TY - GEN
T1 - Verifiable outsourced database in the cloud using game theory
AU - Eltayesh, Faryed
AU - Bentahar, Jamal
N1 - Publisher Copyright:
Copyright 2017 ACM.
PY - 2017/4/3
Y1 - 2017/4/3
N2 - In the verifiable database (VDB) model, a computationally weak client (database owner) delegates his database management to a database service provider on the cloud, which is considered untrusted third party, while users can query the data and verify the integrity of query results. Since the process can be computationally costly and has a limited support for sophisticated query types such as aggregated queries, we propose in this paper a framework that helps bridge the gap between security and practicality trade-offs. The proposed framework remodels the verifiable database problem using Stackelberg security game. In the new model, the database owner creates and uploads to the database service provider the database and its authentication structure (AS). Next, the game is played between the defender (verifier), who is a trusted party to the database owner and runs scheduled randomized verifications using Stackelberg mixed strategy, and the database service provider. The idea is to randomize the verification schedule in an optimized way that grants the optimal payoff for the verifier while making it extremely hard for the database service provider or any attacker to figure out which part of the database is being verified next. We have implemented and compared the proposed model performance with a uniform randomization model. Simulation results show that the proposed model outperforms the uniform randomization model. Furthermore, we have evaluated the efficiency of the proposed model against different cost metrics.
AB - In the verifiable database (VDB) model, a computationally weak client (database owner) delegates his database management to a database service provider on the cloud, which is considered untrusted third party, while users can query the data and verify the integrity of query results. Since the process can be computationally costly and has a limited support for sophisticated query types such as aggregated queries, we propose in this paper a framework that helps bridge the gap between security and practicality trade-offs. The proposed framework remodels the verifiable database problem using Stackelberg security game. In the new model, the database owner creates and uploads to the database service provider the database and its authentication structure (AS). Next, the game is played between the defender (verifier), who is a trusted party to the database owner and runs scheduled randomized verifications using Stackelberg mixed strategy, and the database service provider. The idea is to randomize the verification schedule in an optimized way that grants the optimal payoff for the verifier while making it extremely hard for the database service provider or any attacker to figure out which part of the database is being verified next. We have implemented and compared the proposed model performance with a uniform randomization model. Simulation results show that the proposed model outperforms the uniform randomization model. Furthermore, we have evaluated the efficiency of the proposed model against different cost metrics.
KW - Authenticated data structures
KW - Big databases security in the cloud
KW - Database auditing
KW - Outsourced database security
KW - Verifiable database
UR - http://www.scopus.com/inward/record.url?scp=85019732586&partnerID=8YFLogxK
U2 - 10.1145/3019612.3019628
DO - 10.1145/3019612.3019628
M3 - Conference contribution
AN - SCOPUS:85019732586
T3 - Proceedings of the ACM Symposium on Applied Computing
SP - 370
EP - 377
BT - 32nd Annual ACM Symposium on Applied Computing, SAC 2017
T2 - 32nd Annual ACM Symposium on Applied Computing, SAC 2017
Y2 - 4 April 2017 through 6 April 2017
ER -