Abstract
To save time and money, businesses and individuals have begun outsourcing their data and computations to cloud computing services. These entities would, however, like to ensure that the queries they request from the cloud services are being computed correctly. In this paper, we use the principles of economics and competition to vastly reduce the complexity of query verification on outsourced data. Instead of building a specialized computation system for verifying the result of a single outsourced query, we rely on a second, non-colluding data outsourcing entity, whose services are required only a miniscule fraction of the time. Using a game theoretic model, we show that given the proper incentive structure, we can effectively deter dishonest behavior on the part of the data outsourcing services with a very small expected cost increase. We then prove that the incentive for an outsourcing service to cheat can be reduced to zero under this structure.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Atallah, M., Cho, Y., Kundu, A.: Efficient data authentication in an environment of untrusted third-party distributors. In: IEEE 24th International Conference on Data Engineering, pp. 696–704. IEEE (2008)
Canetti, R., Riva, B., Rothblum, G.: Practical delegation of computation using multiple servers. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 445–454. ACM (2011)
Chen, H., Ma, X., Hsu, W., Li, N., Wang, Q.: Access Control Friendly Query Verification for Outsourced Data Publishing. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 177–191. Springer, Heidelberg (2008)
Gennaro, R., Gentry, C., Parno, B.: Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 465–482. Springer, Heidelberg (2010)
Google. Google bigquery service (2011)
Haber, S., Horne, W., Sander, T., Yao, D.: Privacy-preserving verification of aggregate queries on outsourced databases. Technical report, Citeseer (2006)
Merkle, R.: Secrecy, authentication and public key systems (1979)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM Transactions on Storage (TOS) 2(2), 107–138 (2006)
National Institute of Standards and Technology. FIPS 180-2, secure hash standard, federal information processing standard (FIPS), publication 180-2. Technical report, Department of Commerce (August 2002)
Pang, H., Jain, A., Ramamritham, K., Tan, K.: Verifying completeness of relational query results in data publishing. In: Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data, pp. 407–418. ACM (2005)
Pang, H., Zhang, J., Mouratidis, K.: Scalable verification for outsourced dynamic databases. Proceedings of the VLDB Endowment 2(1), 802–813 (2009)
Patel, P., Ranabahu, A., Sheth, A.: Service level agreement in cloud computing. In: Cloud Workshops at OOPSLA (2009)
F. Pub. 198, the keyed-hash message authentication code (hmac). Federal Information Processing Standards Publication, 198 (2002)
Rasmusen, E.: Games and information: An introduction to game theory. Wiley-blackwell (2007)
Rivest, R.: The md5 message-digest algorithm (1992)
Sion, R.: Query execution assurance for outsourced databases. In: Proceedings of the 31st International Conference on Very Large Databases, pp. 601–612. VLDB Endowment (2005)
Sion, R.: Secure data outsourcing. In: Proceedings of the 33rd International Conference on Very large Databases, pp. 1431–1432. VLDB Endowment (2007)
Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of the 33rd International Conference on Very Large Databases, pp. 782–793. VLDB Endowment (2007)
Xu, J., Chang, E.: Authenticating aggregate range queries over multidimensional dataset. Technical report, Cryptology ePrint Archive, Report 2010/050 (2010)
Yang, Y., Papadias, D., Papadopoulos, S., Kalnis, P.: Authenticated join processing in outsourced databases. In: Proceedings of the 35th SIGMOD International Conference on Management of Data, pp. 5–18. ACM (2009)
Yi, K., Li, F., Cormode, G., Hadjieleftheriou, M., Kollios, G., Srivastava, D.: Small synopses for group-by query verification on outsourced data streams. ACM Transactions on Database Systems (TODS) 34(3), 1–42 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nix, R., Kantarcioglu, M. (2012). Contractual Agreement Design for Enforcing Honesty in Cloud Outsourcing. In: Grossklags, J., Walrand, J. (eds) Decision and Game Theory for Security. GameSec 2012. Lecture Notes in Computer Science, vol 7638. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34266-0_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-34266-0_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34265-3
Online ISBN: 978-3-642-34266-0
eBook Packages: Computer ScienceComputer Science (R0)