Biblio

Cloud computing is preferred because of its numerous improvements, such as data security, low maintenance cost, unlimited storage capacity and consistent backups. However, legitimate users take advantage of cloud storage services for storing a considerable amount of sensitive data. After storing data on the cloud, data users pass on control over data to cloud administrators. Although for assuring data security, sensitive information needs to be encrypted before deploying it on the cloud server. In traditional searchable encryption, encrypted data can be searched using keywords on a cloud server without knowing data details, and users can retrieve certain specific files of interest after authentication. However, the results are only related to the exact matching keyword searches. This drawback affects system usability and efficiency, due to which existing encryption methods are unsuitable in cloud computing. To avoid the above problems, this study includes as follows: Firstly, we analyze all fuzzy keyword search techniques that are wildcard based, gram based and trie-traverse. Secondly, we briefly describe certificateless cryptography and suggest a certificateless searchable encryption scheme. Finally, this study gives easy access to developing a fuzzy keyword searchable system for a new researcher to combine the above two points. It provides easy access and efficient search results.

Security, efficiency and availability are three key factors that affect the application of searchable encryption schemes in mobile cloud computing environments. In order to meet the above characteristics, this paper proposes a certificateless public key encryption with a keyword search (CLPEKS) scheme. In this scheme, a CLPEKS generation method and a Trapdoor generation method are designed to support multiple receivers to query. Based on the elliptic curve scalar multiplication, the efficiencies of encrypting keywords, generating Trapdoors, and testing are improved. By adding a random number factor to the Trapdoor generation, the scheme can resist the internal keyword guessing attacks. Under the random oracle model, it is proved that the scheme can resist keyword guessing attacks. Theoretical analyses and implementation show that the proposed scheme is more efficient than the existing schemes.

Cloud computing has helped in managing big data and providing resources remotely and ubiquitously, but it has some latency and security concerns. Fog has provided tremendous advantages over cloud computing which include low latency rate, improved real-time interactions, reduced network traffic overcrowding, and improved reliability, however, security concerns need to be addressed separately. Another major issue in the cloud is Cloud Lock-in/Vendor Lock-in. Through this research, an effort has been made to extend fog computing and Searchable Encryption technologies. The proposed system can reduce the issue of cloud lock-in faced in traditional cloud computing. The SE schemes used in this paper are Symmetric Searchable Encryption (SSE) and Multi-keyword Ranked Searchable Encryption (MRSE) to achieve confidentiality, privacy, fine-grained access control, and efficient keyword search. This can help to achieve better access control and keyword search simultaneously. An important use of this technique is it helps to prevent the issue of cloud/vendor lock-in. This can shift some computation and storage of index tables over fog nodes that will reduce the dependency on Cloud Service Providers (CSPs).

Searchable symmetric encryption enables users with the secret key to conduct keyword search on encrypted data without decryption. Recently, dynamic searchable symmetric encryption (DSSE) which provides secure functionalities for adding or deleting documents has been studied extensively. Many DSSE schemes construct indexes in order to efficiently conduct keyword search. On the other hand, the indexes constructed in DSSE are complicated and independent to indexes supported by database management systems (DBMSs). Plug-in developments over DBMSs are often restricted, and therefore it is not easy to develop softwares which can deploy DSSE schemes to DBMSs. In this paper, we propose a DBMS-friendly searchable symmetric encryption scheme which can generate indexes suitable for DBMSs. Our index can narrow down encrypted data which should be conducted keyword search, and be combined with well-used indexes supported by many DBMSs. Our index consists of a small portion of an output value of a cryptographic deterministic function (e.g. pseudo-random function or hash function). We also show an experiment result of our scheme deployed to DBMSs.

Nowadays, many data owners choose to outsource their data to public cloud servers while allowing authorized users to retrieve them. To protect data confidentiality from an untrusted cloud, many studies on searchable encryption (SE) are proposed for privacy-preserving search over encrypted data. However, most of the existing SE schemes only focus on the single-owner model. Users need to search one-by-one among data owners to retrieve relevant results even if data are from the same cloud server, which inevitably incurs unnecessary bandwidth and computation cost to users. Thus, how to enable efficient authorized search over multi-owner datasets remains to be fully explored. In this paper, we propose a new privacy-preserving search scheme for the multi-owner and multi-user model. Our proposed scheme has two main advantages: 1) We achieve an attribute-based keyword search for multi-owner model, where users can only search datasets from specific authorized owners. 2) Each data owner can enforce its own fine-grained access policy for users while an authorized user only needs to generate one trapdoor (i.e., encrypted search keyword) to search over multi-owner encrypted data. Through rigorous security analysis and performance evaluation, we demonstrate that our scheme is secure and feasible.

In order to realize the sharing of data by multiple users on the blockchain, this paper proposes an attribute-based searchable encryption with verifiable ciphertext scheme via blockchain. The scheme uses the public key algorithm to encrypt the keyword, the attribute-based encryption algorithm to encrypt the symmetric key, and the symmetric key to encrypt the file. The keyword index is stored on the blockchain, and the ciphertext of the symmetric key and file are stored on the cloud server. The scheme uses searchable encryption technology to achieve secure search on the blockchain, uses the immutability of the blockchain to ensure the security of the keyword ciphertext, uses verify algorithm guarantees the integrity of the data on the cloud. When the user's attributes need to be changed or the ciphertext access structure is changed, the scheme uses proxy re-encryption technology to implement the user's attribute revocation, and the authority center is responsible for the whole attribute revocation process. The security proof shows that the scheme can achieve ciphertext security, keyword security and anti-collusion. In addition, the numerical results show that the proposed scheme is effective.

With the rapid development of network storage service, a number of companies and individuals have stored data on a third-party server. Encryption is an effective means of protecting the confidentiality and privacy of data, but retrieval on the encrypted data is a very difficult task. Thus, searchable encryption has become a hot topic in recent years. The paper first introduces the existing searchable encryption algorithms. Then studies the new PEKS scheme (NPEKS) and analyzes its performance and efficiency. In the end, based on NPEKS, introduced attribute encryption, designed a scheme which is suitable for corporate cloud storage environment. This scheme not only has the advantages of simplicity and efficiency, but also can realize the secret retrieval of the third-party data. Experiments show that comparing with existing PEKS schemes and other improved schemes, this scheme has the advantages of simplicity and high efficiency. In addition, its security is the same as existing PEKS schemes.

Research and Development, and information management professionals routinely employ simple keyword searches or more complex Boolean queries when using databases such as PubMed and Ovid and search engines like Google to find the information they need. While satisfying the basic needs of the researcher, basic search is limited which can adversely affect both precision and recall, decreasing productivity and damaging the researchers' ability to discover new insights. The cloud service providers who store user's data may access sensitive information without any proper authority. A basic approach to save the data confidentiality is to encrypt the data. Data encryption also demands the protection of keyword privacy since those usually contain very vital information related to the files. Encryption of keywords protects keyword safety. Fuzzy keyword search enhances system usability by matching the files perfectly or to the nearest possible files against the keywords entered by the user based on similar semantics. Encrypted keyword search in cloud using this logic provides the user, on entering keywords, to receive best possible files in a more secured manner, by protecting the user's documents.

Big Data has rapidly developed into a hot research topic in many areas that attracts attention from academia and industry around the world. Many organization demands efficient solution to store, process, analyze and search huge amount of information. With the rapid development of cloud computing, organization prefers cloud storage services to reduce the overhead of storing data locally. However, the security and privacy of big data in cloud computing is a major source of concern. One of the positive ways of protecting data is encrypting it before outsourcing to remote servers, but the encrypted significant amounts of cloud data brings difficulties for the remote servers to perform any keyword search functions without leaking information. Various privacy-preserving keyword search (PPKS) schemes have been proposed to mitigate the privacy issue of big data encrypted on cloud storage. This paper presents an extensive analysis of the existing PPKS techniques in terms of verifiability, efficiency and data privacy. Through this analysis, we present some valuable directions for future work.

The usage of cloud for data storage has become ubiquitous. To prevent data leakage and hacks, it is common to encrypt the data (e.g. PDF files) before sending it to a cloud. However, this limits the search for specific files containing certain keywords over an encrypted cloud data. The traditional method is to take down all files from a cloud, store them locally, decrypt and then search over them, defeating the purpose of using a cloud. In this paper, we propose a method, called SecureCSearch, to perform keyword search operations on the encrypted PDF files over cloud in an efficient manner. The proposed method makes use of Shamir's Secret Sharing scheme in a novel way to create encrypted shares of the PDF file and the keyword to search. We show that the proposed method maintains the security of the data and incurs minimal computation cost.

The recent development of IoT technologies and cloud storages, many types of information including private information have been gradually outsourced. For such a situation, new convenient functionalities such as arithmetic and keyword search on ciphertexts are required to allow users to retrieve information without leaking any information. Especially, searchable encryptions have been paid much attention to realize a keyword search on an encrypted domain. In addition, an architecture of searchable symmetric encryption (SSE) is a suitable and efficient solution for data outsourcing. In this paper, we focus on an SSE scheme which employs a secure index for searching a keyword with optimal search time. In the conventional studies, it has been widely considered that the scheme searches whether a queried keyword is contained in encrypted documents. On the other hand, we additionally take into account the location of a queried keyword in documents by targeting a matrix-type data format. It enables a manager to search personal information listed per line or column in CSV-like format data.

Searchable encryption is one of the most important techniques for the sensitive data outsourced to cloud server, and has been widely used in cloud storage which brings huge convenience and saves bandwidth and computing resources. A novel searchable cryptographic scheme is proposed by which data owner can control the search and use of the outsourced encrypted data according to its access control policy. The scheme is called searchable ciphertext-policy attribute-based encryption with multikeywords (CPABMKS). In the scheme, CP-ABE and keywords are combined together through the way that the keywords are regarded as the file attributes. To overcome the previous problems in cloud storage, access structures are hidden so that receivers cannot extract sensitive information from the ciphertext. At the same time, this scheme supports the multi-keywords search, and the data owner can outsource the encryption operations to the private cloud that can reduce the data owner' calculation. The security of this scheme is proved based on the DBDH assumption. Finally, scheme evaluation shows that the CPABMKS scheme is practical

This paper considers the security problem of outsourcing storage from user devices to the cloud. A secure searchable encryption scheme is presented to enable searching of encrypted user data in the cloud. The scheme simultaneously supports fuzzy keyword searching and matched results ranking, which are two important factors in facilitating practical searchable encryption. A chaotic fuzzy transformation method is proposed to support secure fuzzy keyword indexing, storage and query. A secure posting list is also created to rank the matched results while maintaining the privacy and confidentiality of the user data, and saving the resources of the user mobile devices. Comprehensive tests have been performed and the experimental results show that the proposed scheme is efficient and suitable for a secure searchable cloud storage system.

Searchable encryption is an important technique for public cloud storage service to provide user data confidentiality protection and at the same time allow users performing keyword search over their encrypted data. Previous schemes only deal with exact or fuzzy keyword search to correct some spelling errors. In this paper, we propose a new wildcard searchable encryption system to support wildcard keyword queries which has several highly desirable features. First, our system allows multiple keywords search in which any queried keyword may contain zero, one or two wildcards, and a wildcard may appear in any position of a keyword and represent any number of symbols. Second, it supports simultaneous search on multiple data owner’s data using only one trapdoor. Third, it provides flexible user authorization and revocation to effectively manage search and decryption privileges. Fourth, it is constructed based on homomorphic encryption rather than Bloom filter and hence completely eliminates the false probability caused by Bloom filter. Finally, it achieves a high level of privacy protection since matching results are unknown to the cloud server in the test phase. The proposed system is thoroughly analyzed and is proved secure. Extensive experimental results indicate that our system is efficient compared with other existing wildcard searchable encryption schemes in the public key setting.

As cloud computing becomes prevalent, more and more data owners are likely to outsource their data to a cloud server. However, to ensure privacy, the data should be encrypted before outsourcing. Symmetric searchable encryption allows users to retrieve keyword over encrypted data without decrypting the data. Many existing schemes that are based on symmetric searchable encryption only support single keyword search, conjunctive keywords search, multiple keywords search, or single phrase search. However, some schemes, i.e., static schemes, only search one phrase in a query request. In this paper, we propose a multi-phrase ranked search over encrypted cloud data, which also supports dynamic update operations, such as adding or deleting files. We used an inverted index to record the locations of keywords and to judge whether the phrase appears. This index can search for keywords efficiently. In order to rank the results and protect the privacy of relevance score, the relevance score evaluation model is used in searching process on client-side. Also, the special construction of the index makes the scheme dynamic. The data owner can update the cloud data at very little cost. Security analyses and extensive experiments were conducted to demonstrate the safety and efficiency of the proposed scheme.

With the development of cloud computing and its economic benefit, more and more companies and individuals outsource their data and computation to clouds. Meanwhile, the business way of resource outsourcing makes the data out of control from its owner and results in many security issues. The existing secure keyword search methods assume that cloud servers are curious-but-honest or partial honest, which makes them powerless to deal with the deliberately falsified or fabricated results of insider attacks. In this paper, we propose a verifiable single keyword top-k search scheme against insider attacks which can verify the integrity of search results. Data owners generate verification codes (VCs) for the corresponding files, which embed the ordered sequence information of the relevance scores between files and keywords. Then files and corresponding VCs are outsourced to cloud servers. When a data user performs a keyword search in cloud servers, the qualified result files are determined according to the relevance scores between the files and the interested keyword and then returned to the data user together with a VC. The integrity of the result files is verified by data users through reconstructing a new VC on the received files and comparing it with the received one. Performance evaluation have been conducted to demonstrate the efficiency and result redundancy of the proposed scheme.

Distributed storage platforms draw much attention due to their high reliability and scalability for handling a massive amount of data. To protect user and data privacy, encryption is considered as a necessary feature for production systems like Storj. But it prohibits the nodes from performing content search. To preserve the functionality, we observe that a protocol of integration with searchable encryption and keyword search via distributed hash table allows the nodes in a network to search over encrypted and distributed data. However, this protocol does not address a practical threat in a fully distributed scenario. Malicious nodes would sabotage search results, and easily infiltrate the system as the network grows. Using primitives such as MAC and verifiable data structure may empower the users to verify the search result, but the robustness of the overall system can hardly be ensured. In this paper, we address this issue by proposing a protocol that is seamlessly incorporated to encrypted search in distributed network to attest and monitor nodes. From the moment a node joins the system, it will be attested and continuously monitored through verifiable search queries. The result of each attestation is determined via a standard quorum-based voting protocol, and then recorded on the blockchain as a consensus view of trusted nodes. Based on the proposed protocols, malicious nodes can be detected and removed by a majority of nodes in a self-determining manner. To demonstrate the security and efficiency, we conduct robustness analysis against several potential attacks, and perform performance and overhead evaluation on the proposed protocol.