Results 1 - 10
of
30
Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data,"
- Proc. IEEE INFOCOM,
, 2014
"... Abstract-With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to commercial public cloud for great flexibility and economic savings. But for protecting data privacy, sensitive data has to be encrypted before outsourcing, w ..."
Abstract
-
Cited by 89 (10 self)
- Add to MetaCart
(Show Context)
Abstract-With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to commercial public cloud for great flexibility and economic savings. But for protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. Thus, enabling an encrypted cloud data search service is of paramount importance. Considering the large number of data users and documents in cloud, it is crucial for the search service to allow multi-keyword query and provide result similarity ranking to meet the effective data retrieval need. Related works on searchable encryption focus on single keyword search or Boolean keyword search, and rarely differentiate the search results. In this paper, for the first time, we define and solve the challenging problem of privacy-preserving multi-keyword ranked search over encrypted cloud data (MRSE), and establish a set of strict privacy requirements for such a secure cloud data utilization system to become a reality. Among various multi-keyword semantics, we choose the efficient principle of "coordinate matching", i.e., as many matches as possible, to capture the similarity between search query and data documents, and further use "inner product similarity" to quantitatively formalize such principle for similarity measurement. We first propose a basic MRSE scheme using secure inner product computation, and then significantly improve it to meet different privacy requirements in two levels of threat models. Thorough analysis investigating privacy and efficiency guarantees of proposed schemes is given, and experiments on the real-world dataset further show proposed schemes indeed introduce low overhead on computation and communication.
Privacy-preserving multi-keyword text search in the cloud supporting similaritybased ranking
- IN ASIACCS 2013
, 2013
"... With the increasing popularity of cloud computing, huge amount of documents are outsourced to the cloud for re-duced management cost and ease of access. Although en-cryption helps protecting user data confidentiality, it leaves the well-functioning yet practically-efficient secure search functions o ..."
Abstract
-
Cited by 15 (4 self)
- Add to MetaCart
(Show Context)
With the increasing popularity of cloud computing, huge amount of documents are outsourced to the cloud for re-duced management cost and ease of access. Although en-cryption helps protecting user data confidentiality, it leaves the well-functioning yet practically-efficient secure search functions over encrypted data a challenging problem. In this paper, we present a privacy-preserving multi-keyword text search (MTS) scheme with similarity-based ranking to address this problem. To support multi-keyword search and search result ranking, we propose to build the search in-dex based on term frequency and the vector space model with cosine similarity measure to achieve higher search re-sult accuracy. To improve the search efficiency, we propose a tree-based index structure and various adaption methods for multi-dimensional (MD) algorithm so that the practical search efficiency is much better than that of linear search. To further enhance the search privacy, we propose two secure index schemes to meet the stringent privacy requirements under strong threat models, i.e., known ciphertext model and known background model. Finally, we demonstrate the effectiveness and efficiency of the proposed schemes through extensive experimental evaluation.
Protecting Your Right: Attribute-based Keyword Search with Fine-grained Owner-enforced Search Authorization in the Cloud
, 2014
"... Search over encrypted data is a critically important enabling technique in cloud computing, where encryption-before-outsourcing is a fundamental solution to protecting user data privacy in the untrusted cloud server environment. Many secure search schemes have been focusing on the single-contributo ..."
Abstract
-
Cited by 7 (1 self)
- Add to MetaCart
Search over encrypted data is a critically important enabling technique in cloud computing, where encryption-before-outsourcing is a fundamental solution to protecting user data privacy in the untrusted cloud server environment. Many secure search schemes have been focusing on the single-contributor scenario, where the outsourced dataset or the secure searchable index of the dataset are encrypted and managed by a single owner, typically based on symmetric cryptography. In this paper, we focus on a different yet more challenging scenario where the outsourced dataset can be contributed from multiple owners and are searchable by multiple users, i.e. multi-user multi-contributor case. Inspired by attribute-based encryption (ABE), we present the first attribute-based keyword search scheme with efficient user revocation (ABKS-UR) that enables scalable fine-grained (i.e. file-level) search authorization. Our scheme allows multiple owners to encrypt and outsource their data to the cloud server independently. Users can generate their own search capabilities without relying on an always online trusted authority. Fine-grained search authorization is also implemented by the owner-enforced access policy on the index of each file. Further, by incorporating proxy re-encryption and lazy re-encryption techniques, we are able to delegate heavy system update workload during user revocation to the resourceful semi-trusted cloud server. We formalize the security definition and prove the proposed ABKS-UR scheme selectively secure against chosen-keyword attack. Finally, performance evaluation shows the efficiency of our scheme.
New Algorithms for Secure Outsourcing of Modular Exponentiations
"... Abstract. Modular exponentiations have been considered the most ex-pensive operation in discrete-logarithm based cryptographic protocols. In this paper, we propose a new secure outsourcing algorithm for ex-ponentiation modular a prime in the one-malicious model. Compared with the state-of-the-art al ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
Abstract. Modular exponentiations have been considered the most ex-pensive operation in discrete-logarithm based cryptographic protocols. In this paper, we propose a new secure outsourcing algorithm for ex-ponentiation modular a prime in the one-malicious model. Compared with the state-of-the-art algorithm [33], the proposed algorithm is supe-rior in both efficiency and checkability. We then utilize this algorithm as a subroutine to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures. Besides, we propose the first outsource-secure and efficient algorithm for simultaneous modular exponentiations. More-over, we prove that both the algorithms can achieve the desired security notions.
