计算机科学 ›› 2022, Vol. 49 ›› Issue (10): 272-278.doi: 10.11896/jsjkx.220500285
周倩1, 戴华2,3, 盛文杰2, 胡正2, 杨庚2,3
ZHOU Qian1, DAI Hua2,3, SHENG Wen-jie2, HU Zheng2, YANG Geng2,3
摘要: 云计算便捷高效的特点使其拥有巨大的发展潜力,越来越多的企业与个人通过使用云计算提供的各类外包服务而获得实际收益。为了保护云端外包数据的私密性和一致性,具有隐私保护能力的可验证密文检索技术正逐渐成为当前云计算领域的一个研究热点。针对关键词密文检索的一致性验证问题,阐述现有研究工作主要采用的系统模型、威胁模型和通用框架;从可验证单关键词密文检索和可验证多关键词密文检索两个角度,综述现有研究工作的技术方案,并分析这些技术方案的优缺点;最后,通过综合分析和对比现有研究工作的研究重点及其所使用的关键技术,对现有工作进行总结,并展望未来可能的研究方向和趋势。
中图分类号:
[1]SUN P.Security and Privacy Protection in Cloud Computing:Discussions and Challenges[J].Journal of Network and Computer Applications,2020,160:1-22. [2]LU J,XIAO R,JIN S.A Survey for Cloud Data Security[J].Journal of Electronics & Information Technology,2021,43(4):881-891. [3]PARAST F K,SINDHAY C,NIKAM S,et al.Cloud Computing Security:A Survey of Service-based Models[J].Computers & Security,2022,114:1-14. [4]DAI X,DAI H,RONG C,et al.Enhanced Semantic-AwareMulti-Keyword Ranked Search Scheme over Encrypted Cloud Data[J/OL].IEEE Transactions on Cloud Computing.https://ieeexplore.ieee.org/document/9310281. [5]DAI H,YANG M,YANG G,et al.A KGI-index Based Multi-keyword Ranked Search Scheme over Encrypted Cloud Data[J/OL].IEEE Transactions on Sustainable Computing.https://ieeexplore.ieee.org/document/9606613. [6]MTHUNZI S N,BENKHELIFA E,BOSAKOWSKI T,et al.Cloud Computing Security Taxonomy:from an Atomistic to a Holistic View[J].Future Generation Computer Systems,2020,107:620-644. [7]ERMAKOVA T,FABIAN B,KORNACKA M,et al.Security and Privacy Requirements for Cloud Computing in Healthcare:Elicitation and Prioritization from a Patient Perspective[J].ACM Transactions on Management Information Systems,2020,11(2):1-29. [8]TIAN H L,ZHANG Y,LI C,et al.A Survey of Confidentiality Protection for Cloud Databases[J].Chinese Journal of Compu-ters,2017,40(10):2245-2270. [9]ALJUMAH A,AHANGER T A.Cyber Security Threats,Challenges and Defense Mechanisms in Cloud Computing[J].IET Communications,2020,14(7):1185-1191. [10]XIA Y,XIA F,LIU X,et al.An Improved Privacy Preserving Construction for Data Integrity Verification in Cloud Storage[J].KSII Transactions on Internet and Information Systems,2014,8(10):3607-3623. [11]YU X,YAN Z,VASILAKOS A V.A Survey of Verifiable Computation[J].Mobile Networks and Applications,2017,22(3):438-453. [12]XU Z,WU L,HE D,et al.Security Analysis of a Publicly Verifiable Data Possession Scheme for Remote Storage[J].The Journal of Supercomputing,2017,73(11):4923-4930. [13]JIANG X,GE X,YU J,et al.An Efficient Symmetric Searchable Encryption Scheme for Cloud Storage[J].Journal of Internet Services and Security,2017,7(2):1-18. [14]CHAI Q,GONG G.Verifiable Symmetric Searchable Encryption for Semi-honest-but-curious Cloud Servers[C]//2012 IEEE International Conference on Communications(ICC 2012).New York:IEEE Press,2012:917-922. [15]WANG J,MA H,TANG Q,et al.Efficient Verifiable FuzzyKeyword Search over Encrypted Data in Cloud Computing[J].Computer Science & Information