TY - JOUR
T1 - Freshness Authentication for Outsourced Multi-Version Key-Value Stores
AU - Hu, Yidan
AU - Yao, Xin
AU - Zhang, Rui
AU - Zhang, Yanchao
N1 - Funding Information:
This work was supported in part by the National Natural Science Foundation of China under Grant 61902433, in part by the Hunan Provincial Natural Science Foundation of China under Grant 2019JJ50802, and in part by the U.S. National Science Foundation under Grants CNS-1933069, CNS-1824355, CNS-1651954 (CAREER), CNS-1718078, and CNS-1933047.
Publisher Copyright:
© 2004-2012 IEEE.
PY - 2023/5/1
Y1 - 2023/5/1
N2 - Data outsourcing is a promising technical paradigm to facilitate cost-effective real-time data storage, processing, and dissemination. In data outsourcing, a data owner proactively pushes a stream of data records to a third-party cloud server for storage, which in turn processes various types of queries from end users on the data owner's behalf. However, the popular outsourced multi-version key-value stores pose a critical security challenge that a third-party cloud server cannot be fully trusted to return both authentic and fresh data in response to end users' queries. Although several recent attempts have been made on authenticating data freshness in outsourced key-value stores, they either incur excessively high communication cost or can only offer very limited real-time guarantee. To fill this gap, this article introduces KV-Fresh, a novel freshness authentication scheme for outsourced key-value stores that offers strong real-time guarantee for both point query and range query. KV-Fresh is designed based on a novel data structure, Linked Key Span Merkle Hash Tree, which enables highly efficient freshness proof by embedding chaining relationship among records generated at different time. Extensive simulation studies using a synthetic dataset generated from real data confirm the efficacy and efficiency of KV-Fresh.
AB - Data outsourcing is a promising technical paradigm to facilitate cost-effective real-time data storage, processing, and dissemination. In data outsourcing, a data owner proactively pushes a stream of data records to a third-party cloud server for storage, which in turn processes various types of queries from end users on the data owner's behalf. However, the popular outsourced multi-version key-value stores pose a critical security challenge that a third-party cloud server cannot be fully trusted to return both authentic and fresh data in response to end users' queries. Although several recent attempts have been made on authenticating data freshness in outsourced key-value stores, they either incur excessively high communication cost or can only offer very limited real-time guarantee. To fill this gap, this article introduces KV-Fresh, a novel freshness authentication scheme for outsourced key-value stores that offers strong real-time guarantee for both point query and range query. KV-Fresh is designed based on a novel data structure, Linked Key Span Merkle Hash Tree, which enables highly efficient freshness proof by embedding chaining relationship among records generated at different time. Extensive simulation studies using a synthetic dataset generated from real data confirm the efficacy and efficiency of KV-Fresh.
KW - Freshness authentication
KW - data outsourcing
KW - multi-version key-value store
UR - http://www.scopus.com/inward/record.url?scp=85129445382&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85129445382&partnerID=8YFLogxK
U2 - 10.1109/TDSC.2022.3172380
DO - 10.1109/TDSC.2022.3172380
M3 - Article
AN - SCOPUS:85129445382
SN - 1545-5971
VL - 20
SP - 2071
EP - 2084
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 3
ER -