面向云环境的一致性可验证单关键词检索方法

doi:10.11896／j.issn.1002-137X.2018.12.014

计算机科学 ›› 2018, Vol. 45 ›› Issue (12): 92-97.doi: 10.11896／j.issn.1002-137X.2018.12.014

面向云环境的一致性可验证单关键词检索方法

戴华^1,2, 保静静¹, 朱向洋¹, 易训³, 杨庚^1,2

(南京邮电大学计算机学院南京210023)¹
(江苏省大数据安全与智能处理重点实验室南京210023)²
(墨尔本皇家理工大学理学院墨尔本 3000)³

收稿日期:2017-11-08 出版日期:2018-12-15 发布日期:2019-02-25
作者简介:戴华(1982-),男,博士,副教授,主要研究方向为数据管理与安全、数据库技术,E-mail:daihua@njupt.edu.cn(通信作者);保静静(1993-),女,硕士生,主要研究方向为数据管理与安全;朱向洋(1993-),男,硕士生,主要研究方向为隐私保护、密文检索;易训(1967-),男,教授,博士生导师,主要研究方向为信息安全、分布式数据处理;杨庚(1961-),男,教授,博士生导师,主要研究方向为大数据安全、隐私保护。
基金资助:
本文受国家自然科学基金项目(61872197,61572263,61672297,61472193),江苏省自然科学项目(BK20151511,BK20161516),中国博士后科学基金(2015M581794),江苏省高校自然科学研究项目(15KJB520027),安徽省自然科学基金项目(1608085MF127),江苏省博士后科研资助计划(1501023C),南京邮电大学自然科学基金项目(NY217119)资助。

Integrity-verifying Single Keyword Search Method in Clouds

DAI Hua^1,2, BAO Jing-jing¹, ZHU Xiang-yang¹, YI Xun³, YANG Geng^1,2

(College of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China)¹
(Jiangsu Key Laboratory of Big Data Security & Intelligent Processing,Nanjing 210023,China)²
(School of Science,Royal Melbourne Institute of Technology University,Melbourne 3000,Australia)³

Received:2017-11-08 Online:2018-12-15 Published:2019-02-25

摘要/Abstract

摘要： 在云环境资源外包服务模式下,数据拥有者不再参与对其外包数据的直接管理,这就使得验证数据使用者获得的检索结果是否满足一致性成为具有挑战性的问题。现有的研究工作重点聚焦于解决云服务提供商满足“诚实而好奇”模型假设下的隐私保护问题,但并不能解决恶意攻击威胁模型下的检索结果一致性验证问题。针对云服务提供商恶意攻击威胁模型,提出了一种面向云环境的基于偏序约束链的一致性可验证单关键词检索方法——IVSKS。数据拥有者根据文档与关键词的相关度的偏序关系,构造用于检索结果一致性验证的偏序约束链验证编码信息,并将该信息与文档集共同外包存储至云端;数据使用者在执行单关键词检索时,云端返回检索结果文档集以及相应的验证编码;最后,数据使用者根据获得的检索结果重构验证编码,实现针对检索结果的一致性验证。实验表明,与同类方法相比,IVSKS在检索结果冗余度以及一致性验证时间开销上具有更好的表现。

关键词: Top-k, 关键词检索, 偏序约束链, 一致性验证, 云计算

Abstract: The service of outsourcing resources in clouds makes the data out of control from its owner and generates many security issues.It has become a serious threat to data users to verify the integrity of search results received from clouds.In the area of secure keyword search for cloud computing,current works mainly focus on the privacy-preserving issues which adopts the honest-but-curious threat model,but they are not able to solve the problem ofintegrity verification of the search result while the malicious attack threat model is adopted.This paper proposed a method of verifiable single keyword searching based on the partially ordered constraint chain,called IVSKS.According to the partial order relation of the relevance between keywords and files,data owner constructs the partial ordered constraint chains as verification objects of files,which are generated by hash functions.The verification objects and the corresponding files are subsequently outsourced together to clouds.When data users search the top-k relevance files by an interested keyword,the clouds will return the qualified files along with the corresponding verification objects.Data users can reconstruct the verification objects by these files and make a comparison to determine whether the result files are complete or correct.The experimental results indicate that IVSKS performs better on search result redundancy and completeness verification efficiency compared with the existing methods.