Systems,2013,10(2):667-684. [16]LI J,WANG Q,WANG C,et al.Fuzzy Keyword Search overEncrypted Data in Cloud Computing[C]//Proceedings of the 29th Conference on Information Communications(INFOCOM 2010).New York:IEEE Press,2010:441-445. [17]RAMASAMY R,VIVEK S S,GEORGE P,et al.Dynamic Verifiable Encrypted Keyword Search using Bitmap Index and Homomorphic MAC[C]//2017 IEEE 4th International Conference on Cyber Security and Cloud Computing(CSCloud 2017).New York:IEEE Press,2017:357-362. [18]MERKLE R C.A Certified Digital Signature[C]//Conference on the Theory and Application of Cryptology (CRYPTO 1989).Berlin:Springer,1989:218-238. [19]PANG H H,MOURATIDIS K.Authenticating the Query Results of Text Search Engines[J].Proceedings of the VLDB Endowment,2008,1(1):126-137. [20]HU H,XU J,CHEN Q,et al.Authenticating Location-basedServices without Compromising Location Privacy[C]//Procee-dings of the 2012 ACM SIGMOD International Conference on Management of Data(SIGMOD 2012).NewYork:ACM Press,2012:301-312. [21]MOURATIDIS K,SACHARIDIS D,PANG H H.Partially Materialized Digest Scheme:an EfficientVerification Method for Outsourced Databases[J].The VLDB Journal,2009,18(1):363-381. [22]WOOD G.Ethereum:A Secure Decentralised Generalised Trans-action Ledger[R/OL].https://files.gitter.im/ethereum/yellowpaper/VIyt/Paper.pdf. [23]MATHIYALAHAN S,MANIVANNAN S,NAGASUNDA-RAM M,et al.Data Integrity Verification using MPT(Merkle Patricia Tree) in Cloud Computing[J].International Journal of Engineering & Technology,2018,7(2):500-503. [24]ZHU J,LI Q,WANG C,et al.Enabling Generic,Verifiable,and Secure Data Search in Cloud Services[J].IEEE Transactions on Parallel and Distributed Systems,2018,29(8):1721-1735. [25]PANG H H,JAIN A,RAMAMRITHAM K,et al.VerifyingCompleteness of Relational Query Results in Data Publishing[C]//Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data(SIGMOD 2005).NewYork:ACM Press,2005:407-418. [26]DAI H,BAO J J,ZHU X Y,et al.Integrity-verifying SingleKeyword Search Method in Clouds[J].Computer Science,2018,45(12):92-97. [27]BARIC N,PFITZMANN B.Collision-free Accumulators andFail-stop Signature Schemes without Trees[C]//International Conference on the Theory and Applications of Cryptographic Techniques(EUROCRYPT 1997).Berlin:Springer,1997:480-494. [28]LIU Q,NIE X,LIU X,et al.Verifiable Ranked Search over Dynamic Encrypted Data in Cloud Computing[C]//2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS 2017).NewYork:IEEE Press,2017:1-6. [29]LIU Q,TIAN Y,WU J,et al.Enabling Verifiable and Dynamic Ranked Search over Outsourced Data[J].IEEE Transactions on Services Computing,2022,15(1):69-82. [30]CAMENISCH J,LYSYANSKAYA A.Dynamic Accumulatorsand Application to Efficient Revocation ofAnonymous Credentials[C]//Annual International Cryptology Conference(CRYPTO 2002).Berlin:Springer,2002:61-76. [31]GOODRICH M,TAMASSIA R,TELALOVIC J H.An Efficient Dynamic and Distributed RSA Accumulator[J].arXiv:0905.1307,2009. [32]ZHU X,LIU Q,WANG G.A Novel Verifiable and