CN109800235A - A kind of Outsourced database full operation inquiry validation system and method based on certification tree - Google Patents

A kind of Outsourced database full operation inquiry validation system and method based on certification tree Download PDF

Info

Publication number
CN109800235A
CN109800235A CN201910078738.2A CN201910078738A CN109800235A CN 109800235 A CN109800235 A CN 109800235A CN 201910078738 A CN201910078738 A CN 201910078738A CN 109800235 A CN109800235 A CN 109800235A
Authority
CN
China
Prior art keywords
tree
data
result
value
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910078738.2A
Other languages
Chinese (zh)
Other versions
CN109800235B (en
Inventor
周福才
崔宁
高源�
王强
玄鹏开
吴淇毓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Northeastern University China
Original Assignee
Northeastern University China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Northeastern University China filed Critical Northeastern University China
Priority to CN201910078738.2A priority Critical patent/CN109800235B/en
Publication of CN109800235A publication Critical patent/CN109800235A/en
Application granted granted Critical
Publication of CN109800235B publication Critical patent/CN109800235B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present invention provides a kind of Outsourced database full operation inquiry validation system and method based on certification tree, is related to technical field of network security.The present invention has carried out Functional Design and class design for data owner, Outsourced database server and user tripartite's entity, and gives the realization of key function module;Including initialization module, SQL query authentication module, update module, display module;The data that initialization module is used to provide data owner carry out the generation of key and the building of certification tree;SQL query authentication module extracts data in initialization module and is sent to display module after verifying for assigning it to matching unit according to the content of user query;Update module is embedded in outsourcing data server, is updated according to the insertion of user, deletion and modification request to the data in initialization module;Display module is used to input data required for the data that user to be inquired and display user.The present invention realizes public can verify that and may be updated with public.

