Glen Nuckolls - Academia.edu (original) (raw)
Papers by Glen Nuckolls
Abstract. Query answers from on-line databases can easily be corrupted by hackers or malicious da... more Abstract. Query answers from on-line databases can easily be corrupted by hackers or malicious database publishers. Thus it is important to provide mechanisms which allow clients to trust the results from on-line queries. Authentic publication allows untrusted publishers to answer securely queries from clients on behalf of trusted off-line data owners. Publishers validate answers using hard-to-forge verification objects (VOs), which clients can check efficiently. This approach provides greater scalability, by making it easy to add more publishers, and better security, since on-line publishers do not need to be trusted. To make authentic publication attractive, it is important for the VOs to be small, efficient to compute, and efficient to verify. This has lead researchers to develop independently several different schemes for efficient VO computation based on specific data structures. Our goal is to develop a unifying framework for these disparate results, leading to a generalized s...
Query answers from on-line databases can easily be corrupted by hackers or malicious intent by
IEEE Data Eng. Bull., 2004
The publication of high-value and mission critical data on the Internet plays an important role i... more The publication of high-value and mission critical data on the Internet plays an important role in the government, industry, and health-care sectors. However, owners of such data are often not able or willing to serve millions of query requests per day and furthermore satisfy clients’ data requirements regarding the integrity, availability, and authenticity of the data they manage in their databases. In this article, we give an overview of our work on authentic publication schemes in which a data owner employs a (possibly untrusted) data publisher to answer queries from clients on behalf of the owner. In addition to query answers, publishers provide clients with verification objects a client uses to verify whether the answer is the same as the owner would have provided. We consider two popular types of database systems, those managing relational data and those managing XML data in the form of XML repositories.
The publication of high-value and mission critical data on the Internet plays an important role i... more The publication of high-value and mission critical data on the Internet plays an important role in the government, industry, and health-care sectors. However, owners of such data are often not able or willing to serve millions of query requests per day and furthermore satisfy clients ’ data requirements regarding the integrity, availability, and authenticity of the data they manage in their databases. In this article, we give an overview of our work on authentic publication schemes in which a data owner employs a (possibly untrusted) data publisher to answer queries from clients on behalf of the owner. In addition to query answers, publishers provide clients with verification objects a client uses to verify whether the answer is the same as the owner would have provided. We consider two popular types of database systems, those managing relational data and those managing XML data in the form of XML repositories. 1
Online databases that provide critical information are often vulnerable to malicious and inadvert... more Online databases that provide critical information are often vulnerable to malicious and inadvertent corruption. Authentic Publication allows an untrusted data publisher to securely answer user database queries on behalf of trusted off-line data owners. Publishers provide proofs, or verification object ( VOs ), to users who verify that answers are correct. This approach improves scalability and security, but to be practical, the VO s should be small and efficient to compute and verify. This has lead researchers to independently develop several schemes for efficient VO computation based on specific data structures. Chapter 3 presents a unifying framework for these results, leading to a generalized security result. We characterize a broad class of data structures which we call Search DAGs, and develop a generalized algorithm for the construction of VO s for Search DAGs, proving them secure and efficient to compute and verify. We demonstrate how this approach easily captures existing work on simple structures such as binary trees, multi-dimensional range trees, tries, and skip lists, and thus provides the security and efficiency results from our general theorems. We also use Search DAGs to produce and prove the security of authenticated versions of two complex data models for efficient multi-dimensional range searches. This allows efficient VO s to be computed for 1D and 2D range queries and for I/O efficient schemes using linear size structures. Chapter 4 presents efficient mechanisms that enable a group of data owners to rely on an untrusted publisher to collect, organize and integrate each owner's individual data set into a single data structure. Each owner gets a proof from the publisher that his data is properly represented, and the publisher answers and provides proofs for user queries as before. We show that a group of data owners can efficiently certify that the publisher has correctly constructed the data structure from the owners' individual data sets. Users can then verify that the answers they get from the publisher are the same as a fully trusted publisher would provide, or detect if they are not. The results presented support both single attribute and multiple attribute selection and range queries.
Lecture Notes in Computer Science, 2005
Proceedings of the Third International Conference on SImilarity Search and APplications - SISAP '10, 2010
... include cosine distances based on shared peak count [12, 14] and Hausdorff distance [10]. ...... more ... include cosine distances based on shared peak count [12, 14] and Hausdorff distance [10]. ... Most of the costly distance computations are performed between the query objects and the ... 1] Bozkaya, T. and M. Ozsoyoglu, Indexing large metric spaces for similarity search queries. ...
