TY - GEN
T1 - When query authentication meets fine-grained access control
T2 - ACM SIGMOD International Conference on Management of Data, SIGMOD 2018
AU - Xu, Cheng
AU - XU, Jianliang
AU - HU, Haibo
AU - Au, Man Ho
N1 - Funding information:
This work was supported by Research Grants Council of Hong Kong under GRF Projects 12244916, 15238116, 12202414, 12200914, CRF Project C1008-16G, and National Natural Science Foundation of China under 61572413 and U1636205.
Publisher copyright:
© 2018 Association for Computing Machinery.
PY - 2018/5/27
Y1 - 2018/5/27
N2 - Query authentication has been extensively studied to ensure the integrity of query results for outsourced databases, which are often not fully trusted. However, access control, another important security concern, is largely ignored by existing works. Notably, recent breakthroughs in cryptography have enabled fine-grained access control over outsourced data. In this paper, we take the first step toward studying the problem of authenticating relational queries with fine-grained access control. The key challenge is how to protect information confidentiality during query authentication, which is essential to many critical applications. To address this challenge, we propose a novel access-policy-preserving (APP) signature as the primitive authenticated data structure. A useful property of the APP signature is that it can be used to derive customized signatures for unauthorized users to prove the inaccessibility while achieving the zero-knowledge confidentiality. We also propose a grid-indexbased tree structure that can aggregate APP signatures for efficient range and join query authentication. In addition to this, a number of optimization techniques are proposed to further improve the authentication performance. Security analysis and performance evaluation show that the proposed solutions and techniques are robust and efficient under various system settings.
AB - Query authentication has been extensively studied to ensure the integrity of query results for outsourced databases, which are often not fully trusted. However, access control, another important security concern, is largely ignored by existing works. Notably, recent breakthroughs in cryptography have enabled fine-grained access control over outsourced data. In this paper, we take the first step toward studying the problem of authenticating relational queries with fine-grained access control. The key challenge is how to protect information confidentiality during query authentication, which is essential to many critical applications. To address this challenge, we propose a novel access-policy-preserving (APP) signature as the primitive authenticated data structure. A useful property of the APP signature is that it can be used to derive customized signatures for unauthorized users to prove the inaccessibility while achieving the zero-knowledge confidentiality. We also propose a grid-indexbased tree structure that can aggregate APP signatures for efficient range and join query authentication. In addition to this, a number of optimization techniques are proposed to further improve the authentication performance. Security analysis and performance evaluation show that the proposed solutions and techniques are robust and efficient under various system settings.
KW - Data integrity
KW - Fine-grained access control
KW - Query processing
UR - http://www.scopus.com/inward/record.url?scp=85048820745&partnerID=8YFLogxK
U2 - 10.1145/3183713.3183741
DO - 10.1145/3183713.3183741
M3 - Conference proceeding
AN - SCOPUS:85048820745
T3 - Proceedings of the ACM SIGMOD International Conference on Management of Data
SP - 147
EP - 162
BT - SIGMOD 2018 - Proceedings of the 2018 International Conference on Management of Data
A2 - Das, Gautam
A2 - Jermaine, Christopher
A2 - Eldawy, Ahmed
A2 - Bernstein, Philip
PB - Association for Computing Machinery (ACM)
Y2 - 10 June 2018 through 15 June 2018
ER -