Description

A kind of Outsourced database full operation inquiry validation system and method based on certification tree
Technical field
The present invention relates to technical field of network security more particularly to a kind of Outsourced database full operation based on certification tree to look into Ask verifying system and method.
Background technique
In recent years, Internet technology experienced huge change, cloud computing technology again and again and obtain unprecedented Development, calculate commerce services mode as a kind of emerging internet, user Cloud Server at the far end can provide at any time The services such as data storage, operation program and execution calculating, this largely changes traditional data storage method.Therefore Enterprise and user can free from expensive data storage cost, thus Outsourced database also proposes.
Outsourced database refers to enterprise or the personal specialized database cloud storage provider maintenance and management of commission completely certainly Oneself data cancel oneself proprietary data center, database are used as a kind of service.This mode has many excellent Point can save manpower, maintenance and management cost, be absorbed in the core business of oneself for enterprise and tissue, additionally it is possible to The data sharing between enterprise and tissue is efficiently realized, for important information, additionally it is possible to realize multipoint operation, thus can The defect for enough overcoming single-point to store, enhances the reliability of data.For service provider, it is special service provider can be played Advantage in industry resource set improves network bandwidth, reduces network delay.Based on above-mentioned advantage, more and more enterprises and user Use mainstream storage and calculation server of the cloud storage service device as them.
For Outsourced database server, a variety of SQL queries are provided the result is that most basic function, enterprises and individuals' hair A plurality of types of inquiry requests are sent, database is responsible for SQL query and the result after inquiry is sent to user.However in outsourcing number While being more widely applied according to library, its safety receives many challenges, and user can not protect when being uploaded to server The correctness and integrality for demonstrate,proving query result, since Outsourced database server is incredible, or in data storage procedure In once there is loopholes for attack by external attack or internal staff or even server itself, the safety of data will Can be by serious destruction, therefore the correctness and integrality of data query result can also be unable to get protection.Such as it is storing In the set for gathering { 3,6,7,14,16 } 5 elements, request returns the result the element of 5 < x < 15, and Outsourced database may return { 6,14 }, it is returning at this time the result is that incomplete, it is if returning the result { 3,6,7,14 }, then returning the result is that wrong. Therefore the integrality and correctness problem of research outsourced database query result have obtained more extensive concern.
Many researchers are devoted to the integrity verification scheme of building Outsourced database, in this process, usually outer Bag data library can generate the evidence for being able to verify that result correctness, server when executing the inquiry request of user simultaneously Result and evidence are sent to user together, whether user is then correct according to certain rule verification result.In this process, Even if Outsourced database server is incredible, but whether user still can correct and complete by verifying judging result, Prevent server provide mistake as a result, to effectively guarantee use Outsourced database server calculated result safety.
In the research about data base integrity verifying before this, there is some problems, the inquiry such as usually supported Type is relatively simple, cannot support full operation i.e. and cannot support the verifying to all types of SQL query results;It cannot support pair The public update of data, data owner need to be updated using private key in more new data;Efficiency is lower, can not be applied to In actual application scenarios.
Summary of the invention
It is a kind of based on the outer of certification tree the technical problem to be solved by the present invention is in view of the above shortcomings of the prior art, provide Bag data library full operation inquiry validation system and method, this method is full-featured, has high efficiency, can be to the complete of query result Property is verified.
In order to solve the above technical problems, the technical solution used in the present invention is:
On the one hand, the present invention provides a kind of Outsourced database full operation inquiry validation system based on certification tree, including first Beginningization module, SQL query authentication module, update module and display module;
The data that the initialization module is used to provide data owner carry out the generation of key and the building of certification tree;
The SQL query authentication module is embedded in outsourcing data server, including range query and authentication unit, Connection inquiring And authentication unit, multi-Dimensional Range are inquired and authentication unit, counting inquiry and authentication unit, summation inquiry and authentication unit, minimum Value inquiry and authentication unit and maximum value inquiry and authentication unit;The module is used for the content assignment according to user query to therewith Matched query unit extracts data in initialization module and is sent to display module after verifying;
The update module is embedded in outsourcing data server, for being requested according to the update of user in initialization module Data are updated, and the update request includes insertion, deletes and modify;
The display module is used to input user and wants the data of inquiry and show data required for user.
On the other hand, the present invention also provides a kind of Outsourced database full operation enquiry and verification method based on certification tree, lead to A kind of Outsourced database full operation inquiry validation system based on certification tree is crossed to realize, comprising the following steps:
Step 1: data owner executes key schedule using common parameter λ and generates public key PK and private key SK;
Step 2: public key PK is sent to Outsourced database server and user by data owner;
Step 3: data owner executes Setup initialization algorithm using public key PK and data acquisition system D and generates certification tree A- Tree and certification tree abstract digtree
Step 4: certification tree A-Tree is sent to Outsourced database server by data owner, by certification tree abstract digtreeIt is sent to user;
Step 5: user initiates inquiry request to the SQL query authentication module of Outsourced database server;
Step 6: Outsourced database server executes search algorithm Query and generates result RηWith evidence Pη, looked into according to different Different search algorithms can be called by asking request Outsourced database;Then Outsourced database server is by result RηWith evidence PηIt sends To user terminal, wherein η=1,2,3,4,5,6,7;User executes Verify verification algorithm according to the result and evidence received and tests It whether correct demonstrate,proves result, is verified, exports 1, otherwise export 0;Wherein different inquiry requests includes range query and tests Card, Connection inquiring and verifying, multi-Dimensional Range inquiry and verifying, counting inquiry and verifying, summation inquiry and verifying, minimum value inquiry And verifying and maximum value are inquired and verifying;
