Implementing a tamper-evident database system

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3818 LNCS, Issue , 2005, Pages 28-48

  Miklau, Gerome ^a   Suciu, Dan ^b  

^a UNIVERSITY OF MASSACHUSETTS   (United States)

^b UNIVERSITY OF WASHINGTON   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CLIENT-SIDE COMPUTATION; CRYPTOGRAPHIC GUARANTEES; DATABASE SERVER; PERFORMANCE PENALTY;

COMPUTATIONAL METHODS; COMPUTER SCIENCE; CRYPTOGRAPHY; DATA PROCESSING; SERVERS; TREES (MATHEMATICS);

RELATIONAL DATABASE SYSTEMS;

EID: 33744927171     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11596370_5     Document Type: Conference Paper

References (23)

1. G. Anley. Advanced SQL injection in SQL server applications. NGSSoftware Insight Security, available from www.ngssoftware.com, 2002.
2. E. Bertino, G. Mella, G. Correndo, and E. Ferrari. An infrastructure for managing secure update operations on xml data. In Symposium on Access control models and technologies, pages 110-122. ACM Press, 2003.
3. P. Devanbu, M. Gertz, A. Kwong, G. Martel, G. Nuckolls, and S. G. Stubblebine. Flexible authentication of XML documents. In Proceedings of the 8th ACM conference, on Computer and Communications Security, pages 136-145. ACM Press, 2001.
4. P. Devanbu, M. Gertz, G. Martel, and S. G. Stubblebine. Authentic data publication over the internet. J. of Computer Security, 11(3):291-314, 2003.
5. P. T. Devanbu, M. Gertz, G. Martel, and S. G. Stubblebine. Authentic third-party data publication. In IFIP Work, on Database Security, 2000.
6. H. Edelsbrunner. Dynamic data structures for orthogonal intersection queries. Technical report, Technical University of Graz, Austria, 1980.
7. Secure hash standard (SHA). Federal Information Processing Standard Publication 180-2, 2000.
8. L. A. Gordon, M. P. Loeb, W. Lucyshyn, and R. Richardson. 2004 CSI/FBI computer crime and security survey. Computer Security Institute, 2004.
9. P. C. Kocher. On certificate revocation and validation. In Fin. Cryptography, pages 172-177, 1998.
10. H.-P. Kriegel, M. Potke, and T. Seidl. Managing intervals efficiently in object-relational databases. In VLDB Conference, pages 407-418, 2000.
11. R. G. Merkle. Secrecy, authentication, and public key systems. PhD thesis, Information Systems Laboratory, Stanford University, 1979.
12. R. C. Merkle. Protocols for public key cryptosystems. In Symp. Security & Privacy, 1980.
13. R. G. Merkle. A certified digital signature. In CRYPTO, pages 218-238, 1989.
14. S. Micali, M. O. Rabin, and J. Kilian. Zero-knowledge sets. In FOCS, 2003.
15. G. Miklau and D. Suciu. Managing integrity for data exchanged on the web. In A. Doan, F. Neven, R. McCann, and G. J. Bex, editors, WebDB, pages 13-18, 2005.
16. M. Naor and K. Nissim. Certificate revocation and certificate update. In USENIX Security Symp., 1998.
17. R. Ostrovsky, C. Rackoff, and A. Smith. Efficient consistency proofs on a committed database.
18. The 10 most critical web application security vulnerabilities. OWASP http://aspectsecurity.com/topten/, Jan 2004.
19. H. Pang, A. Jain, K. Ramamritham, and K.-L. Tan. Verifying completeness of relational query results in data publishing. In SIGMOD Conference, pages 407-418, 2005.
20. H. Pang and K.-L. Tan. Authenticating query results in edge computing. In ICDE, 2004.
21. F. P. Preparata and M. I. Shamos. Computational Geometry. Springer-Verlag, New York, NY, 1985.
22. The 20 most critical internet security vulnerabilities. SANS Inst. http://www.sans.org/top20/, Oct 2004.
23. SQL injection: Are your web applications vulnerable? SPI Dynamics Inc. White Paper, Retrieved Oct 1, 2004 from: www.spidynamics.com, 2002.