Attribute-based keyword search (ABKS) has been proposed to realize fine-grained access control and provide search service in cloud computing. However, most ABKS schemes focus on single or conjunctive keyword search, while the recent Boolean keyword search schemes only support monotonic query formula mainly involving AND, OR and threshold operators. How to support more expressive Boolean query formulas and return the corresponding accurate search results to users have become challenges for practical ABKS over ciphertexts. In this paper, we introduce an attribute-based expressive and ranked keyword search scheme over encrypted documents named ABERKS, which allows authorized users to submit expressive Boolean query formulas involving AND, OR, NOT and threshold operators. ABERKS utilizes a non-monotonic access tree structure to construct the query formula, and further leverages extended Boolean model to rank the search results. Specifically, the users are able to define the weights in the query formula, and get the relevance score of each matched ciphertext if the attributes and keywords are both satisfied. We prove the security of ABERKS against chosen keyword attack under selective ciphertext policy model and against keyword guessing attack, and also conduct extensive experiments to show the efficiency and practicality of ABERKS.
Read full abstract