Privacy-preserving data utilization in hybrid clouds

As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud, which raises a new challenge on how to utilize the outsourced data in a privacy-preserving manner. Although searchable encryption allows for privacy-preserving keyword search over encrypted data, it could not work effectively for restricting unauthorized access to the outsourced private data. In this paper, aiming at tackling the challenge of privacy-preserving utilization of data in cloud computing, we propose a practical hybrid architecture in which a private cloud is introduced as an access interface between the data owner/user and the public cloud. Under this architecture, a data utilization system is provided to achieve both exact keyword search and fine-grained access control over encrypted data. Security and efficiency analysis for the proposed system are presented in detail. Then, further enhancements for this system are considered in two steps. (1) We show how to extend our system to support efficient fuzzy keyword search while overcoming the disadvantage of insignificant decryption in the existing privacy-preserving fuzzy keyword search scheme. (2) We demonstrate approaches to realize an outsourcing cryptographic access control mechanism and further reduce the computational cost at the data user side.     

Preferred search over encrypted data

Cloud computing provides elastic data storage and processing services. Although existing research has proposed preferred search on the plaintext files and encrypted search, no method has been proposed that integrates the two techniques to efficiently conduct preferred and privacy-preserving search over large datasets in the cloud.In this paper, we propose a scheme for preferred search over encrypted data (PSED) that can take users’ search preferences into the search over encrypted data. In the search process, we ensure the confidentiality of not only keywords but also quantified preferences associated with them. PSED constructs its encrypted search index using Lagrange coefficients and employs secure inner-product calculation for both search and relevance measurement. The dynamic and scalable property of cloud computing is also considered in PSED. A series of experiments have been conducted to demonstrate the efficiency of the proposed scheme when deploying it in real-world scenarios.     

Multi-Keyword search over encrypted data with scoring and search pattern obfuscation

Search over encrypted data recently became a critical operation that raised a considerable amount of interest in both academia and industry. Especially, as outsourcing, sensitive data to cloud prove to be a strong trend to benefit from the unmatched storage and computing capacities thereof. Indeed, privacy-preserving search over encrypted data, an apt term to address privacy-related issues concomitant in outsourcing sensitive data, have been widely investigated in the literature under different models and assumptions. In this work, we propose an efficient scheme that allows privacy-preserving search over encrypted data using queries with multiple keywords. Most important contributions of this work are as follows. Firstly, using a property referred as \(\delta \)-mean query obfuscation, the proposed scheme hides the search patterns, which are allowed to leak in many works in the literature including our preliminary work on the subject Orencik et al. (2013) [1]. Secondly, a two-server setting is employed to eliminate the correlation between the queries and matching documents sent to the user under the assumption that the two servers are not colluding. Thirdly, we propose a novel compression scheme that reduces both the communication cost between the two servers and the computation cost of the search operation more than 55 times compared to the standard approach. And finally, the proposed scheme also provides an effective scoring and ranking capability that is based on term frequency–inverse document frequency (tf-idf) weights of keyword–document pairs. Our analyses demonstrate that the proposed scheme is privacy-preserving, efficient and effective.     

面向混合云的可并行多关键词Top-k密文检索技术

随着云计算技术的迅猛发展,越来越多的企业和个人青睐使用私有云和公有云相结合的混合云环境,用于外包存储和管理其私有数据。为了保护外包数据的私密性,数据加密是一种常用的隐私保护手段,但这同时也使得针对加密数据的搜索成为一个具有挑战性的问题。文中提出了面向混合云的可并行的多关键词Top-k密文检索方案。该方案通过对文档、关键词分组进行向量化处理,并引入对称加密和同态矩阵加密机制,保护外包数据的私密性,同时支持多关键词密文检索;通过引入MapReduce计算模式,使得公有云和私有云合作完成的密文检索过程能够按照并行化方式执行,从而能够支持针对大规模加密数据的并行化检索。安全分析和实验结果表明,提出的检索方案能够保护外包数据的隐私,且其检索效率优于现有的同类方案。     

VCKSM: Verifiable conjunctive keyword search over mobile e-health cloud in shared multi-owner settings