DynamicFuzzy Keyword Search Scheme over Encrypted Data in Cloud Computing[C]//2016 IEEE Trustcom/BigDataSE/ISPA.NewYork:IEEE Press,2016:845-851. [33]WAN Z,DENG R H.VPSearch:Achieving Verifiability for Privacy-preserving Multi-keyword Search over Encrypted Cloud Data[J].IEEE Transactions on Dependable and Secure Computing,2016,15(6):1083-1095. [34]LU H,CHEN J,ZHANG K.Verifiable Dynamic SearchableSymmetric Encryption with Forward Privacy in Cloud-Assisted E-Healthcare Systems[C]//21st International Conference Algorithms and Architectures for Parallel Processing(ICA3PP 2021).Berlin:Springer,2021:645-659. [35]SHAO J,LU R,GUAN Y,et al.Achieve Efficient and Verifiable Conjunctive and Fuzzy Queries over Encrypted Data in Cloud[J].IEEE Transactions on Services Computing,2022,15(1):124-137. [36]GAN Q,LIU J,WANG X,et al.Verifiable Searchable Symme-tric Encryption for Conjunctive Keyword Queries in Cloud Sto-rage[J].Frontiers of Computer Science,2022,16(6):1-16. [37]CASH D,JARECKI S,JUTLA C,et al.Highly-scalable sear-chable symmetric encryption with support for Boolean queries[C]//Proceedings of the 33rd Annual Cryptology Conference.Berlin:Springer,2013:353-373. [38]CLARKE D,DEVADAS S,DIJK M,et al.Incremental Multiset Hash Functions and Their Application to Memory Integrity Checking[C]//International Conference on the Theory and Application of Cryptology and Information Security(ASIACRYPT 2003).Berlin:Springer,2003:188-207. [39]LI F,MA J,MIAO Y,et al.Towards Efficient Verifiable Boo-lean Search over Encrypted Cloud Data[J/OL].IEEE Transactions on Cloud Computing.https://ieeexplore.ieee.org/document/9565340. [40]XU C,CHEN Q,HU H,et al.Authenticating Aggregate Queries over Set-valued Data with Confidentiality[J].IEEE Transa-ctions on Knowledge and Data Engineering,2017,30(4):630-644. [41]XU C,ZHANG C,XU J.vChain:Enabling Verifiable BooleanRange Queries over Blockchain Databases[C]//Proceedings of the 2019 International Conference on Management of Data(SIGMOD 2019).NewYork:ACM Press,2019:141-158. [42]ZHENG Q,XU S,ATENIESE G.VABKS:Verifiable Attribute-based Keyword Search over Outsourced Encrypted Data[C]//Proceeding of the 2014 IEEE Conference on Computer Communications(INFOCOM 2014).NewYork:IEEE,2014:522-530. [43]LIU Y,PENG H,WANG J.Verifiable Diversity Ranking Search over Encrypted Outsourced Data[J].Computers,Materials and Continua,2018,55(1):37-57. [44]ZHAO M,LIU L,DING Y,et al.Verifiable and Privacy-Preserving Ranked Multi-Keyword Search over Outsourced Data in Clouds[C]//2021 IEEE 15th International Conference on Big Data Science and Engineering(BigDataSE 2021).New York:IEEE,2021:95-102. [45]SHI Z,FU X,LI X,et al.ESVSSE:Enabling Efficient,Secure,Verifiable Searchable Symmetric Encryption[J].IEEE Transactions on Knowledge and Data Engineering,2020,34(7):3241-3254. [46]NAJAFI A,JAVADI H,BAYAT M.Efficient and dynamic veri-fiable multi-keyword searchable symmetric encryption with full security[J].Multimedia Tools and Applications,2021,80(17):26049-26068. [47]YUAN D,CUI S,RUSSELLO G.We Can Make Mistakes:Fault-tolerant Forward Private Verifiable Dynamic Searchable Symmetric Encryption[C]//7th IEEE European Symposium on Security and Privacy(EuroS&P 2022).New York:IEEE,2022:587-605. |
[1] | 鲁晨阳, 邓苏, 马武彬, 吴亚辉, 周浩浩. 基于分层抽样优化的面向异构客户端的联邦学习 Federated Learning Based on Stratified Sampling Optimization for Heterogeneous Clients 计算机科学, 2022, 49(9): 183-193. https://doi.org/10.11896/jsjkx.220500263 |
[2] | 汤凌韬, 王迪, 张鲁飞, 刘盛云. 基于安全多方计算和差分隐私的联邦学习方案 Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy 计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108 |
[3] | 吕由, 吴文渊. 隐私保护线性回归方案与应用 Privacy-preserving Linear Regression Scheme and Its Application 计算机科学, 2022, 49(9): 318-325. https://doi.org/10.11896/jsjkx.220300190 |
[4] | 王健. 基于隐私保护的反向传播神经网络学习算法 Back-propagation Neural Network Learning Algorithm Based on Privacy Preserving 计算机科学, 2022, 49(6A): 575-580. https://doi.org/10.11896/jsjkx.211100155 |
[5] | 李利, 何欣, 韩志杰. 群智感知的隐私保护研究综述 Review of Privacy-preserving Mechanisms in Crowdsensing 计算机科学, 2022, 49(5): 303-310. https://doi.org/10.11896/jsjkx.210400077 |
[6] | 王美珊, 姚兰, 高福祥, 徐军灿. 面向医疗集值数据的差分隐私保护技术研究 Study on Differential Privacy Protection for Medical Set-Valued Data 计算机科学, 2022, 49(4): 362-368. https://doi.org/10.11896/jsjkx.210300032 |
[7] | 高诗尧, 陈燕俐, 许玉岚. 云环境下基于属性的多关键字可搜索加密方案 Expressive Attribute-based Searchable Encryption Scheme in Cloud Computing 计算机科学, 2022, 49(3): 313-321. https://doi.org/10.11896/jsjkx.201100214 |
[8] | 吕由, 吴文渊. 基于同态加密的线性系统求解方案 Linear System Solving Scheme Based on Homomorphic Encryption 计算机科学, 2022, 49(3): 338-345. https://doi.org/10.11896/jsjkx.201200124 |
[9] | 孔钰婷, 谭富祥, 赵鑫, 张正航, 白璐, 钱育蓉. 基于差分隐私的K-means算法优化研究综述 Review of K-means Algorithm Optimization Based on Differential Privacy 计算机科学, 2022, 49(2): 162-173. https://doi.org/10.11896/jsjkx.201200008 |
[10] | 李一聪, 周宽久, 王梓仲, 徐琳. ZKFERP:计算成本恒定的通用高效范围证明方案 ZKFERP:Universal and Efficient Range Proof Scheme with Constant Computational Cost 计算机科学, 2022, 49(10): 335-343. https://doi.org/10.11896/jsjkx.210900044 |
[11] | 金华, 朱靖宇, 王昌达. 视频隐私保护技术综述 Review on Video Privacy Protection 计算机科学, 2022, 49(1): 306-313. https://doi.org/10.11896/jsjkx.201200047 |
[12] | 杨润延, 程高峰, 刘建. 基于端到端语音识别的关键词检索技术研究 Study on Keyword Search Framework Based on End-to-End Automatic Speech Recognition 计算机科学, 2022, 49(1): 53-58. https://doi.org/10.11896/jsjkx.210800269 |
[13] | 雷羽潇, 段玉聪. 面向跨模态隐私保护的AI治理法律技术化框架 AI Governance Oriented Legal to Technology Bridging Framework for Cross-modal Privacy Protection 计算机科学, 2021, 48(9): 9-20. https://doi.org/10.11896/jsjkx.201000011 |
[14] | 王辉, 朱国宇, 申自浩, 刘琨, 刘沛骞. 基于用户偏好和位置分布的假位置生成方法 Dummy Location Generation Method Based on User Preference and Location Distribution 计算机科学, 2021, 48(7): 164-171. https://doi.org/10.11896/jsjkx.200800069 |
[15] | 王政, 姜春茂. 一种基于三支决策的云任务调度优化算法 Cloud Task Scheduling Algorithm Based on Three-way Decisions 计算机科学, 2021, 48(6A): 420-426. https://doi.org/10.11896/jsjkx.201000023 |
|