374 research outputs found
Privacy-preserving efficient searchable encryption
Data storage and computation outsourcing to third-party managed data centers,
in environments such as Cloud Computing, is increasingly being adopted
by individuals, organizations, and governments. However, as cloud-based outsourcing
models expand to society-critical data and services, the lack of effective
and independent control over security and privacy conditions in such settings
presents significant challenges.
An interesting solution to these issues is to perform computations on encrypted
data, directly in the outsourcing servers. Such an approach benefits
from not requiring major data transfers and decryptions, increasing performance
and scalability of operations. Searching operations, an important application
case when cloud-backed repositories increase in number and size, are good examples
where security, efficiency, and precision are relevant requisites. Yet existing
proposals for searching encrypted data are still limited from multiple perspectives,
including usability, query expressiveness, and client-side performance and
scalability.
This thesis focuses on the design and evaluation of mechanisms for searching
encrypted data with improved efficiency, scalability, and usability. There are
two particular concerns addressed in the thesis: on one hand, the thesis aims at
supporting multiple media formats, especially text, images, and multimodal data
(i.e. data with multiple media formats simultaneously); on the other hand the
thesis addresses client-side overhead, and how it can be minimized in order to
support client applications executing in both high-performance desktop devices
and resource-constrained mobile devices.
From the research performed to address these issues, three core contributions
were developed and are presented in the thesis: (i) CloudCryptoSearch, a middleware
system for storing and searching text documents with privacy guarantees,
while supporting multiple modes of deployment (user device, local proxy, or computational cloud) and exploring different tradeoffs between security, usability, and performance; (ii) a novel framework for efficiently searching encrypted images
based on IES-CBIR, an Image Encryption Scheme with Content-Based Image
Retrieval properties that we also propose and evaluate; (iii) MIE, a Multimodal
Indexable Encryption distributed middleware that allows storing, sharing, and
searching encrypted multimodal data while minimizing client-side overhead and
supporting both desktop and mobile devices
MSIGT: Most Significant Index Generation Technique for cloud environment
Cloud Computing is a computing paradigm for delivering computational power, storage and applications as services via Internet on a pay-as-you-go basis to consumers. The data owner outsources local data to the public cloud server to reduce the cost of the data management. Critical data has to be encrypted to ensure privacy before outsourcing. The state-of-the-art SSE schemes search only over encrypted data through keywords, hence they do not provide effective data utilisation for large dataset files in cloud. We propose a Most Significant Index Generation Technique (MSIGT), that supports secure and efficient index generation time using a Most Significant Digit (MSD) radix sort. MSD radix sort is simple and faster in sorting array strings. A mathematical model is developed to encrypt the indexed keywords for secure index generation without the overhead of learning from the attacker/cloud provider. It is seen that the MSIGT scheme can reduce the cost of data on owner side to O(NT × 3) with a score calculation of O(NT). The proposed scheme is effective and efficient in comparison with the existing algorithms
Review on Different Searchable Encryption Schemes for Cloud Computing
Heavily available online data and its day to day expansion is need to be focus to store and retrieve it properly. This enforces the data owners tend to store their data into the cloud. This also suggest to handle the data properly and so release the burden of data storage and maintenance. But as the data owner and user, cloud server are not belong to same trusted domain, this may cause the outsourced to the risk. This enforce us to set the policy to avoid such risk factor. This gives us study scope to fine the different techniques to overcome such issue observed by different author. In this paper we try to underline the different solution, its limitation and results they achieved for retrieval of data securely and within less time. Definitely from this we will be able to propose our own solution
Secure Remote Storage of Logs with Search Capabilities
Dissertação de Mestrado em Engenharia InformáticaAlong side with the use of cloud-based services, infrastructure and storage, the use of application logs
in business critical applications is a standard practice nowadays. Such application logs must be stored
in an accessible manner in order to used whenever needed. The debugging of these applications is a
common situation where such access is required. Frequently, part of the information contained in logs
records is sensitive.
This work proposes a new approach of storing critical logs in a cloud-based storage recurring to
searchable encryption, inverted indexing and hash chaining techniques to achieve, in a unified way, the
needed privacy, integrity and authenticity while maintaining server side searching capabilities by the logs
owner.
The designed search algorithm enables conjunctive keywords queries plus a fine-grained search
supported by field searching and nested queries, which are essential in the referred use case. To the
best of our knowledge, the proposed solution is also the first to introduce a query language that enables
complex conjunctive keywords and a fine-grained search backed by field searching and sub queries.A gerac¸ ˜ao de logs em aplicac¸ ˜oes e a sua posterior consulta s˜ao fulcrais para o funcionamento de qualquer
neg´ocio ou empresa. Estes logs podem ser usados para eventuais ac¸ ˜oes de auditoria, uma vez
que estabelecem uma baseline das operac¸ ˜oes realizadas. Servem igualmente o prop´ osito de identificar
erros, facilitar ac¸ ˜oes de debugging e diagnosticar bottlennecks de performance. Tipicamente, a maioria
da informac¸ ˜ao contida nesses logs ´e considerada sens´ıvel.
Quando estes logs s˜ao armazenados in-house, as considerac¸ ˜oes relacionadas com anonimizac¸ ˜ao,
confidencialidade e integridade s˜ao geralmente descartadas. Contudo, com o advento das plataformas
cloud e a transic¸ ˜ao quer das aplicac¸ ˜oes quer dos seus logs para estes ecossistemas, processos de
logging remotos, seguros e confidenciais surgem como um novo desafio. Adicionalmente, regulac¸ ˜ao
como a RGPD, imp˜oe que as instituic¸ ˜oes e empresas garantam o armazenamento seguro dos dados.
A forma mais comum de garantir a confidencialidade consiste na utilizac¸ ˜ao de t ´ecnicas criptogr ´aficas
para cifrar a totalidade dos dados anteriormente `a sua transfer ˆencia para o servidor remoto. Caso sejam
necess´ arias capacidades de pesquisa, a abordagem mais simples ´e a transfer ˆencia de todos os dados
cifrados para o lado do cliente, que proceder´a `a sua decifra e pesquisa sobre os dados decifrados.
Embora esta abordagem garanta a confidencialidade e privacidade dos dados, rapidamente se torna
impratic ´avel com o crescimento normal dos registos de log. Adicionalmente, esta abordagem n˜ao faz
uso do potencial total que a cloud tem para oferecer.
Com base nesta tem´ atica, esta tese prop˜oe o desenvolvimento de uma soluc¸ ˜ao de armazenamento
de logs operacionais de forma confidencial, integra e autˆ entica, fazendo uso das capacidades de armazenamento
e computac¸ ˜ao das plataformas cloud. Adicionalmente, a possibilidade de pesquisa sobre
os dados ´e mantida. Essa pesquisa ´e realizada server-side diretamente sobre os dados cifrados e sem
acesso em momento algum a dados n˜ao cifrados por parte do servidor..
- …