Access control reinforcement over searchable encryption

Ensuring data confidentiality in Cloud Computing is a very challenging task. Encryption is one of the most secure techniques in use for this purpose. However, it remains vulnerable to indiscretions and various attacks. Many flaws appear particularly when searching over data even if the latter are encrypted. In this article, we propose to improve the level of confidentiality of outsourced data. We are particularly interested in reinforcing access control on the search result, when the search is performed over encrypted data. The properly behind this aspect of security is known as ACAS (Access Control Aware Search) principle. We present a hybridization of Searchable Encryption and Attribute Based Encryption methods in order to satisfy ACAS. The efficiency of the proposed model is evaluated according to data size.

[1]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[2]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[3]  A. Shamm Identity-based cryptosystems and signature schemes , 1985 .

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[5]  Yacine Challal,et al.  Secure Medical Architecture on the Cloud Using Wireless Sensor Networks for Emergency Management , 2013, 2013 Eighth International Conference on Broadband and Wireless Computing, Communication and Applications.

[6]  Liwu Zhang,et al.  KP-ABE Based Verifiable Cloud Access Control Scheme , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[7]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[8]  Wenjing Lou,et al.  Attribute-based content distribution with hidden policy , 2008, 2008 4th Workshop on Secure Network Protocols.

[9]  Yong Cheng,et al.  Attributes Union in CP-ABE Algorithm for Large Universe Cryptographic Access Control , 2012, 2012 Second International Conference on Cloud and Green Computing.

[10]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[11]  Martin Gilje Jaatun,et al.  Beyond lightning: A survey on security challenges in cloud computing , 2013, Comput. Electr. Eng..

[12]  Milan Petkovic,et al.  Secure management of personal health records by applying attribute-based encryption , 2009, Proceedings of the 6th International Workshop on Wearable, Micro, and Nano Technologies for Personalized Health.

[13]  Qiang Tang Search in Encrypted Data: Theoretical Models and Practical Applications , 2012, IACR Cryptol. ePrint Arch..

[14]  Reza Ebrahimi Atani,et al.  Using location based encryption to improve the security of data access in cloud computing , 2013, 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[15]  Ronggang Zhang,et al.  Access Control for the Smart Meters Based on ABE , 2011, 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[16]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[17]  Sushmita Ruj,et al.  Privacy Preserving Access Control with Authentication for Securing Data in Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[18]  Ali Miri,et al.  Combining Attribute-Based and Access Systems , 2009, 2009 International Conference on Computational Science and Engineering.

[19]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[20]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[21]  Mudhakar Srivatsa,et al.  Search-as-a-service: Outsourced search over outsourced storage , 2009, TWEB.

[22]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.