Publication Type
Journal Article
Version
publishedVersion
Publication Date
5-2008
Abstract
The number of successful attacks on the Internet shows that it is very difficult to guarantee the security of online servers over extended periods of time. A breached server that is not detected in time may return incorrect query answers to users. In this article, we introduce authentication schemes for users to verify that their query answers from an online server are complete (i.e., no qualifying tuples are omitted) and authentic (i.e., all the result values are legitimate). We introduce a scheme that supports range selection, projection as well as primary key-foreign key join queries on relational databases. We also present authentication schemes for single- and multi-attribute range aggregate queries. The schemes complement access control mechanisms that rewrite queries dynamically, and are computationally secure. We have implemented the proposed schemes, and experiment results showed that they are practical and feasible schemes with low overheads.
Keywords
Query answer verification, Secure database systems
Discipline
Databases and Information Systems | Numerical Analysis and Scientific Computing
Publication
ACM Transactions on Information and System Security
Volume
11
Issue
2
First Page
1
Last Page
50
ISSN
1094-9224
Identifier
10.1145/1330332.1330337
Publisher
ACM
Citation
PANG, Hwee Hwa and TAN, Kian-Lee.
Verifying Completeness of Relational Query Answers from Online Servers. (2008). ACM Transactions on Information and System Security. 11, (2), 1-50.
Available at: https://ink.library.smu.edu.sg/sis_research/778
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
http://doi.org/10.1145/1330332.1330337
Included in
Databases and Information Systems Commons, Numerical Analysis and Scientific Computing Commons