Search Pattern Leakage in Searchable Encryption: Attacks and New Constructions ABSTRACT
"... Searching on remote encrypted data (commonly known as searchable encryption) is becoming an important technique in secure data outsourcing, since it allows users to outsource encrypted data to the third party and maintains the keyword searching on the data at the same time. It has been widely accept ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Searching on remote encrypted data (commonly known as searchable encryption) is becoming an important technique in secure data outsourcing, since it allows users to outsource encrypted data to the third party and maintains the keyword searching on the data at the same time. It has been widely accepted in the literature that searchable encryption techniques should leak as little information as possible to the third party. An early classical method called oblivious RAM hides all information at the cost of poly-logarithmic computation and communication overheads, which turns out to be impractical in the real world applications (e.g., cloud computing). A number of efficient searchable encryption schemes have been proposed under weaker security guarantees afterwards, however, such schemes leak statistical information about the user’s search pattern. In this paper, we show that the search pattern leakage can result in non-trivial risks. As pioneer work, we present two concrete attack models exploiting user’s search pattern and some auxiliary background knowledge aiming to disclose the underlying keywords of user’s queries. To resist these attacks, we develop two new searchable encryption constructions that hide the search pattern. Our constructions are designed to be independent from the underlying searchable encryption scheme. Our experiments, which are based on the real world dataset, demonstrate the effectiveness and efficiency of proposed attack models and new constructions.
Privacy-preserving outsourced photo sharing and searching for mobile devices
- in ICDCS, IEEE
, 2015
"... ar ..."
(Show Context)
Searching Private Data in a Cloud Encrypted Domain
"... Cloud computing security and reliability are important challenges in the research agenda. For some applications managing sensitive data, cloud security solutions and data-privacy management are the main concerns for organizations that are considering a move to the cloud. The advantages of cloud comp ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Cloud computing security and reliability are important challenges in the research agenda. For some applications managing sensitive data, cloud security solutions and data-privacy management are the main concerns for organizations that are considering a move to the cloud. The advantages of cloud computing include reduced costs, easy maintenance and re-provisioning of resources, thereby also possibly increasing profits. But the adoption of Cloud Computing solutions applies only if different security concerns are ensured. This article presents a solution for data storage and data management in Internet Storage Clouds, preserving privacy conditions under the control of Cloud users. The proposed solution supports operations over stored encrypted data, including reading, writing and searching based on relevance ranking and multiple keywords. The approach is based on a middleware architecture supported by homomorphic encryption techniques combined with dynamic indexing mechanisms. The solution preserves data-privacy without need to either decipher data during operations in the Cloud or transfer the data during searches. The article further describes an implementation prototype of the solution and its evaluation. The evaluation shows that the solution is viable, offers security and privacy control for the user and does not aggravate conditions of data-access latency and availability.
PIC: Enable Large-scale Privacy-preserving Content-based Image Search on Cloud
"... Abstract—High-resolution cameras produce huge volume of high quality images everyday. It is extremely challenging to store, share and especially search those huge images, for which increasing number of cloud services are presented to support such functionalities. However, images tend to contain rich ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract—High-resolution cameras produce huge volume of high quality images everyday. It is extremely challenging to store, share and especially search those huge images, for which increasing number of cloud services are presented to support such functionalities. However, images tend to contain rich sensitive infor-mation (e.g., people, location and event), and people’s privacy concerns hinder their readily participation into the services provided by untrusted third parties. In this work, we introduce PIC: a Privacy-preserving large-scale Image search system on Cloud. Our system enables efficient yet secure content-based image search with fine-grained access control, and it also provides privacy-preserving image storage and sharing among users. Users can specify who can/cannot search on their images when using the system, and they can search on others ’ images if they satisfy the condition specified by the image owners. Majority of the computationally intensive jobs are outsourced to the cloud side, and users only need to submit the query and receive the result throughout the entire image search. Specially, to deal with massive images, we design our system suitable for distributed and parallel computation and introduce several optimizations to further expedite the search process. We implement a prototype of PIC including both cloud side and client side. The cloud side is a cluster of computers with distributed file system (Hadoop HDFS) and MapReduce architecture (Hadoop MapReduce). The client side is built for both Windows OS laptops and Android phones. We evaluate the prototype system with large sets of real-life photos. Our security analysis and evaluation results show that PIC successfully pro-tect the image privacy at a low cost of computation and communication. I.
Cloud-based privacy preserving image storage, sharing and search,” arXiv preprint arXiv:1410.6593
, 2014
"... iv ..."
(Show Context)
Security and privacy issues of fog computing: A survey
- in International Conference on Wireless Algorithms, Systems and Applications (WASA
, 2015
"... Abstract. Fog computing is a promising computing paradigm that ex-tends cloud computing to the edge of networks. Similar to cloud comput-ing but with distinct characteristics, fog computing faces new security and privacy challenges besides those inherited from cloud computing. In this paper, we have ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Fog computing is a promising computing paradigm that ex-tends cloud computing to the edge of networks. Similar to cloud comput-ing but with distinct characteristics, fog computing faces new security and privacy challenges besides those inherited from cloud computing. In this paper, we have surveyed these challenges and corresponding solu-tions in a brief manner.
