Skip to main content
SpringerLink
Log in

Secure Search and Storage Services in Cloud and Fog/Edge Computing

  • Chapter
  • First Online:
Fog/Edge Computing For Security, Privacy, and Applications

Part of the book series: Advances in Information Security ((ADIS,volume 83))

  • 1197 Accesses

Abstract

As an extension of cloud computing, fog/edge computing migrates enormous computing and storage resources to the network edge, which forms an edge layer that is close to end devices. However, security concerns hinder the adoption of fog/edge computing. This book chapter researches the problem of secure storage and search services in fog/edge computing. From the aspect of storage security, we first propose a hierarchical-attribute-based encryption (HABE) scheme to efficiently achieve fine-grained access control in clouds, and then we combine HABE and Proxy Re-Encryption (PRE) by incorporating time concept into PRE to achieve user revocation automatically. From the aspect of search privacy, we propose a dynamic attribute-based keyword search (DABKS) scheme to achieve fine-grained search authorization in cloud computing. DABKS delegates the policy updating operations to the cloud, by incorporating proxy re-encryption (PRE) and a secret sharing scheme (SSS) into attribute-based keyword search (ABKS). The research results will play an important role in attribute-based encryption and searchable encryption, which could help create new situations for providing secure services in cloud computing and fog/edge computing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Research and Markets: Cloud storage market - forecasts from 2017 to 2022. https://www.researchandmarkets.com/research/lf8wbx/cloud_storage/

  2. Rimal, B.P., Choi, E., Lumb, I.: A taxonomy and survey of cloud computing systems. In: Proc. of the 5th International Joint Conference on INC, IMS and IDC (NCM 2009), pp. 44–51 (2009)

    Google Scholar 

  3. Zhou, M., Zhang, R., Zeng, D., Qian, W.: Services in the cloud computing era: a survey. In: Proc. of the 4th International Conference on Universal Communication Symposium (IUCS 2010), pp. 40–46 (2010)

    Google Scholar 

  4. Wikipedia: icloud leaks of celebrity photos. https://en.wikipedia.org/wiki/ICloud_leaks_of_celebrity_photos

  5. Khandelwal, S.: Download: 68 million hacked dropbox accounts are just a click away!. https://thehackernews.com/2016/10/dropbox-password-hack.html

  6. McGee, M.K.: Blood test results exposed in cloud repository. https://www.databreachtoday.com/blood-test-results-exposed-in-cloud-repository-a-10382

  7. Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wagner, D., Whiting, D.: Improved cryptanalysis of Rijndael. In: Fast Software Encryption, pp. 213–230. Springer, Berlin (2001)

    Google Scholar 

  8. Kleinjung, T., Aoki, K., Franke, J., Lenstra, A.K., Thomé, E., Bos, J.W., Gaudry, P., Kruppa, A., Montgomery, P.L., Osvik, D.A., et al.: Factorization of a 768-bit RSA modulus. In: Advances in Cryptology–CRYPTO 2010, pp. 333–350. Springer, Berlin (2010)

    Google Scholar 

  9. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: scalable secure file sharing on untrusted storage. In: Proc. of the 2nd USENIX Conference on File and Storage Technologies (FAST 2003), pp. 29–42 (2003)

    Google Scholar 

  10. Goh, E., Shacham, H., Modadugu, N., Boneh, D.: Sirius: securing remote untrusted storage. In: Proc. of the 10th Network and Distributed Systems Security Symposium (NDSS 2003), pp. 131–145 (2003)

    Google Scholar 

  11. Liu, Q., Wang, G., Wu, J.: Efficient sharing of secure cloud storage services. In: Proc. of the 10th IEEE 10th International Conference on Computer and Information Technology (CIT 2010), pp. 922–929 (2010)

    Google Scholar 

  12. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Proc. of the 8th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2002), pp. 149–155 (2002)

    Google Scholar 

  13. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Proc. of the 24th International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT 2005), pp. 557–557 (2005)

    Google Scholar 

  14. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proc. of the 13th ACM Conference on Computer and Communications Security (CCS 2006), pp. 89–98 (2006)

    Google Scholar 

  15. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proc. of the 27th IEEE Symposium on Security and Privacy (SP 2007), pp. 321–334 (2007)

    Google Scholar 

  16. Müller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute-based encryption. In: Proc. of the 7th International Conference on Information Security and Cryptology (ICISC 2009), pp. 20–36 (2009)

    Google Scholar 

  17. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Public Key Cryptography–PKC 2011, pp. 53–70. Springer, Berlin (2011)

    Google Scholar 

  18. Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology–EUROCRYPT 2010, pp. 62–91. Springer, Berlin (2010)

    Google Scholar 

  19. Liang, K., Au, M.H., Liu, J.K., Susilo, W., Wong, D.S., Yang, G., Yu, Y., Yang, A.: A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. Future Gener. Comput. Syst. 28, 95–108 (2015)

    Article  Google Scholar 

  20. Jung, T., Li, X.Y., Wan, Z., Wan, M.: Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption. IEEE Trans. Inf. Forensics Secur. 10, 190–199 (2015)

    Article  Google Scholar 

  21. Han, J., Susilo, W., Mu, Y., Zhou, J.: Improving privacy and security in decentralized ciphertext-policy attribute-based encryption. IEEE Trans. Inf. Forensics Secur. 10, 665–678 (2015)

    Article  Google Scholar 

  22. Chase, M., Chow, S.S.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 121–130. ACM, New York (2009)

    Google Scholar 

  23. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Advances in Cryptology–EUROCRYPT 2011, pp. 568–588. Springer, Berlin (2011)

    Google Scholar 

  24. Wang, G., Liu, Q., Wu, J.: Achieving fine-grained access control for secure data sharing on cloud servers. Concurrency Comput. Pract. Exp. 23(12), 1443–1464 (2011)

    Article  Google Scholar 

  25. Wang, G., Liu, Q., Wu, J., Guo, M.: Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput. Secur. 30(5), 320–331 (2011)

    Article  Google Scholar 

  26. Wang, G., Liu, Q., Wu, J.: Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 735–737 (2010)

    Google Scholar 

  27. Zhu, Y., Hu, H., Ahn, G., et al.: Comparison-based encryption for fine-grained access control in clouds. In: Proceedings of ACM CODASPY, pp. 105–116 (2012)

    Google Scholar 

  28. Liu, X., Liu, Q., Peng, T., Wu, J.: Dynamic access policy in cloud-based personal health record (PHR) systems. Inf. Sci. 8(7), 1332–1346 (2015)

    Google Scholar 

  29. Wu, Y., Wei, Z., Deng, H., et al.: Attribute-based access to scalable media in cloud-assisted content sharing. IEEE Trans. Multimed. 15(4), 778–788 (2013)

    Article  Google Scholar 

  30. Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)

    Article  Google Scholar 

  31. Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Advances in Cryptology–EUROCRYPT 2008, pp. 146–162. Springer, Berlin (2008)

    Google Scholar 

  32. Okamoto, T., Takashima, K.: Hierarchical predicate encryption for inner-products. In: Advances in Cryptology–ASIACRYPT 2009, pp. 214–231. Springer, Berlin (2009)

    Google Scholar 

  33. Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. J. Comput. Secur. 18(5), 799–837 (2010)

    Article  Google Scholar 

  34. Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Proc. of the 17th International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT 1998), pp. 127–144 (1998)

    Google Scholar 

  35. Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS), pp. 288–306 (2007)

    Google Scholar 

  36. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proc. of the 29th IEEE International Conference on Computer Communications (INFOCOM 2010), pp. 534–542 (2010)

    Google Scholar 

  37. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), pp. 261–270 (2010)

    Google Scholar 

  38. Shi, Y., Zheng, Q., et al.: Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Inf. Sci. 295, 221–231 (2015)

    Article  MathSciNet  Google Scholar 

  39. Liu, Q., Wang, G., Wu, J.: Time-based proxy re-encryption scheme for secure data sharing in a cloud environment. Inf. Sci. 258, 355–370 (2014)

