Abstract:
In this modern age, we are marching towards automation, data centralization in
every field of life. We are dependent on databases for storage of data from applications
like medical, banking, and stock exchange. Integrity of data is dependent on the
security of the server hosting databases. Security of servers cannot be guaranteed
because of sophisticated hacking tools, advance malwares, viruses and widespread
vulnerabilities in software. So, there is a need to build secure web based framework
that can ensure the integrity of data in fully compromised environment. In fully
compromised environment an attacker has full access to the server and can change
data in databases. User of an application cannot detect that data coming from server
is not corrupted. So, solution for this problem is verifiable queries, which means that
user can verify with cryptographic proof at web browser end that the data coming
from database against his query is correct. This solution is implemented to provide
data integrity in fully compromised environment. In this implementation, proof is
calculated at the time of write operation to the database. Write operations consist of
insert, update and delete functions. This proof is stored on blockchain. Later on, when
a user performs read operation (i.e. read, find, and sum) from databases, user gets
results along with some proof helpers. User can verify the integrity of result at
browser end by calculating proof from proof helper and comparing with proof from
blockchain. Properties of integrity correctness, completeness, and freshness are
ensured in our solution. Our solution can be integrated with all web applications with
high integrity requirements. However, as a proof of concept, we have integrated this
solution with a medical application. The performance evaluation of our solution
shows that both proof calculation and verification is efficient in terms of memory
requirements and latency.
