Mul_STK: Efficient and privacy-preserving query with spatio-temporal-keyword multiple attributes in cloud computing

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2025-06-14 DOI:10.1016/j.sysarc.2025.103490

Lu Xing , Haiyong Bao , Menghong Guan , Jing Wang , Qinglei Kong , Hong-Ning Dai , Cheng Huang

{"title":"Mul_STK: Efficient and privacy-preserving query with spatio-temporal-keyword multiple attributes in cloud computing","authors":"Lu Xing , Haiyong Bao , Menghong Guan , Jing Wang , Qinglei Kong , Hong-Ning Dai , Cheng Huang","doi":"10.1016/j.sysarc.2025.103490","DOIUrl":null,"url":null,"abstract":"<div><div>With the explosive growth of spatio-temporal-keyword data and the popularity of cloud computing, data owners often encrypt and outsource massive data to cloud servers to provide secure query services. To improve query efficiency, cloud servers typically optimize the organization of massive spatio-temporal data for efficient keyword-based query. However, for the multi-attribute query, the existing works lack an integrated coding theory, which cannot realize a parallelized and efficient query. Moreover, the existing serialized query for each attribute is inefficient and leads to users’ privacy leakage. To address these issues, we propose a privacy-preserving and efficient multi-attribute query scheme in cloud computing for massive data scenarios (Mul_STK), which can realize the following two guarantees for outsourced computing. Firstly, to realize the parallelized and efficient query with multiple attributes, we design a multi-attribute unified encoding technique to encode multiple attributes into unified vectors and construct an STK-BH tree structure. We further design an efficient filtration-verification query algorithm based on the STK-BH tree to fully utilize the characteristics of multi-dimensional attributes and realize parallelized dynamic pruning query. Secondly, to realize a secure multi-attribute query, three secure atomic predicate encryption protocols are constructed based on techniques of improved symmetric homomorphic encryption (iSHE), advanced encryption standard (AES), and lightweight matrix encryption. In addition, we combine these secure protocols with the efficient filtration-verification algorithm to propose Mul_STK, which guarantees the balance between efficiency and privacy-preservation in cloud computing environments. Security analysis and experiments show that Mul_STK achieves high query efficiency in cloud computing while ensuring data privacy, query privacy, and access pattern privacy.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103490"},"PeriodicalIF":4.1000,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125001626","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

With the explosive growth of spatio-temporal-keyword data and the popularity of cloud computing, data owners often encrypt and outsource massive data to cloud servers to provide secure query services. To improve query efficiency, cloud servers typically optimize the organization of massive spatio-temporal data for efficient keyword-based query. However, for the multi-attribute query, the existing works lack an integrated coding theory, which cannot realize a parallelized and efficient query. Moreover, the existing serialized query for each attribute is inefficient and leads to users’ privacy leakage. To address these issues, we propose a privacy-preserving and efficient multi-attribute query scheme in cloud computing for massive data scenarios (Mul_STK), which can realize the following two guarantees for outsourced computing. Firstly, to realize the parallelized and efficient query with multiple attributes, we design a multi-attribute unified encoding technique to encode multiple attributes into unified vectors and construct an STK-BH tree structure. We further design an efficient filtration-verification query algorithm based on the STK-BH tree to fully utilize the characteristics of multi-dimensional attributes and realize parallelized dynamic pruning query. Secondly, to realize a secure multi-attribute query, three secure atomic predicate encryption protocols are constructed based on techniques of improved symmetric homomorphic encryption (iSHE), advanced encryption standard (AES), and lightweight matrix encryption. In addition, we combine these secure protocols with the efficient filtration-verification algorithm to propose Mul_STK, which guarantees the balance between efficiency and privacy-preservation in cloud computing environments. Security analysis and experiments show that Mul_STK achieves high query efficiency in cloud computing while ensuring data privacy, query privacy, and access pattern privacy.

查看原文本刊更多论文

Mul_STK：云计算中具有时空关键字多属性的高效且保护隐私的查询

随着时空关键字数据的爆炸式增长和云计算的普及，数据所有者往往将海量数据加密并外包给云服务器，以提供安全的查询服务。为了提高查询效率，云服务器通常会优化海量时空数据的组织，以实现高效的基于关键字的查询。然而，对于多属性查询，现有的工作缺乏集成的编码理论，无法实现并行化和高效的查询。此外，现有的对每个属性的序列化查询效率低下，导致用户隐私泄露。针对这些问题，我们提出了一种保护隐私且高效的海量数据场景下云计算多属性查询方案（Mul_STK），该方案可以为外包计算实现以下两方面的保障。首先，为了实现多属性并行高效查询，设计了一种多属性统一编码技术，将多个属性编码为统一向量，构造STK-BH树结构；进一步设计了一种基于STK-BH树的高效过滤验证查询算法，充分利用属性的多维特性，实现并行化动态剪枝查询。其次，为了实现安全的多属性查询，基于改进对称同态加密（iSHE）、高级加密标准（AES）和轻量级矩阵加密技术构建了三种安全原子谓词加密协议；此外，我们将这些安全协议与高效的过滤验证算法相结合，提出Mul_STK，保证了云计算环境下效率与隐私保护之间的平衡。安全性分析和实验表明，Mul_STK在保证数据隐私、查询隐私和访问模式隐私的同时，在云计算中实现了较高的查询效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.