SafeBox:一种在云应用程序中搜索和共享加密数据的方案

2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC) Pub Date : 2017-12-01 DOI:10.1109/SPAC.2017.8304356

Guofeng Wang, Chuanyi Liu, Yingfei Dong, Hezhong Pan, Peiyi Han, Binxing Fang

{"title":"SafeBox:一种在云应用程序中搜索和共享加密数据的方案","authors":"Guofeng Wang, Chuanyi Liu, Yingfei Dong, Hezhong Pan, Peiyi Han, Binxing Fang","doi":"10.1109/SPAC.2017.8304356","DOIUrl":null,"url":null,"abstract":"Confidential data is often encrypted before it is uploaded to cloud servers. However, client-controlled encryption often poses a major barrier towards the full functionalities of cloud services. This paper presents SafeBox, a new Cloud Access Security Broker (CASB)-based approach that protects sensitive information against attackers with full control of cloud servers, and allows clients to search and share encrypted data transparently. It addresses the following challenges: First, SafeBox brings almost no loss of functionalities for protecting sensitive information in cloud applications. It safeguards not only textual input data but also uploaded files. Second, it allows a server to perform keyword-based searching over encrypted contents, and does not modify the current cloud interfaces or users' habits. Finally, it enables encrypted data sharing between different brokers efficiently. Our experimental evaluations on multiple cloud applications show that SafeBox has modest overheads and can be applied to practical use.","PeriodicalId":161647,"journal":{"name":"2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"SafeBox: A scheme for searching and sharing encrypted data in cloud applications\",\"authors\":\"Guofeng Wang, Chuanyi Liu, Yingfei Dong, Hezhong Pan, Peiyi Han, Binxing Fang\",\"doi\":\"10.1109/SPAC.2017.8304356\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Confidential data is often encrypted before it is uploaded to cloud servers. However, client-controlled encryption often poses a major barrier towards the full functionalities of cloud services. This paper presents SafeBox, a new Cloud Access Security Broker (CASB)-based approach that protects sensitive information against attackers with full control of cloud servers, and allows clients to search and share encrypted data transparently. It addresses the following challenges: First, SafeBox brings almost no loss of functionalities for protecting sensitive information in cloud applications. It safeguards not only textual input data but also uploaded files. Second, it allows a server to perform keyword-based searching over encrypted contents, and does not modify the current cloud interfaces or users' habits. Finally, it enables encrypted data sharing between different brokers efficiently. Our experimental evaluations on multiple cloud applications show that SafeBox has modest overheads and can be applied to practical use.\",\"PeriodicalId\":161647,\"journal\":{\"name\":\"2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)\",\"volume\":\"50 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SPAC.2017.8304356\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPAC.2017.8304356","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

机密数据在上传到云服务器之前通常是加密的。但是，客户端控制的加密通常是实现云服务全部功能的主要障碍。本文介绍了SafeBox，一种新的基于云访问安全代理(CASB)的方法，通过完全控制云服务器来保护敏感信息免受攻击者的攻击，并允许客户端透明地搜索和共享加密数据。它解决了以下挑战:首先，SafeBox几乎没有丢失保护云应用程序中敏感信息的功能。它不仅保护文本输入数据，也保护上传的文件。其次，它允许服务器对加密内容执行基于关键字的搜索，并且不会修改当前的云接口或用户习惯。最后，它支持在不同代理之间有效地共享加密数据。我们对多个云应用程序的实验评估表明，SafeBox具有适度的开销，可以应用于实际使用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SafeBox: A scheme for searching and sharing encrypted data in cloud applications

Confidential data is often encrypted before it is uploaded to cloud servers. However, client-controlled encryption often poses a major barrier towards the full functionalities of cloud services. This paper presents SafeBox, a new Cloud Access Security Broker (CASB)-based approach that protects sensitive information against attackers with full control of cloud servers, and allows clients to search and share encrypted data transparently. It addresses the following challenges: First, SafeBox brings almost no loss of functionalities for protecting sensitive information in cloud applications. It safeguards not only textual input data but also uploaded files. Second, it allows a server to perform keyword-based searching over encrypted contents, and does not modify the current cloud interfaces or users' habits. Finally, it enables encrypted data sharing between different brokers efficiently. Our experimental evaluations on multiple cloud applications show that SafeBox has modest overheads and can be applied to practical use.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)

自引率

0.00%

发文量