Many commercial cloud service providers (CSPs) adopt pay-per-query pricing models, in which data owners are charged based on the amount of data scanned by each query. In such a data sharing model, not only the privacy preservation for the data and queries but also the trustworthiness of the underlying billing system is of the utmost importance. In this paper, we revisit multi-key searchable encryption (MKSE), an efficient and secure data search algorithm allowing a data owner to grant users the ability to retrieve data of interest over the outsourced, encrypted datasets. We first investigate which factor in existing MKSE schemes renders authorized users over-privileged such that, without risking their credits (e.g., leaking the private keys and/or the passwords for their accounts associated with a project where the shared data resides), they can allow unauthorized users to make valid queries. Unfortunately, this concern may be devastating because the queries made by unauthorized users would incur unexpected financial damage to the owner in practical pay-per-query models. We then propose a novel multi-key data search scheme that is resilient to unauthorized queries. The proposed scheme features a novel user authorization mechanism that carefully limits user privilege such that even an authorized user cannot illegally invite unauthorized users to query unless he entirely leaks his credit. We demonstrate the proposed scheme is comparable to prior work in terms of performance while achieving a higher level of security.
|Number of pages||13|
|Journal||IEEE Transactions on Information Forensics and Security|
|Publication status||Published - 2023|
Bibliographical noteFunding Information:
This work was supported in part by the National Research Foundation of Korea (NRF) funded by the Korean Government [Ministry of Science and ICT (MSIT)] under Grant 2021R1F1A1061420; in part by the Institute for Information & communication Technology Planning & evaluation (IITP) funded by the Korean Government (MSIT) under Grant 2022-0-00411, Grant IITP-2022-2020-0-01819, and Grant IITP-2022-2021- 0-01810; and in part by the Basic Science Research Program through NRF of Korea funded by the Ministry of Education under Grant NRF- 2021R1A6A1A13044830.
© 2005-2012 IEEE.
- Encrypted data search
- cloud computing
- data sharing
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications