25-06-2012, 05:52 PM
Secure Ranked Keyword Search over Encrypted Cloud Data
secure rank encrypt-cloud.pdf (Size: 440.41 KB / Downloads: 195)
INTRODUCTION
Cloud Computing enables cloud customers to remotely
store their data into the cloud so as to enjoy the on-demand
high quality applications and services from a shared pool of
configurable computing resources [1]. The benefits brought
by this new computing model include but are not limited to:
relief of the burden for storage management, universal data
access with independent geographical locations, and avoidance
of capital expenditure on hardware, software, and personnel
maintenances, etc [2].
THE DEFINITIONS AND BASIC SCHEME
In the introduction we motivated the ranked keyword search
over encrypted data to achieve economies of scale for Cloud
Computing. In this section, we start from the review of existing
searchable symmetric encryption (SSE) schemes and provide
the definitions and framework for our proposed ranked searchable
symmetric encryption (RSSE). Note that by following
the same security guarantee of existing SSE, it would be
very inefficient to support ranked search functionality over
encrypted data, as demonstrated in our basic scheme. The
discussion of its demerits will lead to our proposed scheme.
SECURITY ANALYSIS
We evaluate the security of the proposed scheme by analyzing
its fulfillment of the security guarantee described in
Section II. Namely, the cloud server should not learn the
plaintext of either the data files or the searched keywords.
We start from the security analysis of our one-to-many orderpreserving
mapping. Then we analyze the security strength
of the combination of one-to-many order-preserving mapping
and SSE.
PERFORMANCE ANALYSIS
We conducted a thorough experimental evaluation of the
proposed techniques on real data set: Request for comments
database (RFC) [17]. At the time of writing, the RFC database
contains 5563 plain text entries and totals about 277 MB. This
file set contains a large number of technical keywords, many
of which are unique to the files in which they are discussed.
Our experiment is conducted using C programming language
on a Linux machine with dual Intel Xeon CPU running at
3.0GHz. Algorithms use both openssl and MATLAB libraries.
The performance of our scheme is evaluated regarding the
effectiveness and efficiency of our proposed one-to-many
order-preserving mapping, as well as the overall performance
of our RSSE scheme, including the cost of index construction
as well as the time necessary for searches.