Department of Computer Science
With recent advances in data-as-a-service (DaaS) and cloud computing, aggregate query services over set-valued data are becoming widely available for business intelligence that drives decision making. However, as the service provider is often a third-party delegate of the data owner, the integrity of the query results cannot be guaranteed and is thus imperative to be authenticated. Unfortunately, existing query authentication techniques either do not work for set-valued data or they lack data confidentiality. In this paper, we propose authenticated aggregate queries over set-valued data that not only ensure the integrity of query results but also preserve the confidentiality of source data. As many aggregate queries are composed of multiset operations such as set union and subset, we first develop a family of privacy-preserving authentication protocols for primitive multiset operations. Using these protocols as building blocks, we present a privacy-preserving authentication framework for various aggregate queries and further optimize their authentication performance. Security analysis and empirical evaluation show that our proposed privacy-preserving authentication techniques are feasible and robust under a wide range of system workloads.
Query Authentication, Aggregate Queries, Set-Valued Data, Merkle Hash Tree, Aggregates, Authentication, Genomics, Bioinformatics, Protocols, Indexes, Query processing
Source Publication Title
IEEE Transactions on Knowledge and Data Engineering
Institute of Electrical and Electronics Engineers
© Copyright 2018 IEEE - All rights reserved.
This work was supported by Research Grants Council (RGC) of Hong Kong under GRF Projects 12244916, 15238116, 12202414, 12200114, 12200914, CRF Project C1008-16G, and NSFC Grant 61370231.
Link to Publisher's Edition
Xu, C., Chen, Q., Hu, H., Xu, J., & Hei, X. (2018). Authenticating aggregate queries over set-valued data with confidentiality. IEEE Transactions on Knowledge and Data Engineering, 30 (4), 630-644. https://doi.org/10.1109/TKDE.2017.2773541