Searchable encryption (SE) is a promising technique which enables cloud users to conduct search over encrypted cloud data in a privacy-preserving way, especially for the electronic health record (EHR) system that contains plenty of medical history, diagnosis, radiology images, etc. In this paper, we focus on a more practical scenario, also named as the shared multi-owner settings, where each e-health record is co-owned by a fixed number of parties. Although the existing SE schemes under the unshared multi-owner settings can be adapted to this shared scenario, these schemes have to build multiple indexes, which definitely incur higher computational overhead. To save bandwidth and computing resources in cloud servers and guarantee the correctness of search results, we present a secure cryptographic primitive, namely verifiable conjunctive keyword search over mobile e-health cloud scheme, in the shared multi-owner settings by utilizing multisignatures technique. Formal security analysis proves that our scheme is secure against the keyword guessing attacks in standard model. Empirical study using a real-world dataset justifies that our scheme is efficient and feasible in practical applications.     

Privacy-preserving conjunctive keyword search on encrypted data with enhanced fine-grained access control

Cloud storage over the internet gives opportunities for easy data sharing. To preserve the privacy of sharing data, the outsourced data is usually encrypted. The searchable encryption technique provides a solution to find the target data in the encrypted form. And the public-key encryption with keyword search is regarded as a major approach for the searchable encryption technique. However, there are still several privacy leakage challenges for the further adoption of these major schemes. One is how to resist the keyword guessing attack which still leaks data user’s keywords privacy. Another is how to construct the access control policy to prevent illegal access of outsourced data sharing since illegal access always leak the privacy of user’s attribute. In our paper, we firstly try to design a novel secure keyword index to resist the keyword guessing attack from access pattern and search pattern. Second, we propose an attribute-based encryption scheme which supports an enhanced fine-grained access control search. This allows the authenticated users to access different data although their searching request contains the same queried keywords, and meanwhile unauthenticated users cannot get any attribute privacy information. Third, we give security proofs to show that the construction of keyword index is against keyword guessing attack from the access pattern and search pattern, and our scheme is proved to be IND-CPA secure (the indistinguishability under chosen plaintext attack) under the standard model. Finally, theoretical analyses and a series of experiments are conducted to demonstrate the efficiency of our scheme.

     

Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack

Attribute-based encryption with keyword search (ABKS) enables data owners to grant their search capabilities to other users by enforcing an access control policy over the outsourced encrypted data. However, existing ABKS schemes cannot guarantee the privacy of the access structures, which may contain some sensitive private information. Furthermore, resulting from the exposure of the access structures, ABKS schemes are susceptible to an off-line keyword guessing attack if the keyword space has a polynomial size. To solve these problems, we propose a novel primitive named hidden policy ciphertext-policy attribute-based encryption with keyword search (HP-CPABKS). With our primitive, the data user is unable to search on encrypted data and learn any information about the access structure if his/her attribute credentials cannot satisfy the access control policy specified by the data owner. We present a rigorous selective security analysis of the proposed HP-CPABKS scheme, which simultaneously keeps the indistinguishability of the keywords and the access structures. Finally, the performance evaluation verifies that our proposed scheme is efficient and practical.     

加密云数据下的关键词模糊搜索方案

对于加密云数据的搜索,传统的关键词模糊搜索方案虽然能搜索到相关文档,但是搜索的结果并不令人满意。在用户输入正确的情况下,无法完成近似搜索,当用户出现拼写错误时,返回的结果中包含大量无关关键词文档,严重浪费了带宽资源。针对目前在加密云数据下关键词模糊搜索的缺陷,提出了一种新型的关键词模糊搜索方案,通过对关键词计算相关度分数并对文档根据相关度分数进行排序,将top-k（即相关度最高的k个文档）个文档返回给搜索用户,减少了不必要的带宽浪费和用户寻找有效文档的时间消耗,提供了更加有效的搜索结果,并且通过引入虚假陷门集,增大了云服务器对文档关键词的分析难度,增加了系统的隐私性保护。     