Step 7: user will update the update module for requesting upd to be sent to Outsourced database server;
Step 8: user executes UpdateDig update digest algorithm and generates new certification tree digest value digtree-upd, and Outsourced database server executes UpdateTree operation and generates new data set DupdA-Tree is set with certificationtree-upd
The step 1 specifically comprises the following steps:
Step 1.1: data owner reads security parameter λ;
Step 1.2: executing BilinearGen algorithm and construct group G1,G2With generation member g;
Step 1.3: selection random number r, s is as private key SK;
Step 1.4: it is calculated using security parameter and private key as public key PK,Wherein Q=poly (λ).
The step 3 specifically comprises the following steps:
Step 3.1: assuming that have n column in list, any two column building certification tree, first row and the building certification of other column before this Tree, followed by secondary series to the last one arranges;First determine whether tree is sky, executes initTreeNode initialization if it is sky Root node then executes insert function according to the sequence in tables of data if not empty and is inserted into leaf node;
Step 3.2: first determining whether tree is sky, is then set to root node if it is sky, otherwise judges institute when insertion The size of the leaf node and root node to be inserted into;
Step 3.3: if being less than root node will be inserted into left subtree, being inserted into right subtree if more than root node;
Step 3.4: recording key the and value value of the node, key value stores the data key=v in the i-th columni, Value stores the data and digest value of jth column, is expressed asWherein C represents the node packet The set that the corresponding jth column data of all leaf nodes contained is constituted,Indicate the abstract of the node The digest value that root node stores is denoted as certification tree abstract dig by valuetree, i.e.,Wherein E represents jth column All data for including, are denoted as digtree=(digtree[0],digtree[1])。
Step 3.5: checking whether the left and right subtree of present node balances after insertion, if imbalance needs to be implemented Dan Xuan Turn or dual rotary makes to authenticate tree balance, while the abstract value of more new node;
Step 3.6: data execute the building that step 3.1 carries out next certification tree after last line has been inserted into judgement, Until completing the building of all certification trees.
The step 6 specifically comprises the following steps:
Step 6.1: user initiates range query and verifies;
Step 6.1.1: it takes i-th in database table to arrange and i-th arranges the certification tree A-Tree constructedi×i, carry out [α, β] Range query, wherein α, β represent the data in the table, return to value in query result and store i-th in [α, β] range The set that corresponding element is constituted is arranged, R is denoted as1
Step 6.1.2: the digest value dig that value is stored in record queries resultj[0](j∈R1) and certification path A- The digest value dig of the upper node of Pathj[0] (j ∈ A-Path) is used as evidence P1
Step 6.1.3: certification tree abstract dig is utilizedtree[0] and evidence P1The digest value dig of storagej[0](j∈R1)、 digj[0] (j ∈ A-Path) calculation equation digtree[0]=digj[0](j∈R1)·digj[0] (j ∈ A-Path) whether at It is vertical, if not, 0 is then exported, result R is refused1;If so, 1 is then exported, the result R of Connection inquiring is received1
Step 6.2: user initiates the connection inquiry and verifies;
Step 6.2.1: the A-Tree of the i-th column and the i-th column construction in database tablei×iCarry out the model of (- ∞ ,+∞) Inquiry is enclosed, query result is returned
Step 6.2.2: the A-Tree of jth column and jth column construction in database tablej×jCarry out the model of (- ∞ ,+∞) Inquiry is enclosed, query result is returned
Step 6.2.3: doing intersection operation, enables(wherein x, y Indicate unknown number), it calculatesAbbreviation is whole to be obtained
Step 6.2.4: it calculatesQS, r=gQ (s, r)
Step 6.2.5: output result R2For the set that the index of x in multinomial I (x) is constituted, evidence P=(Ir,Qs,r), card According to P2In include two tuples, be denoted as P2=(P2[1],P2[2]);
Step 6.2.6: judge equationIt is whether true, if not, result R is refused in output 02;If setting up Continue;
Step 6.2.7: A is calculated using public key PKs=gA(s), Br,s=gB(r,s)
Step 6.2.8: judge equationIt is whether true, if not, then export 0, refuse result R2;If so, then receive the result R of Connection inquiring2;Wherein e represents bilinear map;
Step 6.3: user initiates multiregion and inquires and verify;
Step 6.3.1: the t that user defines in database table is classified as reference columns, and wherein each element can be used as Unique identification of the row;
Step 6.3.2: the range to be inquired is set as the range of the i-th column and jth column, wherein meeting i-th is classified as [α, β], table Show the i-th column data v for a line any in databaseiThere is α < vi< β meets jth and is classified asIt indicates for data The jth column data v of any a line in libraryjHaveWherein φ,Represent the data in the table;
Step 6.3.3: it takes i-th in table to arrange and t column building authenticates tree A-Treei×t, the range query of [α, β] is carried out, It returns to value in query result and stores the set that the t in [α, β] range arranges corresponding element composition, be denoted as
Step 6.3.4: the jth in table is taken to arrange and t column building certification tree A-Treej×t, carry outRange query, Value in query result is returned to storeT arranges the set that corresponding element is constituted in range, is denoted as
Step 6.3.5: rightWithCarry out intersection operation;It enables It calculatesAbbreviation arranges to obtain Calculate Ir=gI(r), Qs,r=gq(s,r)
Step 6.3.6: output result R3For the set that the index of x in multinomial I (x) is constituted, evidence P3=(Ir,Qs,r), Evidence P3In include two tuples, be denoted as P3=(P3[1],P3[2]);
Step 6.3.7: judge equationIt is whether true, if not, result R is refused in output 03;If setting up Continue;
Step 6.3.8: A is calculated using public key PKs=gA(s), Br,s=gB(r,s)
Step 6.3.9: judge equationIt is whether true, if not, then export 0, refuse result R3;If so, then receive the result R of Connection inquiring3
Step 6.4: user initiates counting inquiry and verifies;
Step 6.4.1: constitutive equations A (x)=∑i∈Axi, calculate the result R of A (1) as counting inquiry4
Step 6.4.2: construction multinomial P (x)=(A (x)-A (1))/(x-1);
Step 6.4.3: evidence P is calculated4=gP(s)
Step 6.4.4: according to result R4, calculate
Step 6.4.5: g is calculated according to public key PKs-1
Step 6.4.6: verifying equationIt is whether true, if so, output 1 receives The result R of Connection inquiring4;Otherwise 0 is exported, result R is refused4
Step 6.5: user initiates summation and inquires and verify;
Step 6.5.1: constitutive equations A (x)=∑i∈Axi, calculate A'(1) and result R as counting inquiry5
Step 6.5.2: construction multinomial P (x)=(A (x)-A (1)-A'(1) (x-1))/(x-1)2
Step 6.5.3: g is calculatedP(s), export evidence P5=(A (1), gP(s));
Step 6.5.4: according to result R5, calculate
Step 6.5.5: it is calculated according to public key PK etc.And
Step 6.5.6: verifying equationIt is whether true, if It sets up, output 1 receives the result R of Connection inquiring5;Otherwise 0 is exported, result R is refused5
Step 6.6: user initiates minimum value and inquires and verify;
Step 6.6.1: least member in set L is checked or using the smallest index of multinomial as the inquiry of minimum value As a result R6
Step 6.6.2: constitutive equations A (x)=∑i∈Lxi, calculate and export evidence
Step 6.6.3: it calculates
Step 6.6.4: verifying equationIt is whether true, i.e. equationIt is whether true, if so, output 1 receives the result R of Connection inquiring6;Otherwise Result R is refused in output 06
Step 6.7: user initiates maximum value and inquires and verify;
Step 6.7.1: greatest member in set L is checked or using the maximum index of multinomial as the inquiry of maximum value As a result R7
Step 6.7.2: constitutive equations A (x)=∑i∈Lxi, calculate and export evidenceWherein A (r, s)=Σi∈Lrisq-i
Step 6.7.3: according to result and proof validation equationI.e.It is whether true, if so, output 1 receives the result of Connection inquiring R7;Otherwise 0 is exported, result R is refused7
The step 8 specifically comprises the following steps:
Step 8.1: user initiates insertion request;
Step 8.1.1: as upd=(ADD, v), wherein v represents the data of user's offer;The operation that user is substantially carried out It is to calculate the node that needs updateAs the abstract for updating posterior nodal point Value;
Step 8.1.2: each layer of A-Tree is begun stepping through from root node, finds and is inserted into dataPosition;
Step 8.1.3: updating the structure of A-Tree, constructs new node, adjusts tree construction, if certification tree is uneven Needs rotate after make tree structure keep balance;
Step 8.1.4: A-Tree is updatedupdOn node (key, value) value, until on root node (key, Value) value update finishes, and completes to update operation;
Step 8.2: user initiates removal request;
Step 8.2.1: as upd=(DEL, v), the operation that user is substantially carried out is to calculateAs the digest value for authenticating tree after update;
Step 8.2.2: each layer of ALTree is begun stepping through from root node, finds data to be deletedPosition;
Step 8.2.3: updating the structure of A-Tree, constructs new node, adjusts the structure of tree, if certification tree is uneven The needs of weighing apparatus make the structure of tree keep balance after rotating;
Step 8.2.4: A-Tree is updatedupdOn (key, value) value of node complete to update behaviour until root node Make;
Step 8.3: user initiates modification request;
Step 8.3.1: as upd=(CHANGE, v1,v2) when, wherein v1Represent the data that user needs to be inserted into, v2It represents User needs the data deleted;Modification operation is regarded as the combination of insertion and deletion algorithm;
It calculatesAs the digest value for authenticating tree after update;
Step 8.3.2: Outsourced database server needs more new data table, while updating A-Tree, adjustment certification tree Structure and (key, the value) value for updating each node;The process of update is that database is first carried out step 8.1 and carries out to v1's Then insertion executes step 8.2 and carries out to v2Deletion.
The beneficial effects of adopting the technical scheme are that a kind of outsourcing based on certification tree provided by the invention Database full operation inquiry validation system and method, the program can support comprehensive inquiry operation, including intersection of sets collection, simultaneously Connection inquiring, range query, multiregion, counting, summation, maximum are also supported in a variety of set operations such as collection, supplementary set and difference set Value, minimum value and nested query operation, it is full-featured, support full operation;Evidence size is Constant Grade, is stored independently of data The intermediate result of size and inquiry only depends on the quantity that query statement is decomposed into single query sentence;Verification efficiency is constant Grade has high efficiency independent of the size of Outsourced database;Public to can verify that, any user for possessing public key and abstract is It can complete the integrity verification to query result;Public renewable, any legitimate user can participate in the data of more new database, And independent of private key.
Detailed description of the invention
Fig. 1 is the Outsourced database full operation inquiry validation system signal provided in an embodiment of the present invention based on certification tree Figure;
Fig. 2 is the Outsourced database full operation enquiry and verification method process provided in an embodiment of the present invention based on certification tree Figure;
Fig. 3 is key product process figure provided in an embodiment of the present invention;
Fig. 4 is building provided in an embodiment of the present invention certification tree flow chart;
Fig. 5 is range query provided in an embodiment of the present invention and verification algorithm flow chart;
Fig. 6 is Connection inquiring provided in an embodiment of the present invention and verification algorithm flow chart;
Fig. 7 is multiregion provided in an embodiment of the present invention inquiry and verification algorithm flow chart;
Fig. 8 is counting inquiry provided in an embodiment of the present invention and verification algorithm flow chart;
Fig. 9 is summation provided in an embodiment of the present invention inquiry and verification algorithm flow chart;
Figure 10 is minimum value provided in an embodiment of the present invention inquiry and verification algorithm flow chart;
Figure 11 is maximum value provided in an embodiment of the present invention inquiry and verification algorithm flow chart;
Figure 12 is update flow chart provided in an embodiment of the present invention;
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below Example is not intended to limit the scope of the invention for illustrating the present invention.
This programme includes tripartite's entity, user terminal, Outsourced database server end and data owner;
Data owner: data owner is the original owner of data, the entity initialized to data.It is responsible for close Key generates and the initialization of system.Data are generated certification tree by data owner, and data set and certification tree are sent to outsourcing The abstract of certification tree is sent to user by database server.In addition, data owner can with ordinary user have inquiry and The function of update.
Outsourced database server: Outsourced database server executes storage, inquiry and updates operation.Server receives number The certification tree that sends according to owner simultaneously stores, while receiving client to the inquiry request of data, returns to the result and card of inquiry According to.In the more new stage, Outsourced database server needs the structure to certification tree to be updated.
User: comprising one or more, mainly inquiring data, and is able to verify that the correctness of data and complete Property.Any legitimate user can send inquiry request to server, and whether the result for verifying return is correct, if verifying is logical Cross, illustrate query result be correctly, if verifying do not pass through, illustrate inquiry the result is that mistake.Any legitimate user is Data can be updated, need when update and the interaction of Outsourced database server, user can directly be updated abstract.
The interactive process of tripartite's entity is as follows:
(1) data owner calls key schedule keyGen (1λ), it generates private key SK and is saved by data owner, it is public Key PK is disclosed.
(2) data owner calls initialization algorithm Setup (PK, D), generates certification tree A-Tree and certification tree abstract digtree.Data set D is sent to SQL query authentication module, certification tree A-Tree is sent to SQL query authentication module, is recognized Card tree abstract digtreeIt is sent to user terminal.
(3) SQL query authentication module according to different query types call different search algorithms simultaneously with initialization mould Block carries out data interaction, returns to query result and evidence.
