A Query Verification Method for Making Outsourced Databases Trustworthy

Abstract

The cloud computing paradigm moves data across administrative domains to be managed by various outsourced database (ODB) service providers. There needs a means for a data owner to verify the correctness and completeness of query results returned from these ODB services. The process is called query authentication. Existing ODB services do not provide such assurance to customers. This is mainly due to that most techniques in literature are expensive and limited in functionality. This paper proposes to use independent external observers for query result verification. The proposed method requires the ODB service to return a verification object (VO) for each query result set, as most existing methods do. Differing to existing methods, we propose a complement set based VO construction method. The cost of computing complement set based VO is low compared to hash tree based ones commonly seen in existing methods. The proposed method does not require the data owner or the ODB service provider to maintain complex authentication data structures, instead, the workload of data state tracking and VO validation can be distributed among a set of observers. Furthermore, the proposed VO construction method is capable of supporting multi-attribute queries. The method is implemented as a thin wrapper of an ODB service with the support of additional observer services. We evaluate the performance of the system in Amazon EC2 and examine its cost of achieving trustworthiness.