Cluster Computing

, Volume 22, Supplement 3, pp 5763–5773 | Cite as

Privacy protection and integrity verification of aggregate queries in cloud computing

  • Jun HongEmail author
  • Tao Wen
  • Quan Guo
  • Zhengwang Ye
  • Ying Yin


Outsourcing data to the cloud becomes a trend for the users to reduce database management and maintenance cost. However, storing data on the cloud brings many security problems. Data privacy and query authentication are two critical issues to be resolved. Specially, they are important to aggregate queries of cloud data. The data owner must keep the sensitive data hidden and only the aggregate result is revealed to the clients and cloud service provider. Furthermore, the client can ensure that the aggregate results are correct and complete. In this paper, we adopt multi-party computation to realize privacy-preserving aggregate computation in which at least t cloud servers can jointly calculate the aggregate results without gaining any knowledge of sensitive data. In addition, we introduce an authenticated structure, called PAAT, to provide query authentication for aggregate result. The experimental results show that our scheme is feasible and has good performance in practice.


Cloud computing Data privacy Aggregate query Multi-party computation Query integrity 



This work was supported by the National Nature Science Foundation of China (Nos. 61772101, 61772124, 61170169 and 61170168), Shanxi Province Natural Science Foundation for Young (No. 201601D202038) and Fundamental Research Funds for the Central Universities (Nos. 02190022116016 and 02190022116008).


