• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEEE Transactions on Parallel and Distributed Systems >Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud
【24h】

Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud

机译:保护您的权利:可验证的基于属性的关键字搜索,云中具有细粒度的所有者强制搜索授权

获取原文
获取原文并翻译 | 示例
       
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Search over encrypted data is a critically important enabling technique in cloud computing, where encryption-before-outsourcing is a fundamental solution to protecting user data privacy in the untrusted cloud server environment. Many secure search schemes have been focusing on the single-contributor scenario, where the outsourced dataset or the secure searchable index of the dataset are encrypted and managed by a single owner, typically based on symmetric cryptography. In this paper, we focus on a different yet more challenging scenario where the outsourced dataset can be contributed from multiple owners and are searchable by multiple users, i.e., multi-user multi-contributor case. Inspired by attribute-based encryption (ABE), we present the first attribute-based keyword search scheme with efficient user revocation (ABKS-UR) that enables scalable fine-grained (i.e., file-level) search authorization. Our scheme allows multiple owners to encrypt and outsource their data to the cloud server independently. Users can generate their own search capabilities without relying on an always online trusted authority. Fine-grained search authorization is also implemented by the owner-enforced access policy on the index of each file. Further, by incorporating proxy re-encryption and lazy re-encryption techniques, we are able to delegate heavy system update workload during user revocation to the resourceful semi-trusted cloud server. We formalize the security definition and prove the proposed ABKS-UR scheme selectively secure against chosen-keyword attack. To build confidence of data user in the proposed secure search system, we also design a search result verification scheme. Finally, performance evaluation shows the efficiency of our scheme.
机译:搜索加密数据是云计算中至关重要的启用技术,其中外包前加密是在不受信任的云服务器环境中保护用户数据隐私的基本解决方案。许多安全搜索方案一直专注于单贡献者方案,其中外包数据集或数据集的安全可搜索索引由单个所有者加密和管理,通常基于对称密码学。在本文中,我们专注于一个不同但更具挑战性的场景,其中外包数据集可以由多个所有者提供并且可以由多个用户搜索,即多用户多贡献者案例。受基于属性的加密(ABE)的启发,我们提出了第一个具有有效用户吊销(ABKS-UR)的基于属性的关键字搜索方案,该方案可实现可扩展的细粒度(即文件级)搜索授权。我们的方案允许多个所有者分别加密和外包他们的数据到云服务器。用户可以生成自己的搜索功能,而不必依赖始终在线的受信任权限。所有者强制对每个文件的索引执行的访问策略还可以实现细粒度的搜索授权。此外,通过结合代理重新加密和惰性重新加密技术,我们能够在用户吊销期间将繁重的系统更新工作量委派给资源丰富的半信任云服务器。我们对安全性定义进行了形式化验证,并证明了所提出的ABKS-UR方案可以选择性地防止选择关键字攻击。为了在建议的安全搜索系统中建立数据用户的信心,我们还设计了一种搜索结果验证方案。最后,性能评估表明了我们方案的有效性。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号