CHAPTER 14 also represents a weakness for the integrity of the data. In Ref. [37] the authors propose an exten- sion to condensed RSA and BGLS techniques that makes them immutable. Such an extension is based on zero knowledge protocols that allow a server to only reveal a proof of the knowl- edge of the aggregated signature associated with a query result, instead of revealing the signature itself. Protecting Data in Outsourcing Scenarios 381 14.4.2. Integrity in Query Computation In addition to providing assurance on the fact that data stored at external servers are protected from unauthorized changes (data integrity in stor- age), it is also becoming more and more important to guarantee the correctness and completeness of query results. The verification of the integrity of data processing results is particularly difficult to range queries. Given an attribute A defined over domain D and characterized by a total order rela- tionship, the content of the outsourced relation is ordered with respect to the value that attribute A assumes in each tuple. The signature associ- ated with each tuple t i is then computed by sign- ing the string resulting from the concatenation of h (t i -1 ) with h (t i ), where h is a one-way hash function and t i -1 is the tuple preceding t i in the order defined by attribute A over the outsourced relation. If the result of a range query operating on attribute A is not complete since one tuple, say t i , has been omitted by the external server, the signature verification process reveals that the result is not complete. In fact, during the veri- fication process, the client computes a signature for tuple t i +1 , that is h (t i -1 )||h (t i +1 ), which is dif- ferent from the original signature associated with t i +1 (i.e., h (t i )||h (t i +1 )). The main limitation of this solution is that it guarantees the complete-