Skip to main content
SpringerLink
Log in

Privacy-aware searching with oblivious term matching for cloud storage

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Encryption ensures confidentiality of the data outsourced to cloud storage services. Searching the encrypted data enables subscribers of a cloud storage service to access only relevant data, by defining trapdoors or evaluating search queries on locally stored indexes. However, these approaches do not consider access privileges while executing search queries. Furthermore, these approaches restrict the searching capability of a subscriber to a limited number of trapdoors defined during data encryption. To address the issue of privacy-aware data search, we propose Oblivious Term Matching (OTM). Unlike existing systems, OTM enables authorized subscribers to define their own search queries comprising of arbitrary number of selection criterion. OTM ensures that cloud service provider obliviously evaluates encrypted search queries without learning any information about the outsourced data. Our performance analysis has demonstrated that search queries comprising of 2 to 14 distinct search criteria cost only 0.03 to 1.09 $ per 1000 requests.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Notes

  1. We assume that encrypted data are outsourced to a cloud storage. For simplicity we refer encrypted data residing within untrusted domain of a cloud service provider as outsourced data.

  2. Privacy-aware data search is realized by distributing appropriate cryptographic keys to authorized subscribers. Inaccessibility to these cryptographic keys restrains capabilities of unauthorized subscribers to search cloud storage and deduce any information about the outsourced data even if they collude with cloud service provider.

References

  1. Armbrust M et al (2010) A view of cloud computing. Commun ACM 53:50–58

    Article  Google Scholar 

  2. Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I (2009) Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Gener Comput Syst 25:599–616

    Article  Google Scholar 

  3. Gartner—top trends for 2010, by Brian Prentice

  4. Grossman RL (2009) The case for cloud computing. In: IT professional, March, vol 11, pp 23–27

    Google Scholar 

  5. Amazon s3 pricing

  6. Google App Engine—pricing and features

  7. Hacigümüş H, Iyer B, Li C, Mehrotra S (2002) Executing sql over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD international conference on management of data, SIGMOD ’02, New York, NY, USA. ACM, New York, pp 216–227

    Chapter  Google Scholar 

  8. Kaufman LM (2009) In: Data security in the world of cloud computing, Piscataway, NJ, USA, July, vol 7, pp 61–64. IEEE Educational Activities Department

    Google Scholar 

  9. Curino C, Jones E, Popa RA, Malviya N, Wu E, Madden S, Balakrishnan H, Zeldovich N (2011) Relational cloud: a database service for the cloud. In: 5th biennial conference on innovative data systems research, Asilomar, CA, January

    Google Scholar 

  10. Chow R, Golle P, Jakobsson M, Shi E, Staddon J, Masuoka R, Molina J (2009) Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM workshop on cloud computing security, CCSW ’09, New York, NY, USA. ACM, New York, pp 85–90

    Chapter  Google Scholar 

  11. Song DX, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Proceedings of 2000 IEEE symposium on security and privacy, S P 2000, 2000, pp 44–55

    Google Scholar 

  12. Boneh D, Crescenzo GD, Ostrovsky R, Persiano G (2004) Public key encryption with keyword search. In: EUROCRYPT, pp 506–522

    Google Scholar 

  13. Li M, Yu S, Cao N, Lou W (2011) Authorized private keyword search over encrypted data in cloud computing. In: 2011 31st international conference on distributed computing systems (ICDCS), June, pp 383–392

    Chapter  Google Scholar 

  14. Wang C, Cao N, Li J, Ren K, Lou W (2010) Secure ranked keyword search over encrypted cloud data. In: 2010 IEEE 30th international conference on distributed computing systems (ICDCS), June, pp 253–262

    Chapter  Google Scholar 

  15. Google Search Appliance

  16. Enterprise search server solutions

  17. Paillier P (1999) Public key cryptosystems based on composite degree residuosity classes. In: Proceedings of the 17th international conference on theory and application of cryptographic techniques, EUROCRYPT’99, Berlin, Heidelberg. Springer, Berlin, pp 223–238

    Google Scholar 

  18. Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9:1–30

    Article  Google Scholar 

  19. Google App Engine—run your web applications on Google’s infrastructure

  20. Google Docs—create and share your work online

  21. Google App Engine—using the datastore

  22. cheng Chang Y, Mitzenmacher M (2005) Privacy preserving keyword searches on remote encrypted data. In: Proc of 3rd applied cryptography and network security conference (ACNS), pp 442–455

    Chapter  Google Scholar 

  23. Curtmola R, Garay J, Kamara S, Ostrovsky R (2006) Searchable symmetric encryption: improved definitions and efficient constructions

  24. Yang Z, Zhong S, Wright RN (2006) Privacy-preserving queries on encrypted data. In: Proc of 11th European symposium on research in computer security (Esorics), pp 479–495

    Google Scholar 

  25. Kamara S, Papamanthou C, Roeder T (2011) Cs2: a searchable cryptographic cloud storage system. Tech report MSR-TR-2011-58, Microsoft research

  26. Singh A, Srivatsa M, Liu L (2009) Search-as-a-service: outsourced search over outsourced storage. ACM Trans Web 3:13:1–13:33

    Article  Google Scholar 

  27. Paillier P (2000) Trapdooring discrete logarithms on elliptic curves over rings. In: Proceedings of the 6th international conference on the theory and application of cryptology and information security: advances in cryptology, ASIACRYPT ’00, London, UK. Springer, Berlin, pp 573–584

    Google Scholar 

  28. Freedman M, Nissim K, Pinkas B (2004) Efficient private matching and set intersection. Springer, Berlin, pp 1–19

    Google Scholar 

  29. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and Fine-grained data access control in cloud computing. In: Proceedings of the 29th conference on information communications, INFOCOM’10, Piscataway, NJ, USA. IEEE Press, New York, pp 534–542

    Google Scholar 

  30. Apache Lucene core

  31. Google App Engine—adjusting application performance

  32. Ecrypt ii yearly report on algorithms and keysizes

  33. New European schemes for signatures, integrity, and encryption

  34. Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD international conference on management of data, SIGMOD ’04, New York, NY, USA. ACM, New York, pp 563–574

    Chapter  Google Scholar 

Download references

Acknowledgement

This research was supported by the MKE (The Ministry of Knowledge Economy), Korea, under the ITRC (Information Technology Research Centre) support program supervised by the NIPA (National IT Industry Promotion Agency)” (NIPA-2012-(H0301-12-2001)).

Author information

Authors and Affiliations

  1. Ubiquitous Computing Lab, Department of Computer Engineering, Kyung Hee University, Global Campus, 1 Seocheon-dong, Giheung-gu, Yongin-si, Gyeonggi-do, 446-701, South Korea

    Zeeshan Pervez, Ammar Ahmad Awan, Asad Masood Khattak & Sungyoung Lee

  2. Internet Computing and Network Security Lab, Department of Computer Engineering, Kyung Hee University, Global Campus, 1 Seocheon-dong, Giheung-gu, Yongin-si, Gyeonggi-do, 446-701, South Korea

    Eui-Nam Huh

Authors
  1. Zeeshan Pervez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ammar Ahmad Awan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Asad Masood Khattak
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sungyoung Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Eui-Nam Huh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sungyoung Lee.

Appendix: Performance evaluation: data tables

Appendix: Performance evaluation: data tables

Performance evaluation presented in Sect. 7 is based on the following data tables. Figure 2 presented the visual representation of Table 2. Similarly, Figs. 3, 4, and 5 are associated with Tables 3, 4, and 5, respectively.

Table 2 Inverted index generation and indexed term encryption time
Full size table
Table 3 Search criteria encryption and decryption time
Full size table
Table 4 Query modelling, oblivious query generation encryption and response extraction time
Full size table
Table 5 Oblivious query evaluation time, cloud server response time and estimated execution cost for 1000 requests
Full size table

Rights and permissions

Reprints and permissions

About this article

Cite this article

Pervez, Z., Awan, A.A., Khattak, A.M. et al. Privacy-aware searching with oblivious term matching for cloud storage. J Supercomput 63, 538–560 (2013). https://doi.org/10.1007/s11227-012-0829-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-012-0829-z

Keywords

Search

Navigation