Range query algorithm RangeQuery (q, A-Tree, PK) is then called if it is range query, is looked into if it is connection Connection inquiring algorithm JoinQuery (q, A-Tree, PK) is then called in inquiry, then calls search algorithm if it is multi-Dimensional Range inquiry MultidimensionalQuery (q, A-Tree, PK) then calls counting inquiry algorithm CountQuery if it is counting inquiry (q, A-Tree, PK) then calls algorithm SumQuery (q, A-Tree, PK) if it is summation inquiry, inquires if it is minimum value Then call search algorithm MinQuery (q, A-Tree, PK), if it is maximum value inquiry then call search algorithm MaxQuery (q, A-Tree,PK)。
(4) user also calls different verification algorithms according to query type after receiving query result and evidence.
RangeVerify (R, P, dig are then called if it is range querytree, PK), it is then called if it is Connection inquiring JoinVerify(R,P,digtree, PK), algorithm MultidimensionalVerify is then called if it is multi-Dimensional Range inquiry (R,P,digtree, PK), CountVerify (R, P, dig are then called if it is counting inquirytree, PK), it is inquired if it is summation Then call SumVerify (R, P, digtree, PK), MinVerify (R, P, dig are then called if it is minimum value inquirytree, PK), MaxVerify (R, P, dig are then called if it is maximum value inquirytree,PK)。
It is sent when user or data owner need to update and updates information to Outsourced database server, user or data are gathered around The person of having calls UpdateDig (upd, digtree, PK) algorithm to certification tree abstract be updated, Outsourced database server need UpdateTree (upd, D, A-Tree) algorithm is called to be updated certification tree.
The method of the present embodiment is as described below.
On the one hand, the present invention provides a kind of Outsourced database full operation inquiry validation system based on certification tree, such as Fig. 1 institute Show, including initialization module, SQL query authentication module, update module and display module;
The data that the initialization module is used to provide data owner carry out the generation of key and the building of certification tree;
The SQL query authentication module is embedded in outsourcing data server, including range query and authentication unit, Connection inquiring And authentication unit, multi-Dimensional Range are inquired and authentication unit, counting inquiry and authentication unit, summation inquiry and authentication unit, minimum Value inquiry and authentication unit and maximum value inquiry and authentication unit;The module is used for the content assignment according to user query to therewith Matched query unit extracts data in initialization module and is sent to display module after verifying;
The update module is embedded in outsourcing data server, for being requested according to the update of user in initialization module Data are updated, and the update request includes insertion, deletes and modify;
The display module is used to input user and wants the data of inquiry and show data required for user.
On the other hand, the present invention also provides a kind of Outsourced database full operation enquiry and verification method based on certification tree, lead to It crosses a kind of Outsourced database full operation inquiry validation system based on certification tree to realize, as shown in Fig. 2, including following step It is rapid:
Step 1: data owner executes key schedule using common parameter λ and generates public key PK and private key SK, such as Fig. 3 It is shown;
Step 1.1: data owner reads security parameter λ;
Step 1.2: executing BilinearGen algorithm and construct group G1,G2With generation member g;
Bilinear map generating algorithm: BilinearMapGen (1λ)→(e,g,G1,G2, p) and generate a bilinear map e:G1×G1→G2, wherein G1And G2It is the multiplicative cyclic group that rank is p, g indicates group G1A generation member.
Step 1.3: selection random number r, s is as private key SK;
Step 1.4: it is calculated using security parameter and private key as public key PK,Wherein Q=poly (λ).
Step 2: public key PK is sent to Outsourced database server and user by data owner;
Step 3: data owner executes Setup initialization algorithm using public key PK and data acquisition system D and generates certification tree A- Tree and certification tree abstract digtree, as shown in Figure 4;
Step 3.1: assuming that have n column in list, any two column building certification tree, first row and the building certification of other column before this Tree, followed by secondary series to the last one arranges.First determine whether tree is sky, executes initTreeNode initialization if it is sky Root node then executes insert function according to the sequence in tables of data if not empty and is inserted into leaf node;
Step 3.2: first determining whether tree is sky, is then set to root node if it is sky, otherwise judges institute when insertion The size of the leaf node and root node to be inserted into;
Step 3.3: if being less than root node will be inserted into left subtree, being inserted into right subtree if more than root node;
Step 3.4: recording key the and value value of the node, key value stores the data key=v in the i-th columni, Value stores the data and digest value of jth column, is expressed asWherein C represents the node packet The set that the corresponding jth column data of all leaf nodes contained is constituted,Indicate the abstract of the node The digest value that root node stores is denoted as certification tree abstract dig by valuetree, i.e.,Wherein E represents jth column All data for including, are denoted as digtree=(digtree[0],digtree[1])。
Step 3.5: checking whether the left and right subtree of present node balances after insertion, if imbalance needs to be implemented Dan Xuan Turn or dual rotary makes to authenticate tree balance, while the abstract value of more new node;
Step 3.6: data execute the building that step 3.1 carries out next certification tree after last line has been inserted into judgement, Until completing the building of all certification trees.
Step 4: certification tree A-Tree is sent to Outsourced database server by data owner, by certification tree abstract digtreeIt is sent to user;
Step 5: user initiates inquiry request to the SQL query authentication module of Outsourced database server;
Step 6: Outsourced database server executes search algorithm Query and generates result RηWith evidence Pη, looked into according to different Different search algorithms can be called by asking request Outsourced database;Then Outsourced database server is by result RηWith evidence PηIt sends To user terminal, wherein η=1,2,3,4,5,6,7;User executes Verify verification algorithm according to the result and evidence received and tests It whether correct demonstrate,proves result, is verified, exports 1, otherwise export 0;Wherein different inquiry requests includes range query and tests Card, Connection inquiring and verifying, multi-Dimensional Range inquiry and verifying, counting inquiry and verifying, summation inquiry and verifying, minimum value inquiry And verifying and maximum value are inquired and verifying;
Step 6.1: user initiates range query and verifies, as shown in Figure 5;
Step 6.1.1: it takes i-th in database table to arrange and i-th arranges the certification tree A-Tree constructedi×i, carry out [α, β] Range query, wherein α, β represent the data in the table, return to value in query result and store i-th in [α, β] range The set that corresponding element is constituted is arranged, R is denoted as1
Step 6.1.2: the digest value dig that value is stored in record queries resultj[0](j∈R1) and certification path A- The digest value dig of the upper node of Pathj[0] (j ∈ A-Path) is used as evidence P1
Step 6.1.3: certification tree abstract dig is utilizedtree[0] and evidence P1The digest value dig of storagej[0](j∈R1)、 digj[0] (j ∈ A-Path) calculation equation digtree[0]=digj[0](j∈R1)·digj[0] (j ∈ A-Path) whether at It is vertical, if not, 0 is then exported, result R is refused1;If so, 1 is then exported, the result R of Connection inquiring is received1
