| With the abundant storage and computing resources,Cloud computing provides a more convenient and efficient data sharing model for people's pro-duction and life.More and more enterprises,government agencies or individ-uals willing to outsource their huge amounts of data to the cloud platform,and the legitimate users can access the cloud server via Internet whenever and wher-ever,search and download the data they interested,so that it could reduce the cost of local data storage,transmission and management for data owner.How-ever,the outsourced data,especially the data outsourced to the public cloud,are no longer completely controlled by the data owners,it makes the related data security problems becoming the biggest obstacle to the development of data outsourcing services,including data confidentiality and the privacy of users.Generally speaking,the most convenient and reliable approach for preserving data security is to encrypt the data before outsourcing.And then the user di-rectly interacts with the cloud server,the latter find the data files that match the user's query in ciphertext environment,and then user downloads them.Searchable encryption technology could achieve the above requirements for retrieving ciphertext.In essence,it is an interdisciplinary subject combin-ing cryptography and information retrieval technology,in which cryptography guarantees the data security,while information retrieval technology achieves accurate and efficient retrieval of ciphertext data.However,the field of infor-mation retrieval is huge and complex.There are different retrieval algorithms for different application scenarios,different types of data or different retrieval requirements.Therefore,there is no one universal searchable encryption algo-rithm up to now,and many common retrieval requirements have not extended to data outsourcing scenario due to the limits of security or efficiency.This pa-per studies the shortcomings of existing searchable encryption technologies in three different data outsourcing scenarios and designs solutions for them respec-tively.The main innovations of this paper can be summarized as the following three aspects:1.Solving the problem of accuracy and efficiency for retrieving encrypted text data under the multiple data owners environment.If the encrypted data set that user queried comes from multiple data owners,the authority of dif-ferent data owners for different topic is different,which makes the traditional TF x IDF weight model used in the keyword search scheme unable to find the documents with both high relevance and high quality.To solve this problem,this paper designs a novel KDO weight model based on the relationship among keyword,document and ownership.Besides,in view of the large diversity of document topics under the multiple data owner environment,we construct the group balanced binary tree which is based on the greedy strategy as the index of document collection,so that the search efficiency has been improved further.To protect users' privacy that may be revealed by the index and correspond-ing queries,the asymmetric scalar-product preserving encryption(ASPE)tech-niques are exploited to encrypt the indexes and queries.Finally,the scheme achieved accurate,efficient and secure retrieval for encrypted text data.2.Achieving the efficient linear region search on encrypted geographic information database.The linear region search could be widely used in naviga-tion system,users could search the "Points of Interest" that distributed around the planned path.In encrypted geographic information database,the LRS can be achieved by simple extension of the secure nearest neighbor search based on one location point or secure range query based on one regular area,but there are some limits in terms of flexibility,efficiency and the search accuracy in these extension schemes.In this paper,we designs a novel algorithm to determine the intersection relationship between segment and rectangle in ciphertext based on the ASPE algorithm and related principles of vector cross product in com-putational geometry.According to this algorithm,a secure linear region search scheme which is based on the quadtree index is proposed.Considering about adversaries with different attack capabilities,two privacy preserving strategies are adopted in our scheme.Thorough security analysis and experiments on real-world dataset show our scheme is secure and efficient.3.Achieving the efficient query on encrypted blockchain-structured IoT communication data.Firstly,aiming at the shortcomings of existing IoT data storage framework like constrained storage,weak scalability,data reliability or high operating costs,we exploit the characteristics of blockchain,including de-centralization,distributed storage and tamper-resistant,to propose an encrypted IoT communication data management framework,i.e.,construct an encrypted blockchain database within IoT,which is responsible for storing the digest in-formation of communication data.At the same time,we design a secure and efficient search scheme on this database.Specifically,we design a“higher left,lower right" lately-first tree based on the time arrangement of blockchain database,this index could help us achieve quick location of block that contain the related data.Then,we use encrypted half-space range query(EhQ)to search on the encrypted kd tree index that stored in target blocks.At last,the hash al-gorithm that similar to the Merkle tree root is adopted to“embed”the entire second layer index into a hash value,so that we could store its corresponding signature in the block header,which provides the verifiability of search results. |
PDF Full Text Request