Efficient Keyword Search over Encrypted Data with Fine-Grained Access Control in Hybrid Cloud
As cloud computing becomes prevalent, more and more sensitive information is being centralized into the cloud, which raises a new challenge on how to efficiently share the outsourced data in a fine-grained manner. Although searchable encryption allows for privacy-preserving keyword search over encrypted data in public cloud, it could not work effectively for supporting fine-grained access control over encrypted data simultaneously. In this paper, we consider to tackle the challenge above under a hybrid architecture in which a private cloud is introduced as an access interface between users and public cloud. We firstly propose a basic scheme allowing both exact keyword search and fine-grained access control over encrypted data. Furthermore, an advanced scheme supporting fuzzy keyword search is presented. In both schemes, overhead computation is securely outsourced to private cloud but only left behind the file encryption and decryption at user side. Finally, we demonstrate approaches to realize outsourcing cryptographic access control mechanism and further relieve the computational cost at user side.
KeywordsCloud Computing Keyword Search Public Cloud Private Cloud Encrypt Data
Unable to display preview. Download preview PDF.
- 4.Bugiel, S., Nürnberger, S., Sadeghi, A.R., Schneider, T.: Twin clouds: An architecture for secure cloud computing. In: Workshop on Cryptography and Security in Clouds, WCSC 2011 (2011)Google Scholar
- 8.Dong, C., Russello, G., Dulay, N.: Shared and searchable encrypted data for untrusted servers. Journal of Computer Security 19(3), 367–397 (2011)Google Scholar
- 9.Goh, E.J.: Secure indexes. An early version of this paper first appeared on the Cryptology ePrint Archive (October 2003)Google Scholar
- 10.Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98 (2006)Google Scholar
- 11.Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of abe ciphertexts. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, pp. 34–34. USENIX Association, Berkeley (2011)Google Scholar
- 15.Levenshtein, V.: Binary codes capable of correcting spurious insertions and deletions of ones. Problems of Information Transmission 1, 8–17 (1965)Google Scholar
- 16.Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Fuzzy keyword search over encrypted data in cloud computing. In: Proceedings IEEE INFOCOM, pp. 1–5 (March 2010)Google Scholar
- 17.Li, J., Jia, C., Li, J., Chen, X.: Outsourcing encryption of attribute-based encryption with mapreduce. In: 14th International Conference on Information and Communications Security, ICICS (2012)Google Scholar
- 18.Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: 2011 31st International Conference on Distributed Computing Systems (ICDCS), pp. 383–392 (June 2011)Google Scholar
- 20.Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy, pp. 44–55 (2000)Google Scholar
- 22.Weerasinghe, T.: Secrecy and performance analysis of symmetric key encryption algorithms. International Journal of Information & Network Security (IJINS) 1(2), 77–87 (2012)Google Scholar
- 23.Zhou, Z., Huang, D.: Efficient and secure data storage operations for mobile cloud computing. Cryptology ePrint Archive, Report 2011/185 (2011)Google Scholar