Privacy-preserving data utilization in hybrid clouds

As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud, which raises a new challenge on how to utilize the outsourced data in a privacy-preserving manner. Although searchable encryption allows for privacy-preserving keyword search over encrypted data, it could not work effectively for restricting unauthorized access to the outsourced private data. In this paper, aiming at tackling the challenge of privacy-preserving utilization of data in cloud computing, we propose a practical hybrid architecture in which a private cloud is introduced as an access interface between the data owner/user and the public cloud. Under this architecture, a data utilization system is provided to achieve both exact keyword search and fine-grained access control over encrypted data. Security and efficiency analysis for the proposed system are presented in detail. Then, further enhancements for this system are considered in two steps. (1) We show how to extend our system to support efficient fuzzy keyword search while overcoming the disadvantage of insignificant decryption in the existing privacy-preserving fuzzy keyword search scheme. (2) We demonstrate approaches to realize an outsourcing cryptographic access control mechanism and further reduce the computational cost at the data user side. We propose a hybrid architecture for privacy-preserving data utilization.We propose a system for exact keyword search and access control over encrypted data.We show how to extend our system to support fuzzy keyword search.We demonstrate approaches for outsourcing cryptographic access control.

[1]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[2]  Duncan S. Wong,et al.  Secure Outsourced Attribute-based Encryption , 2012, IACR Cryptol. ePrint Arch..

[3]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: An Architecture for Secure Cloud Computing , 2011 .

[4]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[5]  T. D. B. Weerasinghe Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms , 2014, IACR Cryptol. ePrint Arch..

[6]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[7]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[8]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[9]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[10]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[11]  Jin Li,et al.  Efficient Keyword Search over Encrypted Data with Fine-Grained Access Control in Hybrid Cloud , 2012, NSS.

[12]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[13]  Vishal Saraswat,et al.  Public Key Encryption with Searchable Keywords Based on Jacobi Symbols , 2007, INDOCRYPT.

[14]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2012, IEEE Transactions on Parallel and Distributed Systems.

[15]  Naranker Dulay,et al.  Shared and Searchable Encrypted Data for Untrusted Servers , 2008 .

[16]  Dalia Khader,et al.  Public Key Encryption with Keyword Search Based on K-Resilient IBE , 2006, ICCSA.

[17]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[18]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[19]  Guoliang Li,et al.  Efficient interactive fuzzy keyword search , 2009, WWW '09.

[20]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[21]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[22]  Zhibin Zhou,et al.  Efficient and secure data storage operations for mobile cloud computing , 2012, 2012 8th international conference on network and service management (cnsm) and 2012 workshop on systems virtualiztion management (svm).

[23]  Jin Li,et al.  Outsourcing Encryption of Attribute-Based Encryption with MapReduce , 2012, ICICS.

[24]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.