Fine-grained search and access control in multi-user searchable encryption without shared keys

2018 ◽  
Vol 41 ◽  
pp. 124-133 ◽  
Author(s):  
Manju S Nair ◽  
Rajasree M.S
Keyword(s):  
Access Control ◽  
Searchable Encryption ◽  
Fine Grained

An Attribute-Based Searchable Encryption Scheme for Non-Monotonic Access Structure

2020 ◽  
pp. 263-283 ◽  
Author(s):  
Mamta ­ ◽  
Brij B. Gupta
Keyword(s):  
Access Control ◽  
Searchable Encryption ◽  
Access Structure ◽  
Encryption Scheme ◽  
Security Model ◽  
Secret Key ◽  
Fine Grained ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Encryption Schemes

Attribute based encryption (ABE) is a widely used technique with tremendous application in cloud computing because it provides fine-grained access control capability. Owing to this property, it is emerging as a popular technique in the area of searchable encryption where the fine-grained access control is used to determine the search capabilities of a user. But, in the searchable encryption schemes developed using ABE it is assumed that the access structure is monotonic which contains AND, OR and threshold gates. Many ABE schemes have been developed for non-monotonic access structure which supports NOT gate, but this is the first attempt to develop a searchable encryption scheme for the same. The proposed scheme results in fast search and generates secret key and search token of constant size and also the ciphertext components are quite fewer than the number of attributes involved. The proposed scheme is proven secure against chosen keyword attack (CKA) in selective security model under Decisional Bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals A Lightweight Fine-Grained Searchable Encryption Scheme in Fog-Based Healthcare IoT Networks

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Hui Li ◽  
Tao Jing
Keyword(s):  
Access Control ◽  
Healthcare System ◽  
Limited Resource ◽  
Searchable Encryption ◽  
Security Requirements ◽  
Communication Overhead ◽  
Encryption Scheme ◽  
Fine Grained ◽  
Smart Healthcare ◽  
Cloud Framework

For a smart healthcare system, a cloud based paradigm with numerous user terminals is to support and improve more reliable, convenient, and intelligent services. Considering the resource limitation of terminals and communication overhead in cloud paradigm, we propose a hybrid IoT-Fog-Cloud framework. In this framework, we deploy a geo-distributed fog layer at the edge of networks. The fogs can provide the local storage, sufficient processing power, and appropriate network functions. For the fog-based healthcare system, data confidentiality, access control, and secure searching over ciphertext are the key issues in sensitive data. Furthermore, how to adjust the storage and computing requirements to meet the limited resource is also a great challenge for data management. To address these, we design a lightweight keyword searchable encryption scheme with fine-grained access control for our proposed healthcare related IoT-Fog-Cloud framework. Through our design, the users can achieve a fast and efficient service by delegating a majority part of the workloads and storage requirements to fogs and the cloud without extra privacy leakage. We prove our scheme satisfies the security requirements and demonstrate the excellent efficiency through experimental evaluation.

scholarly journals BFR-SE: A Blockchain-Based Fair and Reliable Searchable Encryption Scheme for IoT with Fine-Grained Access Control in Cloud Environment

2021 ◽  
Vol 2021 ◽  
pp. 1-21
Author(s):  
Hongmin Gao ◽  
Shoushan Luo ◽  
Zhaofeng Ma ◽  
Xiaodan Yan ◽  
Yanping Xu
Keyword(s):  
Access Control ◽  
Service Providers ◽  
Auxiliary Information ◽  
Bloom Filter ◽  
Searchable Encryption ◽  
Security And Privacy ◽  
Encryption Scheme ◽  
Fine Grained ◽  
Data User ◽  
Iot Devices

Due to capacity limitations, large amounts of data generated by IoT devices are often stored on cloud servers. These data are usually encrypted to prevent the disclosure, which significantly affects the availability of this data. Searchable encryption (SE) allows a party to store his data created by his IoT devices or mobile in encryption on the cloud server to protect his privacy while retaining his ability to search for data. However, the general SE techniques are all pay-then-use. The searchable encryption service providers (SESP) are considered curious but honest, making it unfair and unreliable. To address these problems, we combined ciphertext-policy attribute-based encryption, Bloom filter, and blockchain to propose a blockchain-based fair and reliable searchable encryption scheme (BFR-SE) in this paper. In BFR-SE, we constructed an attribute-based searchable encryption model that can provide fine-grained access control. The data owner stores the indices on SESP and stores some additional auxiliary information on the blockchain. After a data user initiates a request, SESP must return the correct and integral search results before the deadline. Otherwise, the data user can send an arbitration request, and the blockchain will make a ruling. The blockchain will only perform arbitrations based on auxiliary information when disputes arise, saving the computing resources on-chain. We analyzed the security and privacy of BFR-SE and simulated our scheme on the EOS blockchain, which proves that BFR-SE is feasible. Meanwhile, we provided a thorough analysis of storage and computing overhead, proving that BFR-SE is practical and has good performance.

scholarly journals Privacy-Enhancing k-Nearest Neighbors Search over Mobile Social Networks

Sensors ◽  
2021 ◽  
Vol 21 (12) ◽  
pp. 3994
Author(s):  
Yuxi Li ◽  
Fucai Zhou ◽  
Yue Ge ◽  
Zifeng Xu
Keyword(s):  
Social Networks ◽  
Access Control ◽  
Location Privacy ◽  
Nearest Neighbors ◽  
Search Pattern ◽  
Broadcast Encryption ◽  
Mobile Social Networks ◽  
K Nearest Neighbors ◽  
Fine Grained ◽  
Server Architecture

Focusing on the diversified demands of location privacy in mobile social networks (MSNs), we propose a privacy-enhancing k-nearest neighbors search scheme over MSNs. First, we construct a dual-server architecture that incorporates location privacy and fine-grained access control. Under the above architecture, we design a lightweight location encryption algorithm to achieve a minimal cost to the user. We also propose a location re-encryption protocol and an encrypted location search protocol based on secure multi-party computation and homomorphic encryption mechanism, which achieve accurate and secure k-nearest friends retrieval. Moreover, to satisfy fine-grained access control requirements, we propose a dynamic friends management mechanism based on public-key broadcast encryption. It enables users to grant/revoke others’ search right without updating their friends’ keys, realizing constant-time authentication. Security analysis shows that the proposed scheme satisfies adaptive L-semantic security and revocation security under a random oracle model. In terms of performance, compared with the related works with single server architecture, the proposed scheme reduces the leakage of the location information, search pattern and the user–server communication cost. Our results show that a decentralized and end-to-end encrypted k-nearest neighbors search over MSNs is not only possible in theory, but also feasible in real-world MSNs collaboration deployment with resource-constrained mobile devices and highly iterative location update demands.

Sign in / Sign up

Export Citation Format

Share Document