    Article  Google Scholar 

  40. Yang, Y., Zhu, H., et al.: Cloud based data sharing with fine-grained proxy re-encryption. Pervasive Mob. Comput. (2015). http://dx.doi.org/10.1016/j.pmcj.2015.06.017

  41. Yang, K., Jia, X., Ren, K., et al.: Enabling efficient access control with dynamic policy updating for big data in the cloud. In: Proceedings of IEEE INFOCOM, pp. 2013–2021 (2014)

    Google Scholar 

  42. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proc. of the 2000 IEEE Symposium on Security and Privacy (SP 2000), pp. 44–55 (2000)

    Google Scholar 

  43. Goh, E.-J.: Secure indexes. Cryptology ePrint Archive, Report 2003/216, Tech. Rep. (2003)

    Google Scholar 

  44. Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Applied Cryptography and Network Security, pp. 442–455. Springer, Berlin (2005)

    Google Scholar 

  45. Kurosawa, K., Ohtaki, Y.: UC-secure searchable symmetric encryption. In: Financial Cryptography and Data Security, pp. 285–298. Springer, Berlin (2012)

    Google Scholar 

  46. Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Financial Cryptography and Data Security, pp. 258–274. Springer, Berlin (2013)

    Google Scholar 

  47. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Advances in Cryptology-Eurocrypt 2004, pp. 506–522. Springer, Berlin (2004)

    Google Scholar 

  48. Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: Applied Cryptography and Network Security, pp. 31–45. Springer, Berlin (2004)

    Google Scholar 

  49. Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Proceedings of CRYPTO 2001, LNCS, 2139, 213–229 (2001).

    MATH  Google Scholar 

  50. Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Theory of Cryptography, pp. 535–554. Springer, Berlin (2007)

    Google Scholar 

  51. Shi, E., Bethencourt, J., Chan, T.-H., Song, D., Perrig, A.: Multi-dimensional range query over encrypted data. In: Proc. of the 2007 IEEE Symposium on Security and Privacy (SP 2007), pp. 350–364 (2007)

    Google Scholar 

  52. Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: Proc. of the 23rd ACM Symposium on Operating Systems Principles (SOSP 2011), pp. 85–100 (2011)

    Google Scholar 

  53. Wang, C., Cao, N., Li, J., Ren, K., Lou, W.: Secure ranked keyword search over encrypted cloud data. In: Proc. of the 30th IEEE International Conference on Distributed Computing Systems (ICDCS 2010), pp. 253–262 (2010)

    Google Scholar 

  54. Boldyreva, A., Chenette, N., Lee, Y., Oneill, A.: Order-preserving symmetric encryption. In: Advances in Cryptology-EUROCRYPT 2009, pp. 224–241. Springer, Berlin (2009)

    Google Scholar 

  55. Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25(1), 222–233 (2014)

    Article  Google Scholar 

  56. Wong, W.K., Cheung, D.W.-l., Kao, B., Mamoulis, N.: Secure KNN computation on encrypted databases. In: Proc. of the 2009 ACM SIGMOD International Conference on Management of Data (SIGMOD 2009), pp. 139–152 (2009)

    Google Scholar 

  57. Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Fuzzy keyword search over encrypted data in cloud computing. In: Proc. of the 29th IEEE International Conference on Computer Communications (INFOCOM 2010), pp. 1–5 (2010)

    Google Scholar 

  58. Wang, B., Yu, S., Lou, W., Hou, Y.T.: Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In: Proc. of IEEE INFOCOM (2014)

    Google Scholar 

  59. Guo, D., Wu, J., Chen, H., Luo, X., et al.: Theory and network applications of dynamic bloom filters. In: Proc. of INFOCOM (2006)

    Google Scholar 

  60. Indyk, P., Motwani, R.: Approximate nearest neighbors: towards removing the curse of dimensionality. In: Proc. of ACM STOC (1998)