Step 6.2: user initiates the connection inquiry and verifies, as shown in Figure 6;
Step 6.2.1: the A-Tree of the i-th column and the i-th column construction in database tablei×iCarry out the model of (- ∞ ,+∞) Inquiry is enclosed, query result is returned
Step 6.2.2: the A-Tree of jth column and jth column construction in database tablej×jCarry out the model of (- ∞ ,+∞) Inquiry is enclosed, query result is returned
Step 6.2.3: doing intersection operation, enables(wherein x, y Indicate unknown number), it calculatesAbbreviation is whole to be obtained
Step 6.2.4: it calculatesQS, r=gQ (s, r)
Step 6.2.5: output result R2For the set that the index of x in multinomial I (x) is constituted, evidence P=(Ir,Qs,r), card According to P2In include two tuples, be denoted as P2=(P2[1],P2[2]);
Step 6.2.6: judge equationIt is whether true, if not, result R is refused in output 02;If setting up Continue;
Step 6.2.7: A is calculated using public key PKs=gA(s), Br,s=gB(r,s)
Step 6.2.8: judge equationIt is whether true, if not, then export 0, refuse result R2;If so, then receive the result R of Connection inquiring2;Wherein e represents bilinear map;
Step 6.3: user initiates multiregion and inquires and verify, as shown in Figure 7;
Step 6.3.1: the t that user defines in database table is classified as reference columns, and wherein each element can be used as Unique identification of the row;
Step 6.3.2: the range to be inquired is set as the range of the i-th column and jth column, wherein meeting i-th is classified as [α, β], table Show the i-th column data v for a line any in databaseiThere is α < vi< β meets jth and is classified asIt indicates for data The jth column data v of any a line in libraryjHaveWherein φ,Represent the data in the table;
Step 6.3.3: it takes i-th in table to arrange and t column building authenticates tree A-Treei×t, the range query of [α, β] is carried out, It returns to value in query result and stores the set that the t in [α, β] range arranges corresponding element composition, be denoted as
Step 6.3.4: the jth in table is taken to arrange and t column building certification tree A-Treej×t, carry outRange query, Value in query result is returned to storeT arranges the set that corresponding element is constituted in range, is denoted as
Step 6.3.5: rightWithCarry out intersection operation;It enablesMeter It calculatesAbbreviation arranges to obtain Calculate Ir=gI(r), Qs,r=gq(s,r)
Step 6.3.6: output result R3For the set that the index of x in multinomial I (x) is constituted, evidence P3=(Ir,Qs,r), Evidence P3In include two tuples, be denoted as P3=(P3[1],P3[2]);
Step 6.3.7: judge equationIt is whether true, if not, result R is refused in output 03;If setting up Continue;
Step 6.3.8: A is calculated using public key PKs=gA(s), Br,s=gB(r,s)
Step 6.3.9: judge equationIt is whether true, if not, then export 0, refuse result R3;If so, then receive the result R of Connection inquiring3
Step 6.4: user initiates counting inquiry and verifies, as shown in Figure 8;
Step 6.4.1: constitutive equations A (x)=∑i∈Axi, calculate the result R of A (1) as counting inquiry4
Step 6.4.2: construction multinomial P (x)=(A (x)-A (1))/(x-1);
Step 6.4.3: evidence P is calculated4=gP(s)
Step 6.4.4: according to result R4, calculate
Step 6.4.5: g is calculated according to public key PKs-1
Step 6.4.6: verifying equationIt is whether true, if so, output 1 receives The result R of Connection inquiring4;Otherwise 0 is exported, result R is refused4
Step 6.5: user initiates summation and inquires and verify, as shown in Figure 9;
Step 6.5.1: constitutive equations A (x)=∑i∈Axi, calculate A'(1) and result R as counting inquiry5
Step 6.5.2: construction multinomial P (x)=(A (x)-A (1)-A'(1) (x-1))/(x-1)2
Step 6.5.3: g is calculatedP(s), export evidence P5=(A (1), gP(s));
Step 6.5.4: according to result R5, calculate
Step 6.5.5: it is calculated according to public key PK etc.And
Step 6.5.6: verifying equationIt is whether true, if It sets up, output 1 receives the result R of Connection inquiring5;Otherwise 0 is exported, result R is refused5
Step 6.6: user initiates minimum value and inquires and verify, as shown in Figure 10;
Step 6.6.1: least member in set L is checked or using the smallest index of multinomial as the inquiry of minimum value As a result R6
Step 6.6.2: constitutive equations A (x)=∑i∈Lxi, calculate and export evidence
Step 6.6.3: it calculates
Step 6.6.4: verifying equationIt is whether true, i.e. equationIt is whether true, if so, output 1 receives the result R of Connection inquiring6;Otherwise Result R is refused in output 06
Step 6.7: user initiates maximum value and inquires and verify, as shown in figure 11;
Step 6.7.1: greatest member in set L is checked or using the maximum index of multinomial as the inquiry of maximum value As a result R7
Step 6.7.2: constitutive equations A (x)=∑i∈Lxi, calculate and export evidenceWherein A (r, s)=∑i∈Lrisq-i
Step 6.7.3: according to result and proof validation equationI.e.It is whether true, if so, output 1 receives the result R of Connection inquiring7; Otherwise 0 is exported, result R is refused7
Step 7: user will update the update module for requesting upd to be sent to Outsourced database server;
Step 8: user executes UpdateDig update digest algorithm and generates new certification tree digest value digtree-upd, and Outsourced database server executes UpdateTree operation and generates new data set DupdA-Tree is set with certificationtree-upd, such as Figure 12 It is shown;
Step 8.1: user initiates insertion request;
Step 8.1.1: as upd=(ADD, v), wherein v represents the data of user's offer;The operation that user is substantially carried out It is to calculate the node that needs updateAs the abstract for updating posterior nodal point Value;
Step 8.1.2: each layer of A-Tree is begun stepping through from root node, finds and is inserted into dataPosition;
Step 8.1.3: updating the structure of A-Tree, constructs new node, adjusts tree construction, if certification tree is uneven Needs rotate after make tree structure keep balance;
Step 8.1.4: A-Tree is updatedupdOn node (key, value) value, until on root node (key, Value) value update finishes, and completes to update operation;
Step 8.2: user initiates removal request;
Step 8.2.1: as upd=(DEL, v), the operation that user is substantially carried out is to calculateAs the digest value for authenticating tree after update;
Step 8.2.2: each layer of ALTree is begun stepping through from root node, finds data to be deletedPosition;
Step 8.2.3: updating the structure of A-Tree, constructs new node, adjusts the structure of tree, if certification tree is uneven The needs of weighing apparatus make the structure of tree keep balance after rotating;
Step 8.2.4: A-Tree is updatedupdOn (key, value) value of node complete to update behaviour until root node Make;
Step 8.3: user initiates modification request;
Step 8.3.1: as upd=(CHANGE, v1,v2) when, wherein v1Represent the data that user needs to be inserted into, v2It represents User needs the data deleted;Modification operation is regarded as the combination of insertion and deletion algorithm;
It calculatesAs the digest value for authenticating tree after update;
Step 8.3.2: Outsourced database server needs more new data table, while updating A-Tree, adjustment certification tree Structure and (key, the value) value for updating each node;The process of update is that database is first carried out step 8.1 and carries out to v1's Then insertion executes step 8.2 and carries out to v2Deletion.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used To modify to technical solution documented by previous embodiment, or some or all of the technical features are equal Replacement;And these are modified or replaceed, model defined by the claims in the present invention that it does not separate the essence of the corresponding technical solution It encloses.