Efective Error-Tolerant Keyword Search for Secure Cloud Computing简

The existing solutions to keyword search in the cloud can be divided into two categories： searching on exact keywords and searching on error-tolerant keywords. An error-tolerant keyword search scheme permits to make searches on encrypted data with only an approximation of some keyword. The scheme is suitable to the case where users＇ searching input might not exactly match those pre-set keywords. In this paper, we first present a general framework for searching on error-tolerant keywords. Then we propose a concrete scheme, based on a fuzzy extractor, which is proved secure against an adaptive adversary under well-defined security definition. The scheme is suitable for all similarity metrics including Hamming distance, edit distance, and set difference. It does not require the user to construct or store anything in advance, other than the key used to calculate the trapdoor of keywords and the key to encrypt data documents. Thus, our scheme tremendously eases the users＇ burden. What is more, our scheme is able to transform the servers＇ searching for error-tolerant keywords on ciphertexts to the searching for exact keywords on plaintexts. The server can use any existing approaches of exact keywords search to search plaintexts on an index table.     

一种云环境中密文数据的模糊多关键词检索方案

越来越多的企业和个人用户将大量的数据存储在云服务器。为了保障数据隐私,重要数据以密文形式存储在云端,但却给数据检索操作带来严峻挑战。传统的基于明文的检索方案不再适用,已有的基于密文的检索方案存在不支持模糊检索或多关键词检索、效率较低、空间开销较大、不支持检索结果排序等问题。因此,研究安全高效的密文检索方法具有重要意义。提出了一种新的云环境中密文数据的模糊多关键词检索方案,该方案能够从云服务器上检索出包含有指定多个关键词的密文,支持模糊关键词检索,并且不会向云服务器和其他攻击者泄露与数据和检索相关的任何明文信息;使用计数型布隆过滤器和MinHash算法构建索引向量和查询向量,使得索引构建和查询过程更加高效,且排序结果更加准确。安全性分析和性能评估表明该方案具有高安全性、可靠性、检索效率和准确率。     

Efficient wildcard search over encrypted data

Searchable encryption is an important technique that allows the data owners to store their encrypted data in the cloud. It also maintains the ability to search a keyword over encrypted data. In practice, searchable encryption scheme supporting wildcard search is very important and widely used. In this paper, we propose a new wildcard search technique to use one wildcard to represent any number of characters. Based on Bloom filter with a novel specified characters position technique, we construct a new searchable symmetric scheme to support wildcard search over encrypted data. This scheme is more efficient than prior schemes, and it can be strengthened to be secure against an adaptive attacker (CKA-2 security). Moreover, this scheme can be dynamic to support file addition and deletion. Our wildcard search technique is of independent interest.     

An effective 3-in-1 keyword search method over heterogeneous data sources

Conventional keyword search engines are restricted to a given data model and cannot easily adapt to unstructured, semi-structured or structured data. In this paper, we propose an efficient and adaptive keyword search method, called EASE, for indexing and querying large collections of heterogeneous data. To achieve high efficiency in processing keyword queries, we first model unstructured, semi-structured and structured data as graphs, and then summarize the graphs and construct graph indices instead of using traditional inverted indices. We propose an extended inverted index to facilitate keyword-based search, and present a novel ranking mechanism for enhancing search effectiveness. We have conducted an extensive experimental study using real datasets, and the results show that EASE achieves both high search efficiency and high accuracy, and outperforms the existing approaches significantly.     

VKSE-MO: verifiable keyword search over encrypted data in multi-owner settings

Searchable encryption (SE) techniques allow cloud clients to easily store data and search encrypted data in a privacy-preserving manner, where most of SE schemes treat the cloud server as honest-but-curious. However, in practice, the cloud server is a semi-honest-but-curious third-party, which only executes a fraction of search operations and returns a fraction of false search results to save its computational and bandwidth resources. Thus, it is important to provide a results verification method to guarantee the correctness of the search results. Existing SE schemes allow multiple data owners to upload different records to the cloud server, but these schemes have very high computational and storage overheads when applied in a different but more practical setting where each record is co-owned by multiple data owners. To address this problem, we develop a verifiable keyword search over encrypted data in multi-owner settings (VKSE-MO) scheme by exploiting the multisignatures technique. Thus, our scheme only requires a single index for each record and data users are assured of the correctness of the search results in challenging settings. Our formal security analysis proved that the VKSE-MO scheme is secure against a chosen-keyword attack under a random oracle model. In addition, our empirical study using a real-world dataset demonstrated the efficiency and feasibility of the proposed scheme in practice.     

ABKS-SKGA: Attribute-based keyword search secure against keyword guessing attack

In order to guarantee security and privacy of sensitive data, attribute-based keyword search (ABKS) enables data owners to upload their encrypted data to cloud servers, and authorizes intended data users to retrieve it. Meanwhile, ABKS outsources heavy search work to cloud servers, which makes ABKS adaptive to mobile computing environment. However, as cloud servers can both generate keyword ciphertexts and run search algorithm, the existing most ABKS schemes are vulnerable to keyword guessing attack. In this paper, we show the fundamental cause that the existing ABKS schemes do not resist keyword guessing attack is any entity can generate keyword ciphertext. To solve the above problem, in the phase of keyword ciphertext generation, we use private key of data owner to sign keyword prior to generating keyword ciphertext. Therefore, any other entity does not forge keyword ciphertext, which can resist keyword guessing attack. We give the formal definition and security model of attributed-based keyword search secure against keyword guessing attack (ABKS-SKGA). Furthermore, we provide an ABKS-SKGA scheme. The ABKS-SKGA scheme is proved secure against chosen-plaintext attack (CPA). Performance analysis shows that the proposed scheme is practical.     

An efficient PHR service system supporting fuzzy keyword search and fine-grained access control

Outsourcing of personal health record (PHR) has attracted considerable interest recently. It can not only bring much convenience to patients, it also allows efficient sharing of medical information among researchers. As the medical data in PHR is sensitive, it has to be encrypted before outsourcing. To achieve fine-grained access control over the encrypted PHR data becomes a challenging problem. In this paper, we provide an affirmative solution to this problem. We propose a novel PHR service system which supports efficient searching and fine-grained access control for PHR data in a hybrid cloud environment, where a private cloud is used to assist the user to interact with the public cloud for processing PHR data. In our proposed solution, we make use of attribute-based encryption (ABE) technique to obtain fine-grained access control for PHR data. In order to protect the privacy of PHR owners, our ABE is anonymous. That is, it can hide the access policy information in ciphertexts. Meanwhile, our solution can also allow efficient fuzzy search over PHR data, which can greatly improve the system usability. We also provide security analysis to show that the proposed solution is secure and privacy-preserving. The experimental results demonstrate the efficiency of the proposed scheme.     

Achieving fully privacy-preserving private range queries over outsourced cloud data

With the prevalence of cloud computing, data owners are motivated to outsource their databases to the cloud server. However, to preserve data privacy, sensitive private data have to be encrypted before outsourcing, which makes data utilization a very challenging task. Existing work either focus on keyword searches and single-dimensional range query, or suffer from inadequate security guarantees and inefficiency. In this paper, we consider the problem of multidimensional private range queries over encrypted cloud data. To solve the problem, we systematically establish a set of privacy requirements for multidimensional private range queries, and propose a multidimensional private range query (MPRQ) framework based on private block retrieval (PBR), in which data owners keep the query private from the cloud server. To achieve both efficiency and privacy goals, we present an efficient and fully privacy-preserving private range query (PPRQ) protocol by using batch codes and multiplication avoiding technique. To our best knowledge, PPRQ is the first to protect the query, access pattern and single-dimensional privacy simultaneously while achieving efficient range queries. Moreover, PPRQ is secure in the sense of cryptography against semi-honest adversaries. Experiments on real-world datasets show that the computation and communication overhead of PPRQ is modest.     

Verifiable searchable symmetric encryption for conjunctive keyword queries in cloud storage

Searchable symmetric encryption (SSE) has been introduced for secure outsourcing the encrypted database to cloud storage, while maintaining searchable features. Of various SSE schemes, most of them assume the server is honest but curious, while the server may be trustless in the real world. Considering a malicious server not honestly performing the queries, verifiable SSE (VSSE) schemes are constructed to ensure the verifiability of the search results. However, existing VSSE constructions only focus on single-keyword search or incur heavy computational cost during verification. To address this challenge, we present an efficient VSSE scheme, built on OXT protocol (Cash et al., CRYPTO 2013), for conjunctive keyword queries with sublinear search overhead. The proposed VSSE scheme is based on a privacy-preserving hash-based accumulator, by leveraging a well-established cryptographic primitive, Symmetric Hidden Vector Encryption (SHVE). Our VSSE scheme enables both correctness and completeness verifiability for the result without pairing operations, thus greatly reducing the computational cost in the verification process. Besides, the proposed VSSE scheme can still provide a proof when the search result is empty. Finally, the security analysis and experimental evaluation are given to demonstrate the security and practicality of the proposed scheme.     

支持可验证的密文模糊关键字检索方案

现有的大部分可搜索加密方案仅支持精确关键字搜索,当输入搜索关键字出现拼写错误时,便不能返回相关的结果。为了解决这个问题,提出了一种新的可验证的模糊关键词搜索方案。在该方案中,为每个模糊关键字集而并非每个模糊关键字生成一个索引向量,并为每个模糊关键字集索引计算一个混淆函数对真实索引进行加密混淆,使云端可通过模糊关键词直接解密对应索引,大幅简化了搜索流程,提高了搜索效率。与现有方案相比,该方案所需的计算成本和存储空间更少。     

基于区块链的多关键字属性基可搜索加密方案

云存储服务的出现可将文件上传至云服务器,节约了本地的信息存储空间以及管理开销。文件以明文的形式存储显然无法满足隐私保护和安全需求,但若将加密后的文件上传至云服务器,将失去搜索原文件的能力。因此,可搜索加密技术的出现解决了用户如何在文件不解密的情况下搜索加密数据。目前现有的单关键字可搜索加密方案会产生许多与检索内容不符合的信息,没有考虑数据用户细粒度搜索权限和搜索效率,以及因云存储的集中化带来的数据安全和隐私保护等问题。针对以上问题,该文提出了基于区块链的多关键字属性基可搜索加密方案。该方案使用多关键字可搜索加密技术实现了加密数据的有效搜索;利用基于属性的加密技术实现加密数据的细粒度访问控制;结合区块链的智能合约技术,经过多笔交易获得搜索结果。并且利用区块链的不可篡改性,满足了方案中相关性质的公平性,保证了在方案中三方的公平性和安全性并进行了相关分析。在随机预言机模型下,基于困难问题假设证明了方案的关键字安全及陷门安全,即所提方案满足在选择关键字攻击下的关键字密文不可区分性安全和陷门不可区分性安全。最后通过数值分析表明该方案在关键字密文生成阶段和关键字搜索阶段具有较高的效率。并展望了在未...     

XBridge-Mobile: efficient XML keyword search on mobile web data

Mobile computing over intelligent mobile is affecting human’s habits of obtaining information over Internet, especially keyword search. Most of previous keyword search works are mainly focused on traditional web data sources, in which the performance can be improved by adding more computing power and/or building more offline-computed index. However, it is very challenging to apply the traditional keyword search methods to mobile web-based keyword search because mobile computing has many different features, e.g., frequent disconnections, variety of bandwidths, limited power of mobile devices, limited data size to be downloaded, etc.. To address this challenge, in this paper we design an adaptive mobile-based XML keyword search approach, called XBridge-Mobile, that can derive the semantics of a keyword query and generate a set of effective structured patterns by analyzing the given keyword query and the schemas of XML data sources. Each structured pattern represents one of user’s possible search intentions. The patterns will be firstly sent to the mobile client from web server. And then, the mobile client can select some interested patterns to load the results. By doing this, we can reduce the communication cost a lot between web server and mobile client because only the derived patterns and a few results need to be transferred, not all the keyword search results, by which we can save lots of expenses when the downloaded data is priced. In addition, we can economically maintain the frequent structured pattern queries in the mobile device, which can further reduce the expense of downloading data. At last, we analyze and propose a ranking function to measure the quality of keyword search results, design a set of algorithms to optimize mobile keyword search based on the maintained structured patterns, and present the experimental study of XBridge-Mobile with real XML datasets.