  1. 1.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 35(1), 1–11 (2011)CrossRefGoogle Scholar
  2. 2.
    Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)CrossRefGoogle Scholar
  3. 3.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)CrossRefGoogle Scholar
  4. 4.
    Feng, D.-G., Zhang, M., Zhang, Y., Zhen, X.: Study on cloud computing security. J. Softw. 22(1), 71–83 (2011)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Ramgovind, S., Eloff, M.M., Smith, E.: The management of security in cloud computing. In: Proceedings of the Information Security for South Africa (ISSA), 2010, pp. 1–7. IEEE (2010)Google Scholar
  6. 6.
    Zhao, Y., Yu, J.X., Wang, G., Chen, L., Wang, B., Yu, G.: Maximal subspace coregulated gene clustering. IEEE Trans. Knowl. Data Eng. 20(1), 83–98 (2007)CrossRefGoogle Scholar
  7. 7.
    Hacigum̈üş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp. 216–227. ACM (2002)Google Scholar
  8. 8.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574. ACM (2004)Google Scholar
  9. 9.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Advances in Cryptology—EUROCRYPT 2009, Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26–30, 2009, vol. 5479, pp. 224–241 (2009)CrossRefGoogle Scholar
  10. 10.
    Mykletun, E., Tsudik, G.: Aggregation queries in the database-as-a-service model. In: Proceedings of the Data and Applications Security XX, pp. 89–103. Springer (2006)Google Scholar
  11. 11.
    Hacigumus, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted databases. In: Lecture Notes in Computer Science. vol. 2973, pp. 125–136 (2004)Google Scholar
  12. 12.
    Thompson, B., Haber, S., Horne, W.G., Sander, T., Yao, D.: Privacy preserving computation and verification of aggregate queries on outsourced databases. In: Proceedings of the Privacy Enhancing Technologies, pp. 185–201. Springer (2009)Google Scholar
  13. 13.
    Alzain, M.A., Li, A.S., Soh, B., Pardede, E.: Multi-cloud data management using Shamir’s secret sharing and quantum Byzantine agreement schemes. Int. J. Cloud Appl. Comput. 5(3), 35–52 (2015)Google Scholar
  14. 14.
    Emekci, F., Agrawal, D., Abbadi, A.E., Gulbeden, A.: Privacy preserving query processing using third parties. In: Proceedings of the 22nd International Conference on Data Engineering, 2006. ICDE’06. IEEE (2006)Google Scholar
  15. 15.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Hadavi, M.A., Damiani, E., Jalili, R., Cimato, S., Ganjei, Z.: AS5: a secure searchable secret sharing scheme for privacy preserving database outsourcing. In: Data Privacy Management and Autonomous Spontaneous Security (2013)Google Scholar
  17. 17.
    Haber, S., Horne, W.G., Sander, T., Yao, D.: Privacy-aware verification of aggregate queries on outsourced databases with applications to historic data integrity. In: Proceedings of the Privacy Enhancing Technologies (2009)Google Scholar
  18. 18.
    Nath, S., Venkatesan, R.: Publicly verifiable grouped aggregation queries on outsourced data streams. Proceedings of the IEEE, International Conference on Data Engineering, pp. 517–528. IEEE (2013)Google Scholar
  19. 19.
    Zhuo, G., Jia, Q., Guo, L., Li, M., Li, P.: Privacy-preserving verifiable data aggregation and analysis for cloud-assisted mobile crowdsourcing. Proceedings of the IEEE INFOCOM 2016—the IEEE International Conference on Computer Communications, pp. 1–9. IEEE (2016)Google Scholar
  20. 20.
    Pang, H., Jain, A., Ramamritham, K., Tan, K.-L.: Verifying completeness of relational query results in data publishing. In: Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data, pp. 407–418. ACM (2005)Google Scholar
  21. 21.
    Narasimha, M., Tsudik, G.: Dsac: integrity for outsourced databases with signature aggregation and chaining. In: Proceedings of the 14th ACM International Conference on Information and Knowledge Management, pp. 235–236. ACM (2005)Google Scholar
  22. 22.
    Hong, J., Wen, T., Gu, Q., Sheng, G.: Query integrity verification based-on mac chain in cloud storage. In: Proceedings of the 2014 IEEE/ACIS 13th International Conference onComputer and Information Science (ICIS), pp. 125–129. IEEE (2014)Google Scholar
  23. 23.
    Min, Z., Cheng, H., Chi, C.: Server transparent query authentication of outsourced database. J. Comput. Res. Dev. 1, 028 (2010)Google Scholar
  24. 24.
    Merkle, R.C.: A certified digital signature. In: Advances in CryptologyCRYPTO89 Proceedings, pp. 218–238. Springer (1990)Google Scholar
  25. 25.
    Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, pp. 121–132. ACM (2006)Google Scholar
  26. 26.
    Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Super-efficient verification of dynamic outsourced databases. In Proceedings of the Topics in Cryptology–CT-RSA 2008, pp. 407–424. Springer (2008)Google Scholar
  27. 27.
    Papadopoulos, S., Yang, Y., Papadias, D.: CADS: continuous authentication on data streams. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 135–146. VLDB Endowment (2007)Google Scholar
  28. 28.
    Wen, T., Sheng, G., Guo, Q., Guo-Jun, S.: Query results authentication of outsourced append-only databases. J. Comput. Res. Dev. 49(10), 2077–2085 (2012)Google Scholar
  29. 29.
    Sheng, G., Tang, C., Han, H., Gao, W., Hu, X.: Authentication of outsourced linear function query with efficient updates. Clust. Comput. 9, 1–9 (2017)Google Scholar
  30. 30.
    Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Authenticated index structures for aggregation queries. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(4), 32 (2010)CrossRefGoogle Scholar
  31. 31.
    Chen, Q., Hu, H., Xu, J.: Authenticated online data integration services. Proceedings of the ACM SIGMOD International Conference, pp. 167–181. ACM (2015)Google Scholar
  32. 32.
    Chandrasekhar, S., Singhal, M.: Efficient and scalable query authentication for cloud-based storage systems with multiple data sources. IEEE Trans. Serv. Comput. (2015)Google Scholar
  33. 33.
    Chandrasekhar, S., Singhal, M.: Multi-trapdoor hash functions and their applications in network security. In: Proceedings of the IEEE Conference on Communications and Network Security, pp. 463–471. IEEE (2014)Google Scholar
  34. 34.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Proceedings of the Advances in CryptologyCRYPTO91, pp. 129–140. Springer (1992)Google Scholar
  35. 35.
    Durfee, G., Franklin, M.: Distribution chain security. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 63–70. ACM (2000)Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2017

Authors and Affiliations

  • Jun Hong
    • 1
    • 2
    Email author
  • Tao Wen
    • 1
  • Quan Guo
    • 3
  • Zhengwang Ye
    • 1
  • Ying Yin
    • 1
  1. 1.School of Computer Science and EngineeringNortheastern UniversityShenyangChina
  2. 2.School of SoftwareNorth University of ChinaTaiyuanChina
  3. 3.Department of Computer Science and TechnologyDalian Neusoft University of InformationDalianChina

Personalised recommendations