    Google Scholar 

  61. Fu, Z., Xia, L., Sun, X., Liu, A.X., Xie, G.: Semantic-aware searching over encrypted data for cloud computing. IEEE Trans. Inf. Forensics Secur. 13(9), 2359–2371 (2018)

    Article  Google Scholar 

  62. Wang, D., Jia, X., Wang, C., Yang, K., Fu, S., Xu, M.: Generalized pattern matching string search on encrypted data in cloud systems. In: Proc. of INFOCOM, pp. 2101–2109 (2015)

    Google Scholar 

  63. Ding, X., Liu, P., Jin, H.: Privacy-preserving multi-keyword top-k similarity search over encrypted data. IEEE Trans. Dependable Secure Comput. 16(2), 344–357 (2019)

    Article  Google Scholar 

  64. Boldyreva, A., Chenette, N.: Efficient fuzzy search on encrypted data. In: Proc. of FSE, pp. 613–633 (2014)

    Google Scholar 

  65. Moataz, T., Ray, I., Ray, I., Shikfa, A., Cuppens, F., Cuppens, N.: Substring search over encrypted data. J. Comput. Secur. 26(1), 1–30 (2018)

    Google Scholar 

  66. Hahn, F., Loza, N., Kerschbaum, F.: Practical and secure substring search. In: Proc. of SIGMOD, pp. 163–176 (2018)

    Google Scholar 

  67. Bao, F., Deng, R.H., Ding, X., Yang, Y.: Private query on encrypted data in multi-user settings. In: Information Security Practice and Experience. Springer, Berlin (2008)

    Google Scholar 

  68. Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted personal health records in cloud computing. In: Proc. of IEEE ICDCS (2011)

    Google Scholar 

  69. Zheng, Q., Xu, S., Ateniese, G.: VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proc of IEEE INFOCOM (2014)

    Google Scholar 

  70. Hu, B., Liuy, Q., Liu, X., Peng, T., Wu, J.: DABKS: dynamic attribute-based keyword search in cloud computing. In: Proc of IEEE ICC (2017)

    Google Scholar 

  71. Peng, T., Liu, Q., Hu, B., Liu, J., Zhu, J.: Dynamic keyword search with hierarchical attributes in cloud computing. IEEE Access 6, 68948–68960 (2018)

    Article  Google Scholar 

  72. Naveed, M.: The fallacy of composition of oblivious ram and searchable encryption. IACR Cryptol. ePrint Arch. 2015, 668 (2015)

    Google Scholar 

  73. Canetti, R., Raghuraman, S., Richelson, S., Vaikuntanathan, V.: Chosen-ciphertext secure fully homomorphic encryption. In: Proc. of IACR International Workshop on Public Key Cryptography, pp. 213–240 (2017)

    Google Scholar 

  74. Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proc. of the 13th ACM Conference on Computer and Communications Security (CCS 2006) (2006)

    Google Scholar 

  75. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Proceedings of International Cryptology Conference (CRYPTO), pp. 10–18 (1984)

    Google Scholar 

  76. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proc. of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2010), pp. 261–270 (2010)

    Google Scholar 

  77. Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. In: Public Key Cryptography–PKC 2008, pp. 360–379. Springer, Berlin (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Electronic Engineering, Hunan University, Changsha, P.R. China

    Qin Liu

Authors
  1. Qin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qin Liu .

Editor information

Editors and Affiliations

  1. Department of Computer Science, Saint Joseph’s University, Philadelphia, PA, USA

    Wei Chang

  2. Computer and Information Sciences, Temple University, Philadelphia, PA, USA

    Jie Wu

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Liu, Q. (2021). Secure Search and Storage Services in Cloud and Fog/Edge Computing. In: Chang, W., Wu, J. (eds) Fog/Edge Computing For Security, Privacy, and Applications. Advances in Information Security, vol 83. Springer, Cham. https://doi.org/10.1007/978-3-030-57328-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-57328-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-57327-0

  • Online ISBN: 978-3-030-57328-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation