Attribute-based hybrid boolean keyword search over outsourced encrypted data

Kai He, Jun Guo, Jian Weng, Jiasi Weng, Joseph K. Liu, Xun Yi

Research output: Contribution to journalArticleResearchpeer-review

3 Citations (Scopus)

Abstract

With cloud computing becoming increasingly popular, there has been a rapid increase in the number of data owners who outsource their data to the cloud while allowing users to retrieve the data. To preserve the privacy of data, data owners usually encrypt their data before outsourcing them to the cloud, and cloud servers can search across the ciphertext domain on behalf of users without learning any information about the data. However, existing work in the literature mostly supports only a single-user or single-keyword search which is not able to satisfy more desired expressive search. Thus, we propose a searchable encryption primitive with attribute-based access control for hybrid boolean keyword search over outsourced encrypted data. There exist several desirable features: (1) Data owners can set search permissions for outsourced encrypted data according to an access control policy. (2) Multiple users, whose attributes satisfy the access control policy, are allowed to perform a retrieval operation upon the encrypted data. (3) Authorized users are able to perform more expressive search, such as any required boolean keyword expression search. Additionally, this primitive is provably secure under our security model and we have also implemented the prototype to show the practicality of the primitive.

Original languageEnglish
Number of pages12
JournalIEEE Transactions on Dependable and Secure Computing
DOIs
Publication statusAccepted/In press - 6 Aug 2018

Keywords

  • Access control
  • access control
  • boolean keyword search
  • Cloud computing
  • Encrypted data
  • Encryption
  • Keyword search
  • multiuser searchable encryption
  • Servers

Cite this

@article{a5a75c15f94a49a29be844e0b2c1d91e,
title = "Attribute-based hybrid boolean keyword search over outsourced encrypted data",
abstract = "With cloud computing becoming increasingly popular, there has been a rapid increase in the number of data owners who outsource their data to the cloud while allowing users to retrieve the data. To preserve the privacy of data, data owners usually encrypt their data before outsourcing them to the cloud, and cloud servers can search across the ciphertext domain on behalf of users without learning any information about the data. However, existing work in the literature mostly supports only a single-user or single-keyword search which is not able to satisfy more desired expressive search. Thus, we propose a searchable encryption primitive with attribute-based access control for hybrid boolean keyword search over outsourced encrypted data. There exist several desirable features: (1) Data owners can set search permissions for outsourced encrypted data according to an access control policy. (2) Multiple users, whose attributes satisfy the access control policy, are allowed to perform a retrieval operation upon the encrypted data. (3) Authorized users are able to perform more expressive search, such as any required boolean keyword expression search. Additionally, this primitive is provably secure under our security model and we have also implemented the prototype to show the practicality of the primitive.",
keywords = "Access control, access control, boolean keyword search, Cloud computing, Encrypted data, Encryption, Keyword search, multiuser searchable encryption, Servers",
author = "Kai He and Jun Guo and Jian Weng and Jiasi Weng and Liu, {Joseph K.} and Xun Yi",
year = "2018",
month = "8",
day = "6",
doi = "10.1109/TDSC.2018.2864186",
language = "English",
journal = "IEEE Transactions on Dependable and Secure Computing",
issn = "1545-5971",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",

}

Attribute-based hybrid boolean keyword search over outsourced encrypted data. / He, Kai; Guo, Jun; Weng, Jian; Weng, Jiasi; Liu, Joseph K.; Yi, Xun.

In: IEEE Transactions on Dependable and Secure Computing, 06.08.2018.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Attribute-based hybrid boolean keyword search over outsourced encrypted data

AU - He, Kai

AU - Guo, Jun

AU - Weng, Jian

AU - Weng, Jiasi

AU - Liu, Joseph K.

AU - Yi, Xun

PY - 2018/8/6

Y1 - 2018/8/6

N2 - With cloud computing becoming increasingly popular, there has been a rapid increase in the number of data owners who outsource their data to the cloud while allowing users to retrieve the data. To preserve the privacy of data, data owners usually encrypt their data before outsourcing them to the cloud, and cloud servers can search across the ciphertext domain on behalf of users without learning any information about the data. However, existing work in the literature mostly supports only a single-user or single-keyword search which is not able to satisfy more desired expressive search. Thus, we propose a searchable encryption primitive with attribute-based access control for hybrid boolean keyword search over outsourced encrypted data. There exist several desirable features: (1) Data owners can set search permissions for outsourced encrypted data according to an access control policy. (2) Multiple users, whose attributes satisfy the access control policy, are allowed to perform a retrieval operation upon the encrypted data. (3) Authorized users are able to perform more expressive search, such as any required boolean keyword expression search. Additionally, this primitive is provably secure under our security model and we have also implemented the prototype to show the practicality of the primitive.

AB - With cloud computing becoming increasingly popular, there has been a rapid increase in the number of data owners who outsource their data to the cloud while allowing users to retrieve the data. To preserve the privacy of data, data owners usually encrypt their data before outsourcing them to the cloud, and cloud servers can search across the ciphertext domain on behalf of users without learning any information about the data. However, existing work in the literature mostly supports only a single-user or single-keyword search which is not able to satisfy more desired expressive search. Thus, we propose a searchable encryption primitive with attribute-based access control for hybrid boolean keyword search over outsourced encrypted data. There exist several desirable features: (1) Data owners can set search permissions for outsourced encrypted data according to an access control policy. (2) Multiple users, whose attributes satisfy the access control policy, are allowed to perform a retrieval operation upon the encrypted data. (3) Authorized users are able to perform more expressive search, such as any required boolean keyword expression search. Additionally, this primitive is provably secure under our security model and we have also implemented the prototype to show the practicality of the primitive.

KW - Access control

KW - access control

KW - boolean keyword search

KW - Cloud computing

KW - Encrypted data

KW - Encryption

KW - Keyword search

KW - multiuser searchable encryption

KW - Servers

UR - http://www.scopus.com/inward/record.url?scp=85051375507&partnerID=8YFLogxK

U2 - 10.1109/TDSC.2018.2864186

DO - 10.1109/TDSC.2018.2864186

M3 - Article

JO - IEEE Transactions on Dependable and Secure Computing

JF - IEEE Transactions on Dependable and Secure Computing

SN - 1545-5971

ER -