Efficient Authorized Keyword Search Supporting Boolean Formula Over Encrypted Data in Cloud Storage System

Abstract

Recently, personal health record system is a promising patient-centered model for exchange and management of information. Although this cloud-based system brings in much convenience for the management and sharing, the assumption that these service providers can be fully trusted in handling patients' sensitive information seems to be undesirable. To ensure patients' fine-grained access control over privacy, data encryption (e.g., Attribute-based Encryption) is considered to be a emerging solution. However, an important functionality keyword search becomes especially challenging with records stored in encrypted form. In order to achieve access control and keyword search simultaneously, the concept of authorized keyword search was introduced to allow only authorized users can search and further access the encrypted data. However, most existing authorized keyword search schemes only support conjunctive keyword search, while other expressive keyword search schemes constructed over composite order groups are computationally inefficient. In this paper, we present the first efficient and expressive authorized keyword search scheme from bilinear pairings over the prime order groups, which enables any monotonic Boolean formulas to represent access strategies and keyword search strategies. Then, we define its formal security, and prove its selective security in the standard model. Finally, performance evaluation shows its effectiveness.