Multi-Client Sub-Linear Boolean Keyword Searching for Encrypted Cloud Storage with Owner-Enforced Authorization

Abstract

To date, cloud computing has emerged as a primary utility for providing remote data storage services for users, since users can thus be relieved from cumbersome document maintenance. Despite of the benefits brought by data outsourcing, the unexpected data breaches raise concerns about data confidentiality and privacy. To deal with this, a straightforward and convincing strategy is to encrypt data before outsourcing them to the cloud. However, securely sharing and searching over outsourced encrypted data has turned into a challenge due to the hindrance led by data encryption. To address the challenge, this article proposes a new highly-scalable searchable encryption scheme for encrypted cloud storage. The scheme achieves sub-linear Boolean keyword searching, and moreover allows the data owner to authorize which clients could search or access the documents in the cloud. Technically, we revisit searchable symmetric encryption primitive by non-trivially combining it with a novel access control technique, and build an inverted index data structure for both attribute-based access control and sub-linear search process. Furthermore, we introduce a formalized security definition for the system, and prove its security in the simulation-based security model. Finally, we conduct a couple of experiments over a representative real-world dataset to show practicality.