Document Type

Conference Paper

Department/Unit

Department of Computer Science

Title

When Query Authentication Meets Fine-Grained Access Control: A Zero-Knowledge Approach

Language

English

Abstract

Query authentication has been extensively studied to ensure the integrity of query results for outsourced databases, which are often not fully trusted. However, access control, another important security concern, is largely ignored by existing works. Notably, recent breakthroughs in cryptography have enabled fine-grained access control over outsourced data. In this paper, we take the first step toward studying the problem of authenticating relational queries with fine-grained access control. The key challenge is how to protect information confidentiality during query authentication, which is essential to many critical applications. To address this challenge, we propose a novel access-policy-preserving (APP) signature as the primitive authenticated data structure. A useful property of the APP signature is that it can be used to derive customized signatures for unauthorized users to prove the inaccessibility while achieving the zero-knowledge confidentiality. We also propose a grid-indexbased tree structure that can aggregate APP signatures for efficient range and join query authentication. In addition to this, a number of optimization techniques are proposed to further improve the authentication performance. Security analysis and performance evaluation show that the proposed solutions and techniques are robust and efficient under various system settings.

Keywords

query processing, data integrity, fine-grained access control

Publication Date

2018

Source Publication Title

Proceeding SIGMOD '18 Proceedings of the 2018 International Conference on Management of Data

Start Page

147

End Page

162

Conference Location

Houston, TX, USA

Publisher

ACM

DOI

10.1145/3183713.3183741

Link to Publisher's Edition

https://dl.acm.org/citation.cfm?id=3183741

ISBN (print)

9781450347037

This document is currently not available here.

Link to Publisher's Version

Share

COinS