Claims (6)

1. it is a kind of based on certification tree Outsourced database full operation inquiry validation system, it is characterised in that: including initialization module, SQL query authentication module, update module and display module;
The data that the initialization module is used to provide data owner carry out the generation of key and the building of certification tree;
The SQL query authentication module is embedded in outsourcing data server, including range query and authentication unit, Connection inquiring and tests Card unit, multi-Dimensional Range inquiry and authentication unit, counting inquiry and authentication unit, summation inquiry and authentication unit, minimum value are looked into Inquire about authentication unit and maximum value inquiry and authentication unit;The module is used for according to the content assignments of user query to matching Query unit, in initialization module extract data and by verifying after be sent to display module;
The update module is embedded in outsourcing data server, for being requested according to the update of user to the data in initialization module It is updated, the update request includes insertion, deletes and modify;
The display module is used to input user and wants the data of inquiry and show data required for user.
2. a kind of Outsourced database full operation enquiry and verification method based on certification tree, passes through a kind of base described in claim 1 It is realized in the Outsourced database full operation inquiry validation system of certification tree, it is characterised in that: the following steps are included:
Step 1: data owner executes key schedule using common parameter λ and generates public key PK and private key SK;
Step 2: public key PK is sent to Outsourced database server and user by data owner;
Step 3: data owner executes Setup initialization algorithm using public key PK and data acquisition system D and generates certification tree A-Tree Abstract dig is set with certificationtree
Step 4: certification tree A-Tree is sent to Outsourced database server by data owner, and abstract dig is set in certificationtreeHair Give user;
Step 5: user initiates inquiry request to the SQL query authentication module of Outsourced database server;
Step 6: Outsourced database server executes search algorithm Query and generates result RηWith evidence Pη, asked according to different inquiries Ask Outsourced database that can call different search algorithms;Then Outsourced database server is by result RηWith evidence PηIt is sent to use Family end, wherein η=1,2,3,4,5,6,7;User executes Verify verification algorithm verifying knot according to the result and evidence received Whether fruit is correct, is verified, and exports 1, otherwise exports 0;Wherein different inquiry requests includes range query and verifying, connects It connects inquiry and verifying, multi-Dimensional Range inquiry and verifying, counting inquiry and verifying, summation inquiry and verifying, minimum value inquiry and tests Card and maximum value inquiry and verifying;
Step 7: user will update the update module for requesting upd to be sent to Outsourced database server;
Step 8: user executes UpdateDig update digest algorithm and generates new certification tree digest value digtree-upd, and outsourcing Database server executes UpdateTree operation and generates new data set DupdA-Tree is set with certificationtree-upd
3. a kind of Outsourced database full operation enquiry and verification method based on certification tree according to claim 2, feature Be: the step 1 specifically comprises the following steps:
Step 1.1: data owner reads security parameter λ;
Step 1.2: executing BilinearGen algorithm and construct group G1,G2With generation member g;
Step 1.3: selection random number r, s is as private key SK;
Step 1.4: it is calculated using security parameter and private key as public key PK,Wherein q= poly(λ)。
4. a kind of Outsourced database full operation enquiry and verification method based on certification tree according to claim 2, feature Be: the step 3 specifically comprises the following steps:
Step 3.1: setting in list has n column, any two column building certification tree, before this first row and other column building certification tree, so After be secondary series to the last one column;First determine whether tree is sky, executes initTreeNode if it is sky and initializes root section Point then executes insert function according to the sequence in tables of data if not empty and is inserted into leaf node;
Step 3.2: first determining whether tree is sky, is then set to root node if it is sky, otherwise judgement to be inserted when insertion The size of the leaf node and root node that enter;
Step 3.3: if being less than root node will be inserted into left subtree, being inserted into right subtree if more than root node;
Step 3.4: recording key the and value value of the node, key value stores the data key=v in the i-th columni, value storage The data and digest value of jth column, are expressed asWhat wherein C represented that the node includes is all The set that the corresponding jth column data of leaf node is constituted,The digest value for indicating the node, by root section The digest value of point storage is denoted as certification tree abstract digtree, i.e.,Wherein E represents jth and arranges the institute for including There are data, is denoted as digtree=(digtree[0],digtree[1]);
Step 3.5: check whether the left and right subtree of present node balances after insertion, if imbalance need to be implemented single rotation or Dual rotary makes to authenticate tree balance, while the abstract value of more new node;
Step 3.6: data execute the building that step 3.1 carries out next certification tree after last line has been inserted into judgement, until Complete the building of all certification trees.
5. a kind of Outsourced database full operation enquiry and verification method based on certification tree according to claim 2, feature Be: the step 6 specifically comprises the following steps:
Step 6.1: user initiates range query and verifies;
Step 6.1.1: it takes i-th in database table to arrange and i-th arranges the certification tree A-Tree constructedi×i, carry out the model of [α, β] Inquiry is enclosed, wherein α, β represents the data in the table, returns to value in query result and stores the i-th column pair in [α, β] range The set that the element answered is constituted, is denoted as R1
Step 6.1.2: the digest value dig that value is stored in record queries resultj[0](j∈R1) and certification path A-Path The digest value dig of upper nodej[0] (j ∈ A-Path) is used as evidence P1
Step 6.1.3: certification tree abstract dig is utilizedtree[0] and evidence P1The digest value dig of storagej[0](j∈R1)、digj[0] (j ∈ A-Path) calculation equation digtree[0]=digj[0](j∈R1)·digj[0] whether (j ∈ A-Path) be true, if not It sets up, then exports 0, refuse result R1;If so, 1 is then exported, the result R of Connection inquiring is received1
Step 6.2: user initiates the connection inquiry and verifies;
Step 6.2.1: the A-Tree of the i-th column and the i-th column construction in database tablei×iThe range for carrying out (- ∞ ,+∞) is looked into It askes, returns to query result
Step 6.2.2: the A-Tree of jth column and jth column construction in database tablej×jThe range for carrying out (- ∞ ,+∞) is looked into It askes, returns to query result
Step 6.2.3: doing intersection operation, enables(wherein x, y are indicated Unknown number), it calculatesAbbreviation is whole to be obtained
Step 6.2.4: it calculatesQs,r=gq(s,r)
Step 6.2.5: output result R2For the set that the index of x in multinomial I (x) is constituted, evidence P=(Ir,Qs,r), evidence P2 In include two tuples, be denoted as P2=(P2[1],P2[2]);
Step 6.2.6: judge equationIt is whether true, if not, result R is refused in output 02;If establishment continue into Row;
Step 6.2.7: A is calculated using public key PKs=gA(s), Br,s=gB(r,s)
Step 6.2.8: judge equationIt is whether true, if not, 0 is then exported, refusal As a result R2;If so, then receive the result R of Connection inquiring2;Wherein e represents bilinear map;
Step 6.3: user initiates multiregion and inquires and verify;
Step 6.3.1: the t that user defines in database table is classified as reference columns, where wherein each element can be used as Capable unique identification;
Step 6.3.2: the range to be inquired is set as the range of the i-th column and jth column, is classified as [α, β] wherein meeting i-th, expression pair The i-th column data v of any a line in databaseiThere is α < vi< β meets jth and is classified asIt indicates in database The jth column data v of any a linejHaveWherein φ,Represent the data in the table;
Step 6.3.3: it takes i-th in table to arrange and t column building authenticates tree A-Treei×t, the range query of [α, β] is carried out, is returned Value stores the t in [α, β] range and arranges the set that corresponding element is constituted in query result, is denoted as
Step 6.3.4: the jth in table is taken to arrange and t column building certification tree A-Treej×t, carry outRange query, return Value is stored in query resultT arranges the set that corresponding element is constituted in range, is denoted as
Step 6.3.5: rightWithCarry out intersection operation;It enablesIt calculatesAbbreviation arranges to obtainMeter Calculate Ir=gI(r), Qs,r=gq(s,r)
Step 6.3.6: output result R3For the set that the index of x in multinomial I (x) is constituted, evidence P3=(Ir,Qs,r), evidence P3 In include two tuples, be denoted as P3=(P3[1],P3[2]);
Step 6.3.7: judge equationIt is whether true, if not, result R is refused in output 03;Continue if setting up It carries out;
Step 6.3.8: A is calculated using public key PKs=gA(s), Br,s=gB(r,s)
Step 6.3.9: judge equationIt is whether true, if not, 0 is then exported, is refused Exhausted result R3;If so, then receive the result R of Connection inquiring3
Step 6.4: user initiates counting inquiry and verifies;
Step 6.4.1: constitutive equations A (x)=∑i∈Axi, calculate the result R of A (1) as counting inquiry4
Step 6.4.2: construction multinomial P (x)=(A (x)-A (1))/(x-1);
Step 6.4.3: evidence P is calculated4=gP(s)
Step 6.4.4: according to result R4, calculate
Step 6.4.5: g is calculated according to public key PKs-1
Step 6.4.6: verifying equationIt is whether true, if so, output 1 receives connection The result R of inquiry4;Otherwise 0 is exported, result R is refused4
Step 6.5: user initiates summation and inquires and verify;
Step 6.5.1: constitutive equations A (x)=∑i∈Axi, calculate A'(1) and result R as counting inquiry5
Step 6.5.2: construction multinomial P (x)=(A (x)-A (1)-A'(1) (x-1))/(x-1)2
Step 6.5.3: g is calculatedP(s), export evidence P5=(A (1), gP(s));
Step 6.5.4: according to result R5, calculate
Step 6.5.5: it is calculated according to public key PK etc.And
Step 6.5.6: verifying equationIt is whether true, if so, Output 1, receives the result R of Connection inquiring5;Otherwise 0 is exported, result R is refused5
Step 6.6: user initiates minimum value and inquires and verify;
Step 6.6.1: least member in set L is checked or using the smallest index of multinomial as the query result of minimum value R6
Step 6.6.2: constitutive equations A (x)=∑i∈Lxi, calculate and export evidence
Step 6.6.3: it calculates
Step 6.6.4: verifying equationIt is whether true, i.e. equationIt is whether true, if so, output 1 receives the result R of Connection inquiring6;Otherwise Result R is refused in output 06
Step 6.7: user initiates maximum value and inquires and verify;
Step 6.7.1: greatest member in set L is checked or using the maximum index of multinomial as the query result of maximum value R7
Step 6.7.2: constitutive equations A (x)=∑i∈Lxi, calculate and export evidenceWherein A (r, S)=∑i∈Lrisq-i
Step 6.7.3: according to result and proof validation equationI.e.It is whether true, if so, output 1 receives the result R of Connection inquiring7; Otherwise 0 is exported, result R is refused7
6. a kind of Outsourced database full operation enquiry and verification method based on certification tree according to claim 2, feature Be: the step 8 specifically comprises the following steps:
Step 8.1: user initiates insertion request;
Step 8.1.1: as upd=(ADD, v), wherein v represents the data of user's offer;The operation that user is substantially carried out is pair The node for needing to update calculatesAs the digest value for updating posterior nodal point;
Step 8.1.2: each layer of A-Tree is begun stepping through from root node, finds and is inserted into dataPosition;
Step 8.1.3: updating the structure of A-Tree, constructs new node, adjusts tree construction, if certification tree is unbalanced need The structure of tree is set to keep balance after rotating;
Step 8.1.4: A-Tree is updatedupdOn node (key, value) value, until (key, value) value on root node Update finishes, and completes to update operation;
Step 8.2: user initiates removal request;
Step 8.2.1: as upd=(DEL, v), the operation that user is substantially carried out is to calculateAs the digest value for authenticating tree after update;
Step 8.2.2: each layer of ALTree is begun stepping through from root node, finds data to be deletedPosition;
Step 8.2.3: updating the structure of A-Tree, constructs new node, adjusts the structure of tree, if certification tree is unbalanced Need to make after rotating the structure of tree to keep balance;
Step 8.2.4: A-Tree is updatedupdOn (key, value) value of node complete to update operation until root node;
Step 8.3: user initiates modification request;
Step 8.3.1: as upd=(CHANGE, v1,v2) when, wherein v1Represent the data that user needs to be inserted into, v2Representing user needs The data to be deleted;Modification operation is regarded as the combination of insertion and deletion algorithm;
It calculatesAs the digest value for authenticating tree after update;
Step 8.3.2: Outsourced database server needs more new data table, while updating A-Tree, the structure of adjustment certification tree And update (key, value) value of each node;The process of update is that database is first carried out step 8.1 and carries out to v1Insert Enter, then executes step 8.2 and carry out to v2Deletion.
CN201910078738.2A 2019-01-28 2019-01-28 Outsourcing database full-operation query verification system and method based on authentication tree Active CN109800235B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910078738.2A CN109800235B (en) 2019-01-28 2019-01-28 Outsourcing database full-operation query verification system and method based on authentication tree