Proceedings of the 8th ACM conference on Computer and Communications Security - CCS '01, 2001
2005 IEEE Computational Systems Bioinformatics Conference (CSB'05), 2005
Algorithmica, 2001
Query answers from on-line databases can easily be corrupted by hackers or malicious intent by th... more Query answers from on-line databases can easily be corrupted by hackers or malicious intent by the database publisher. Thus it is important to provide mechanisms which allow clients to trust the results from on-line queries. Authentic publication is a novel scheme which allows untrusted publishers to securely answer queries from clients on behalf of trusted o-line data owners. Publishers validate
IFIP International Federation for Information Processing, 2004
Abstract. Query answers from on-line databases can easily be corrupted by hackers or malicious da... more Abstract. Query answers from on-line databases can easily be corrupted by hackers or malicious database publishers. Thus it is important to provide mechanisms which allow clients to trust the results from on-line queries. Authentic publication allows untrusted publishers to answer securely queries from clients on behalf of trusted off-line data owners. Publishers validate answers using hard-to-forge verification objects (VOs), which clients can check efficiently. This approach provides greater scalability, by making it easy to add more publishers, and better security, since on-line publishers do not need to be trusted. To make authentic publication attractive, it is important for the VOs to be small, efficient to compute, and efficient to verify. This has lead researchers to develop independently several different schemes for efficient VO computation based on specific data structures. Our goal is to develop a unifying framework for these disparate results, leading to a generalized s...
Query answers from on-line databases can easily be corrupted by hackers or malicious intent by
IEEE Data Eng. Bull., 2004
The publication of high-value and mission critical data on the Internet plays an important role i... more The publication of high-value and mission critical data on the Internet plays an important role in the government, industry, and health-care sectors. However, owners of such data are often not able or willing to serve millions of query requests per day and furthermore satisfy clients’ data requirements regarding the integrity, availability, and authenticity of the data they manage in their databases. In this article, we give an overview of our work on authentic publication schemes in which a data owner employs a (possibly untrusted) data publisher to answer queries from clients on behalf of the owner. In addition to query answers, publishers provide clients with verification objects a client uses to verify whether the answer is the same as the owner would have provided. We consider two popular types of database systems, those managing relational data and those managing XML data in the form of XML repositories.
The publication of high-value and mission critical data on the Internet plays an important role i... more The publication of high-value and mission critical data on the Internet plays an important role in the government, industry, and health-care sectors. However, owners of such data are often not able or willing to serve millions of query requests per day and furthermore satisfy clients ’ data requirements regarding the integrity, availability, and authenticity of the data they manage in their databases. In this article, we give an overview of our work on authentic publication schemes in which a data owner employs a (possibly untrusted) data publisher to answer queries from clients on behalf of the owner. In addition to query answers, publishers provide clients with verification objects a client uses to verify whether the answer is the same as the owner would have provided. We consider two popular types of database systems, those managing relational data and those managing XML data in the form of XML repositories. 1
Online databases that provide critical information are often vulnerable to malicious and inadvert... more Online databases that provide critical information are often vulnerable to malicious and inadvertent corruption. Authentic Publication allows an untrusted data publisher to securely answer user database queries on behalf of trusted off-line data owners. Publishers provide proofs, or verification object ( VOs ), to users who verify that answers are correct. This approach improves scalability and security, but to be practical, the VO s should be small and efficient to compute and verify. This has lead researchers to independently develop several schemes for efficient VO computation based on specific data structures. Chapter 3 presents a unifying framework for these results, leading to a generalized security result. We characterize a broad class of data structures which we call Search DAGs, and develop a generalized algorithm for the construction of VO s for Search DAGs, proving them secure and efficient to compute and verify. We demonstrate how this approach easily captures existing work on simple structures such as binary trees, multi-dimensional range trees, tries, and skip lists, and thus provides the security and efficiency results from our general theorems. We also use Search DAGs to produce and prove the security of authenticated versions of two complex data models for efficient multi-dimensional range searches. This allows efficient VO s to be computed for 1D and 2D range queries and for I/O efficient schemes using linear size structures. Chapter 4 presents efficient mechanisms that enable a group of data owners to rely on an untrusted publisher to collect, organize and integrate each owner's individual data set into a single data structure. Each owner gets a proof from the publisher that his data is properly represented, and the publisher answers and provides proofs for user queries as before. We show that a group of data owners can efficiently certify that the publisher has correctly constructed the data structure from the owners' individual data sets. Users can then verify that the answers they get from the publisher are the same as a fully trusted publisher would provide, or detect if they are not. The results presented support both single attribute and multiple attribute selection and range queries.
Lecture Notes in Computer Science, 2005
Proceedings of the Third International Conference on SImilarity Search and APplications - SISAP '10, 2010
... include cosine distances based on shared peak count [12, 14] and Hausdorff distance [10]. ...... more ... include cosine distances based on shared peak count [12, 14] and Hausdorff distance [10]. ... Most of the costly distance computations are performed between the query objects and the ... 1] Bozkaya, T. and M. Ozsoyoglu, Indexing large metric spaces for similarity search queries. ...
Proceedings of the 8th ACM conference on Computer and Communications Security - CCS '01, 2001
2005 IEEE Computational Systems Bioinformatics Conference (CSB'05), 2005
Algorithmica, 2001
Query answers from on-line databases can easily be corrupted by hackers or malicious intent by th... more Query answers from on-line databases can easily be corrupted by hackers or malicious intent by the database publisher. Thus it is important to provide mechanisms which allow clients to trust the results from on-line queries. Authentic publication is a novel scheme which allows untrusted publishers to securely answer queries from clients on behalf of trusted o-line data owners. Publishers validate
IFIP International Federation for Information Processing, 2004