Authentic Third-Party Data Publication Export

@inproceedings{citeulike:3154224, abstract = {Integrity critical databases, such as financial information, used in high-value decisions, are frequently published over the internet. Publishers of such data must satisfy the integrity, authenticity, and non-repudiation requirements of end clients. Providing this protection over public data networks is costly. This is partly because building and running secure systems is hard. In practice, large systems can not be verified to be secure and are frequently penetrated. The negative consequences of a system intrusion at the data publisher can be severe. The problem is further complicated by data and server replication to satisfy availability and scalability requirements. We aim to reduce the trust required of the publisher of large, infrequently updated databases. To do this, we separate the roles of owner and publisher. With a few trusted digital signatures on the part of the owner, an untrusted publisher can use techniques based on Merkle hash trees, to provide authenticity and non-repudiation of the answer to a database query. We do not require a key to be held in an on-line system, thus reducing the impact of system penetrations. By allowing untrusted publishers, our solution moves towards more scaleable publication of large databases. 1}, author = {Devanbu, Prem and Gertz, Michael and Martel, Chip and Stubblebine, Stuart G.}, booktitle = {In Fourteenth IFIP 11.3 Conference on Database Security}, citeulike-article-id = {3154224}, citeulike-linkout-0 = {http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.42.8493}, keywords = {database, merkle}, pages = {101--112}, posted-at = {2008-08-25 23:14:53}, priority = {2}, title = {Authentic Third-Party Data Publication}, url = {http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.42.8493}, year = {2000} }

TY - CONF ID - citeulike:3154224 L3 - citeulike-article-id:3154224 N2 - Integrity critical databases, such as financial information, used in high-value decisions, are frequently published over the internet. Publishers of such data must satisfy the integrity, authenticity, and non-repudiation requirements of end clients. Providing this protection over public data networks is costly. This is partly because building and running secure systems is hard. In practice, large systems can not be verified to be secure and are frequently penetrated. The negative consequences of a system intrusion at the data publisher can be severe. The problem is further complicated by data and server replication to satisfy availability and scalability requirements. We aim to reduce the trust required of the publisher of large, infrequently updated databases. To do this, we separate the roles of owner and publisher. With a few trusted digital signatures on the part of the owner, an untrusted publisher can use techniques based on Merkle hash trees, to provide authenticity and non-repudiation of the answer to a database query. We do not require a key to be held in an on-line system, thus reducing the impact of system penetrations. By allowing untrusted publishers, our solution moves towards more scaleable publication of large databases. 1 EP - 112 TI - Authentic Third-Party Data Publication T2 - In Fourteenth IFIP 11.3 Conference on Database Security SP - 101 KW - database KW - merkle AU - Devanbu, Prem AU - Gertz, Michael AU - Martel, Chip AU - Stubblebine, Stuart PY - 2000/// UR - http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.42.8493 ER -