queries are composed of multiset operations such as set union and subset, we first develop a family of privacy-preserving authentication protocols for primitive multiset operations. Using these protocols as building blocks, we present a privacy-preserving authentication framework for various aggregate queries and further optimize their authentication performance. Security analysis and empirical evaluation show that our proposed privacy-preserving authentication techniques are feasible and robust under a wide range of system workloads.
AB - With recent advances in data-As-A-service (DaaS) and cloud computing, aggregate query services over set-valued data are becoming widely available for business intelligence that drives decision making. However, as the service provider is often a third-party delegate of the data owner, the integrity of the query results cannot be guaranteed and is thus imperative to be authenticated. Unfortunately, existing query authentication techniques either do not work for set-valued data or they lack data confidentiality. In this paper, we propose authenticated aggregate queries over set-valued data that not only ensure the integrity of query results but also preserve the confidentiality of source data. As many aggregate queries are composed of multiset operations such as set union and subset, we first develop a family of privacy-preserving authentication protocols for primitive multiset operations. Using these protocols as building blocks, we present a privacy-preserving authentication framework for various aggregate queries and further optimize their authentication performance. Security analysis and empirical evaluation show that our proposed privacy-preserving authentication techniques are feasible and robust under a wide range of system workloads.
KW - aggregate queries
KW - merkle hash tree
KW - Query authentication
KW - set-valued data
UR - http://www.scopus.com/inward/record.url?scp=85035119838&partnerID=8YFLogxK
U2 - 10.1109/TKDE.2017.2773541
DO - 10.1109/TKDE.2017.2773541
M3 - Journal article
AN - SCOPUS:85035119838
SN - 1041-4347
VL - 30
SP - 630
EP - 644
JO - IEEE Transactions on Knowledge and Data Engineering
JF - IEEE Transactions on Knowledge and Data Engineering
IS - 4
ER -