多客户端布尔文件检索与自适应授权切换安全云搜索服务

IF 7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI:10.1109/tdsc.2022.3227650

Kai Zhang, Xiwen Wang, Jianting Ning, M. Wen, Rongxing Lu

{"title":"多客户端布尔文件检索与自适应授权切换安全云搜索服务","authors":"Kai Zhang, Xiwen Wang, Jianting Ning, M. Wen, Rongxing Lu","doi":"10.1109/tdsc.2022.3227650","DOIUrl":null,"url":null,"abstract":"Secure cloud search services provide a cost-effective way for resource-constrained clients to search encrypted files in the cloud, where data owners can customize search authorization. Despite providing fine-grained authorization, traditional attribute-based keyword search (ABKS) solutions generally support single keyword search. Towards expressive queries over encrypted data, multi-client searchable symmetric encryption (MC-SSE) was introduced. However, current search authorizations of existing MC-SSEs: (i) cannot support dynamic updating; (ii) are (semi-)black-box implementations of attribute-based encryption; (iii) incur significant cost during system initialization and file encryption. To address these limitations, we present AasBirch, an MC-SSE system with fast fine-grained authorization that supports adaptable authorization switching from one policy to any other one. AasBirch achieves constant-size storage and lightweight time cost for system initialization, file encryption and file searching. We conduct extensive experiments based on Enron dataset in real cloud environment. Compared to state-of-the-art MC-SSE with fine-grained authorization, AasBirch achieves 30<inline-formula><tex-math notation=\"LaTeX\">$\\sim 200\\times$</tex-math><alternatives><mml:math><mml:mrow><mml:mo>∼</mml:mo><mml:mn>200</mml:mn><mml:mo>×</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href=\"wen-ieq1-3227650.gif\"/></alternatives></inline-formula> smaller public parameter and secret key size, with the assumed least frequent keyword in a query (<inline-formula><tex-math notation=\"LaTeX\">$s$</tex-math><alternatives><mml:math><mml:mi>s</mml:mi></mml:math><inline-graphic xlink:href=\"wen-ieq2-3227650.gif\"/></alternatives></inline-formula>-term) as 21. Moreover, it runs 10<inline-formula><tex-math notation=\"LaTeX\">$\\sim 20\\times$</tex-math><alternatives><mml:math><mml:mrow><mml:mo>∼</mml:mo><mml:mn>20</mml:mn><mml:mo>×</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href=\"wen-ieq3-3227650.gif\"/></alternatives></inline-formula> faster for file encryption and <inline-formula><tex-math notation=\"LaTeX\">$>20\\times$</tex-math><alternatives><mml:math><mml:mrow><mml:mo>></mml:mo><mml:mn>20</mml:mn><mml:mo>×</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href=\"wen-ieq4-3227650.gif\"/></alternatives></inline-formula> faster for file searching. In addition, AasBirch outperforms 80,000× (resp. 7,850×) faster with <inline-formula><tex-math notation=\"LaTeX\">$s$</tex-math><alternatives><mml:math><mml:mi>s</mml:mi></mml:math><inline-graphic xlink:href=\"wen-ieq5-3227650.gif\"/></alternatives></inline-formula>-term=1 (resp. =21), as compared to classic dynamic ABKS system.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"4621-4636"},"PeriodicalIF":7.0000,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Multi-Client Boolean File Retrieval with Adaptable Authorization Switching for Secure Cloud Search Services\",\"authors\":\"Kai Zhang, Xiwen Wang, Jianting Ning, M. Wen, Rongxing Lu\",\"doi\":\"10.1109/tdsc.2022.3227650\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Secure cloud search services provide a cost-effective way for resource-constrained clients to search encrypted files in the cloud, where data owners can customize search authorization. Despite providing fine-grained authorization, traditional attribute-based keyword search (ABKS) solutions generally support single keyword search. Towards expressive queries over encrypted data, multi-client searchable symmetric encryption (MC-SSE) was introduced. However, current search authorizations of existing MC-SSEs: (i) cannot support dynamic updating; (ii) are (semi-)black-box implementations of attribute-based encryption; (iii) incur significant cost during system initialization and file encryption. To address these limitations, we present AasBirch, an MC-SSE system with fast fine-grained authorization that supports adaptable authorization switching from one policy to any other one. AasBirch achieves constant-size storage and lightweight time cost for system initialization, file encryption and file searching. We conduct extensive experiments based on Enron dataset in real cloud environment. Compared to state-of-the-art MC-SSE with fine-grained authorization, AasBirch achieves 30<inline-formula><tex-math notation=\\\"LaTeX\\\">$\\\\sim 200\\\\times$</tex-math><alternatives><mml:math><mml:mrow><mml:mo>∼</mml:mo><mml:mn>200</mml:mn><mml:mo>×</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href=\\\"wen-ieq1-3227650.gif\\\"/></alternatives></inline-formula> smaller public parameter and secret key size, with the assumed least frequent keyword in a query (<inline-formula><tex-math notation=\\\"LaTeX\\\">$s$</tex-math><alternatives><mml:math><mml:mi>s</mml:mi></mml:math><inline-graphic xlink:href=\\\"wen-ieq2-3227650.gif\\\"/></alternatives></inline-formula>-term) as 21. Moreover, it runs 10<inline-formula><tex-math notation=\\\"LaTeX\\\">$\\\\sim 20\\\\times$</tex-math><alternatives><mml:math><mml:mrow><mml:mo>∼</mml:mo><mml:mn>20</mml:mn><mml:mo>×</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href=\\\"wen-ieq3-3227650.gif\\\"/></alternatives></inline-formula> faster for file encryption and <inline-formula><tex-math notation=\\\"LaTeX\\\">$>20\\\\times$</tex-math><alternatives><mml:math><mml:mrow><mml:mo>></mml:mo><mml:mn>20</mml:mn><mml:mo>×</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href=\\\"wen-ieq4-3227650.gif\\\"/></alternatives></inline-formula> faster for file searching. In addition, AasBirch outperforms 80,000× (resp. 7,850×) faster with <inline-formula><tex-math notation=\\\"LaTeX\\\">$s$</tex-math><alternatives><mml:math><mml:mi>s</mml:mi></mml:math><inline-graphic xlink:href=\\\"wen-ieq5-3227650.gif\\\"/></alternatives></inline-formula>-term=1 (resp. =21), as compared to classic dynamic ABKS system.\",\"PeriodicalId\":13047,\"journal\":{\"name\":\"IEEE Transactions on Dependable and Secure Computing\",\"volume\":\"1 1\",\"pages\":\"4621-4636\"},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2023-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Dependable and Secure Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/tdsc.2022.3227650\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Dependable and Secure Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/tdsc.2022.3227650","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 2

摘要

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Multi-Client Boolean File Retrieval with Adaptable Authorization Switching for Secure Cloud Search Services

Secure cloud search services provide a cost-effective way for resource-constrained clients to search encrypted files in the cloud, where data owners can customize search authorization. Despite providing fine-grained authorization, traditional attribute-based keyword search (ABKS) solutions generally support single keyword search. Towards expressive queries over encrypted data, multi-client searchable symmetric encryption (MC-SSE) was introduced. However, current search authorizations of existing MC-SSEs: (i) cannot support dynamic updating; (ii) are (semi-)black-box implementations of attribute-based encryption; (iii) incur significant cost during system initialization and file encryption. To address these limitations, we present AasBirch, an MC-SSE system with fast fine-grained authorization that supports adaptable authorization switching from one policy to any other one. AasBirch achieves constant-size storage and lightweight time cost for system initialization, file encryption and file searching. We conduct extensive experiments based on Enron dataset in real cloud environment. Compared to state-of-the-art MC-SSE with fine-grained authorization, AasBirch achieves 30

$\sim 200\times$

∼200×

smaller public parameter and secret key size, with the assumed least frequent keyword in a query (

$s$

-term) as 21. Moreover, it runs 10

$\sim 20\times$

∼20×

faster for file encryption and

$>20\times$

>20×

faster for file searching. In addition, AasBirch outperforms 80,000× (resp. 7,850×) faster with

$s$

-term=1 (resp. =21), as compared to classic dynamic ABKS system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Dependable and Secure Computing 工程技术-计算机：软件工程

CiteScore

11.20

自引率

5.50%

发文量

354

审稿时长

9 months

期刊介绍： The "IEEE Transactions on Dependable and Secure Computing (TDSC)" is a prestigious journal that publishes high-quality, peer-reviewed research in the field of computer science, specifically targeting the development of dependable and secure computing systems and networks. This journal is dedicated to exploring the fundamental principles, methodologies, and mechanisms that enable the design, modeling, and evaluation of systems that meet the required levels of reliability, security, and performance. The scope of TDSC includes research on measurement, modeling, and simulation techniques that contribute to the understanding and improvement of system performance under various constraints. It also covers the foundations necessary for the joint evaluation, verification, and design of systems that balance performance, security, and dependability. By publishing archival research results, TDSC aims to provide a valuable resource for researchers, engineers, and practitioners working in the areas of cybersecurity, fault tolerance, and system reliability. The journal's focus on cutting-edge research ensures that it remains at the forefront of advancements in the field, promoting the development of technologies that are critical for the functioning of modern, complex systems.