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910078738.2A CN109800235B (en) 2019-01-28 2019-01-28 Outsourcing database full-operation query verification system and method based on authentication tree

Publications (2)

Publication Number Publication Date
CN109800235A true CN109800235A (en) 2019-05-24
CN109800235B CN109800235B (en) 2021-06-15

Family

ID=66560399

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910078738.2A Active CN109800235B (en) 2019-01-28 2019-01-28 Outsourcing database full-operation query verification system and method based on authentication tree

Country Status (1)

Country Link
CN (1) CN109800235B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115426117A (en) * 2022-08-26 2022-12-02 湖南大学 Multi-source aggregation query verification method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304423A (en) * 2008-07-08 2008-11-12 北京邮电大学 Method and system for authenticating user identification
CN101867929A (en) * 2010-05-25 2010-10-20 北京星网锐捷网络技术有限公司 Authentication method, system, authentication server and terminal equipment
WO2017023388A2 (en) * 2015-07-07 2017-02-09 Private Machines Inc. Secure data management system and method
CN107451281A (en) * 2017-08-08 2017-12-08 东北大学 Outsourced database SQL query integrity verification system and method based on ADS
CN109274655A (en) * 2018-09-04 2019-01-25 东北大学 A kind of inquiry integrity verification system and method facing out packet stream data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304423A (en) * 2008-07-08 2008-11-12 北京邮电大学 Method and system for authenticating user identification
CN101867929A (en) * 2010-05-25 2010-10-20 北京星网锐捷网络技术有限公司 Authentication method, system, authentication server and terminal equipment
WO2017023388A2 (en) * 2015-07-07 2017-02-09 Private Machines Inc. Secure data management system and method
CN107451281A (en) * 2017-08-08 2017-12-08 东北大学 Outsourced database SQL query integrity verification system and method based on ADS
CN109274655A (en) * 2018-09-04 2019-01-25 东北大学 A kind of inquiry integrity verification system and method facing out packet stream data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
孙奕等: "一种具有访问控制的云平台下外包数据流动态可验证方法", 《计算机学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115426117A (en) * 2022-08-26 2022-12-02 湖南大学 Multi-source aggregation query verification method
CN115426117B (en) * 2022-08-26 2024-04-26 湖南大学 Multisource aggregation query verification method

Also Published As

Publication number Publication date
CN109800235B (en) 2021-06-15

Similar Documents

Publication Publication Date Title
US11743137B2 (en) Systems, methods, and apparatuses for implementing a metadata driven rules engine on blockchain using distributed ledger technology (DLT)
Wu et al. VQL: Efficient and verifiable cloud query services for blockchain systems
US11811769B2 (en) Systems, methods, and apparatuses for implementing a declarative, metadata driven, cryptographically verifiable multi-network (multi-tenant) shared ledger
US11824864B2 (en) Systems, methods, and apparatuses for implementing a declarative and metadata driven blockchain platform using distributed ledger technology (DLT)
US11469886B2 (en) System or method to implement record level access on metadata driven blockchain using shared secrets and consensus on read
US11886421B2 (en) Systems, methods, and apparatuses for distributing a metadata driven application to customers and non-customers of a host organization using distributed ledger technology (DLT)
US11783024B2 (en) Systems, methods, and apparatuses for protecting consumer data privacy using solid, blockchain and IPFS integration
US11876910B2 (en) Systems, methods, and apparatuses for implementing a multi tenant blockchain platform for managing Einstein platform decisions using distributed ledger technology (DLT)
US20200250177A1 (en) Systems, methods, and apparatuses for implementing an sql query and filter mechanism for blockchain stored data using distributed ledger technology (dlt)
CN110912707B (en) Block chain-based digital certificate processing method, device, equipment and storage medium
CN109165190A (en) A kind of electronic data based on block chain intelligence contract deposits card method
CN110417790A (en) Block chain system of real name queuing system and method
CN110417863A (en) Generate method and apparatus, identity authentication method and the device of identity code
CN113037505B (en) Method and system for realizing trusted Web application
CN106899548A (en) A kind of IP address modification method and device
CN113011883A (en) Data processing method, device, equipment and storage medium
CN114710357A (en) Dynamic searchable encryption method supporting block verification in editable block chain
CN109800235A (en) A kind of Outsourced database full operation inquiry validation system and method based on certification tree
CN111488343A (en) E-commerce data uplink method and device based on business data block chain
CN111861117A (en) Musical instrument evaluation data sharing method and system based on alliance chain
CN111488356A (en) Data storage method and device for service data block chain
CN110532238A (en) Contract management system and method based on block chain technology
KR20220056036A (en) Transaction execution device to implement a virtual machine based on a zero-knowledge proof circuit for general operation verification
CN105912574B (en) A kind of Spatial data query verification method that multi-user determines
CN111339189A (en) Data processing method and device and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant