Skip to main content
SpringerLink
Log in

Multi-level Access in Searchable Symmetric Encryption

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10323))

Included in the following conference series:

Abstract

Remote storage delivers a cost effective solution for data storage. If data is of a sensitive nature, it should be encrypted prior to outsourcing to ensure confidentiality; however, searching then becomes challenging. Searchable encryption is a well-studied solution to this problem. Many schemes only consider the scenario where users can search over the entirety of the encrypted data. In practice, sensitive data is likely to be classified according to an access control policy and different users should have different access rights. It is unlikely that all users have unrestricted access to the entire data set. Current schemes that consider multi-level access to searchable encryption are predominantly based on asymmetric primitives. We investigate symmetric solutions to multi-level access in searchable encryption where users have different access privileges to portions of the encrypted data and are not permitted to search over, or learn information about, data for which they are not authorised.

J. Alderman—Supported by the European Commission under project H2020-644024 “CLARUS” and acknowledges support from BAE Systems Advanced Technology Centre.

S.L. Renwick—Supported by Thales UK and EPSRC under a CASE Award.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A poset is a set of labels L and a binary order relation \(\leqslant \) on L such that for all xy and \(z \in L\), \(x \leqslant x\) (reflexivity), if \(x \leqslant y\) and \(y \leqslant x\) then \(x = y\) (antisymmetry), and if \(x \leqslant y\) and \(y \leqslant z\) then \(x\leqslant z\) (transitivity). If \(x \leqslant y\) then we may write \(y \geqslant x\).

  2. 2.

    This algorithm is sometimes referred to as \(\mathsf {MSSE.Trapdoor}\) in the literature, however to maintain consistent notation throughout this paper we refer to it as \(\mathsf {MSSE.Query}\).

References

  1. Alderman, J., Martin, K.M., Renwick, S.L.: Multi-level access in searchable symmetric encryption. IACR Cryptology ePrint Archive, Report 2017/211 (2017)

    Google Scholar 

  2. Bell, E., La Padula, L.: Secure computer system: unified exposition and multics interpretation. Technical report, Mitre Corporation (1976)

    Google Scholar 

  3. Benaloh, J., Chase, M., Horvitz, E., Lauter, K.E.: Patient controlled encryption: ensuring privacy of electronic medical records. In: Proceedings of the First ACM Cloud Computing Security Workshop, CCSW 2009, pp. 103–114. ACM (2009)

    Google Scholar 

  4. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_30

    Chapter  Google Scholar 

  5. Byun, J.W., Rhee, H.S., Park, H.-A., Lee, D.H.: Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 75–83. Springer, Heidelberg (2006). https://doi.org/10.1007/11844662_6

    Chapter  Google Scholar 

  6. Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_30

    Chapter  Google Scholar 

  7. Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_33

    Chapter  Google Scholar 

  8. Crampton, J.: Cryptographic enforcement of role-based access control. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 191–205. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19751-2_13

    Chapter  Google Scholar 

  9. Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 79–88. ACM (2006)

    Google Scholar 

  10. Goh, E.-J.: Secure indexes. IACR Cryptology ePrint Archive, Report 2003/216 (2003)

    Google Scholar 

  11. Kaci, A., Bouabana-Tebibel, T., Challal, Z.: Access control aware search on the cloud computing. In: 2014 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2014, pp. 1258–1264. IEEE (2014)

    Google Scholar 

  12. Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 258–274. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_22

    Chapter  Google Scholar 

  13. Kamara, S., Papamonthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: The ACM Conference on Computer and Communications Security, CCS 2012, pp. 965–976. ACM (2012)

    Google Scholar 

  14. Kissel, Z.A., Wang, J.: Verifiable symmetric searchable encryption for multiple groups of users. In: Proceedings of the 2013 International Conference on Security and Management, pp. 179–185. CSREA Press (2013)

    Google Scholar 

  15. Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: 2011 International Conference on Distributed Computing Systems, ICDCS, pp. 383–392. IEEE Computer Society (2011)

    Google Scholar 

  16. Cabinet Office: Goverment security classifications. Technical report (2013)

    Google Scholar 

  17. Van Rompay, C., Molva, R., Önen, M.: Multi-user searchable encryption in the cloud. In: Lopez, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 299–316. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23318-5_17

    Chapter  Google Scholar 

  18. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy, pp. 44–55. IEEE (2000)

    Google Scholar 

  19. Sun, W.,Yu, S., Lou, W.: Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. In: 2014 IEEE Conference on Computer Communications, INFOCOM 2014, pp. 226–234. IEEE (2014)

    Google Scholar 

  20. Sun, W., Yu, S., Lou, W., Hou, T., Li, H.: Protecting your right: verifiable attribute-based keyword search with fine-grainedowner-enforced search authorization in the cloud. IEEE Trans. Parallel Distrib. Syst. 27(4), 1187–1198 (2016)

    Article  Google Scholar 

  21. Yang, Y.: Attribute-based data retrieval with semantic keyword search for e-health cloud. J. Cloud Comput.: Adv. Syst. Appl. 4, 10 (2015)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

    James Alderman, Keith M. Martin & Sarah Louise Renwick

Authors
  1. James Alderman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Keith M. Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarah Louise Renwick
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sarah Louise Renwick .

Editor information

Editors and Affiliations

  1. Leibniz Universität Hannover, Hannover, Germany

    Michael Brenner

  2. New Jersey Institute of Technology, Newark, New Jersey, USA

    Kurt Rohloff

  3. New York University, New York, New York, USA

    Joseph Bonneau

  4. University of Illinois at Urbana-Champaign, Urbana, Illinois, USA

    Andrew Miller

  5. University of Luxembourg, Luxembourg, Luxembourg

    Peter Y.A. Ryan

  6. University of Melbourne, Parkville, Victoria, Australia

    Vanessa Teague

  7. University of Stirling, Stirling, United Kingdom

    Andrea Bracciali

  8. University of Trento, Trento, Italy

    Massimiliano Sala

  9. University of Trento, Trento, Italy

    Federico Pintore

  10. Agari Inc., San Mateo, California, USA

    Markus Jakobsson

Rights and permissions

Reprints and permissions

Copyright information

© 2017 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alderman, J., Martin, K.M., Renwick, S.L. (2017). Multi-level Access in Searchable Symmetric Encryption. In: Brenner, M., et al. Financial Cryptography and Data Security. FC 2017. Lecture Notes in Computer Science(), vol 10323. Springer, Cham. https://doi.org/10.1007/978-3-319-70278-0_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-70278-0_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-70277-3

  • Online ISBN: 978-3-319-70278-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation