TY - GEN
T1 - Authorized private keyword search over encrypted data in cloud computing
AU - Li, Ming
AU - Yu, Shucheng
AU - Cao, Ning
AU - Lou, Wenjing
PY - 2011
Y1 - 2011
N2 - In cloud computing, clients usually outsource their data to the cloud storage servers to reduce the management costs. While those data may contain sensitive personal information, the cloud servers cannot be fully trusted in protecting them. Encryption is a promising way to protect the confidentiality of the outsourced data, but it also introduces much difficulty to performing effective searches over encrypted information. Most existing works do not support efficient searches with complex query conditions, and care needs to be taken when using them because of the potential privacy leakages about the data owners to the data users or the cloud server. In this paper, using online Personal Health Record (PHR) as a case study, we first show the necessity of search capability authorization that reduces the privacy exposure resulting from the search results, and establish a scalable framework for Authorized Private Keyword Search (APKS) over encrypted cloud data. We then propose two novel solutions for APKS based on a recent cryptographic primitive, Hierarchical Predicate Encryption (HPE). Our solutions enable efficient multi-dimensional keyword searches with range query, allow delegation and revocation of search capabilities. Moreover, we enhance the query privacy which hides users'query keywords against the server. We implement our scheme on a modern workstation, and experimental results demonstrate its suitability for practical usage.
AB - In cloud computing, clients usually outsource their data to the cloud storage servers to reduce the management costs. While those data may contain sensitive personal information, the cloud servers cannot be fully trusted in protecting them. Encryption is a promising way to protect the confidentiality of the outsourced data, but it also introduces much difficulty to performing effective searches over encrypted information. Most existing works do not support efficient searches with complex query conditions, and care needs to be taken when using them because of the potential privacy leakages about the data owners to the data users or the cloud server. In this paper, using online Personal Health Record (PHR) as a case study, we first show the necessity of search capability authorization that reduces the privacy exposure resulting from the search results, and establish a scalable framework for Authorized Private Keyword Search (APKS) over encrypted cloud data. We then propose two novel solutions for APKS based on a recent cryptographic primitive, Hierarchical Predicate Encryption (HPE). Our solutions enable efficient multi-dimensional keyword searches with range query, allow delegation and revocation of search capabilities. Moreover, we enhance the query privacy which hides users'query keywords against the server. We implement our scheme on a modern workstation, and experimental results demonstrate its suitability for practical usage.
UR - http://www.scopus.com/inward/record.url?scp=80051880293&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80051880293&partnerID=8YFLogxK
U2 - 10.1109/ICDCS.2011.55
DO - 10.1109/ICDCS.2011.55
M3 - Conference contribution
AN - SCOPUS:80051880293
SN - 9780769543642
T3 - Proceedings - International Conference on Distributed Computing Systems
SP - 383
EP - 392
BT - Proceedings - 31st International Conference on Distributed Computing Systems, ICDCS 2011
T2 - 31st International Conference on Distributed Computing Systems, ICDCS 2011
Y2 - 20 June 2011 through 24 July 2011
ER -