Server Transparent Query Authentication of Outsourced Database

With the rapid growth of database outsourcing, the security concerns in the outsourced database (ODB) paradigm are receiving more and more attentions. Query authentication is one of the important security requirements which enable the database clients to verify the authenticity and the completeness of the query results. Currently several query verification schemes are proposed based on the specially designed authentication data structures (ADS), in which the DBMS computes verification object (VO) for each query, and returns the result together with its VO. Since this “server-centric” model requires the functional extensions of DBMS and the modification of communication protocols, it will inevitably affect the application in practice. In this paper the authors propose a server transparent query authentication method called chain embedded signature (CES), which embeds the VO inside the ODB, therefore it supports the query authentication with commercial DBMS and standard SQL commands. This transparency also frees the server from heavy verification tasks, and prevents it from becoming the bottleneck of performance. Furthermore, since the VOs are stored inside ODB, the consistency of them is promised by the database transaction mechanism. The cost analysis and experimental results show that the time and space overhead are reasonable to be deployed in real systems.