Key words: Cloud computing, Integrity verification, Keyword search, Partial order constraint chain, Top-k

中图分类号:

TP309

戴华, 保静静, 朱向洋, 易训, 杨庚. 面向云环境的一致性可验证单关键词检索方法[J]. 计算机科学, 2018, 45(12): 92-97. https://doi.org/10.11896／j.issn.1002-137X.2018.12.014

DAI Hua, BAO Jing-jing, ZHU Xiang-yang, YI Xun, YANG Geng. Integrity-verifying Single Keyword Search Method in Clouds[J]. Computer Science, 2018, 45(12): 92-97. https://doi.org/10.11896／j.issn.1002-137X.2018.12.014

参考文献

[1]DING Y,WANG H M,SHI P C,et al.Trusted Cloud Service[J].Chinese Journal of Computers,2015,38(1):133-149.(in Chinese)
丁滟,王怀民,史佩昌,等.可信云服务[J].计算机学报,2015,38(1):133-149.
[2]ZHANG M,HONG C,CHEN C.Server Transparent Query Authentication of Outsourced Database [J].Journal of Computer Research and Development,2010,47(1):182-190.(in Chinese)
张敏,洪澄,陈驰.一种服务器透明的外包数据库查询验证方法[J].计算机研究与发展,2010,47(1):182-190.
[3]ARORA R,PARASHAR A.Secure User Data in Cloud Computing Using Encryption Algorithms [J].International Journal of Engineering Research and Applications,2013,3(4):1922-1926.
[4]WANG Y D,YANG J H,XU C,et al.Survey on access control technologies for cloud computing [J].Journal of Software,2015,26(5):1129-1150.(in Chinese)
王于丁,杨家海,徐聪,等.云计算访问控制技术研究综述[J].软件学报,2015,26(5):1129-1150.
[5]TIAN X X,WANG X L,GAO M,et al.Database as a services Security and privacy preserving[J].Journal of Software,2010,21(5):991-1006.(in Chinese)
田秀霞,王晓玲,高明,等.数据库服务——安全与隐私保护[J].软件学报,2010,21(5):991-1006.
[6]FU W,YAN B,WU X P.Data Possession Provability on Semi-trusted Cloud Storage[C]∥Cloud Computing－4th Internatio-nal Conference.2013:199-209.
[7]CHEN C,ZHU X J,SHEN P S,et al.An Efficient Privacy-Preserving Ranked Keyword Search Method [J].IEEE Transactions on Parallel and Distributed Systems,2016,27(4):951-963.
[8]SUN W H,WANG B,CAO N,et al.Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(11):3025-3035.
[9]WANG C,CAO N,REN K,et al.Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data [J].IEEE Transactions on Parallel and Distributed Systems,2012,23(8):1467-1479.
[10]WANG C,CAO N,LI J,et al.Secure Ranked Keyword Search over Encrypted Cloud Data[C]∥2010 International Conference on Distributed Computing Systems.2010:253-262.
[11]WANG D S,FU S J,XU M.A Privacy-Preserving Fuzzy Keyword Search Scheme over Encrypted Cloud Data[C]∥IEEE 5th International Conference on Cloud Computing Technology and Science.2013:663-670.
[12]CAO N,WANG C,LI M,et al.Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data[J].IEEE Transactions on Parallel & Distributed Systems,2014,25(1):222-233.
[13]NA H Y,YANG G,SHU X W.Multi-keyword Ranked Search Method Based on B+ Tree [J].Computer Science,2017,44(1):149-154.(in Chinese)
那海洋,杨庚,束晓伟.基于B+树的多关键字密文排序检索方法[J].计算机科学,2017,44(1):149-154.
[14]SONG D,WAGNER D,PERRIG A.Practical Techniques forSearches on Encrypted Data[C]∥2000 IEEE Symposium on Security and Privacy.2000:44-55.
[15]GOH E J.Secure Indexes[OL].http://www.researchgate.net.publication/2889193_Secure_Indexes.
[16]CHANG Y C,MITZENMACHER M.Privacy preserving key-word searches on remote encrypted data[C]∥International Conference on Applied Cryptography and Network Security.Springer Berlin Heidelberg,2005:442-455.
[17]CURTMOLA R,GARAY J,KAMARA S,et al.Searchablesymmetric encryption:improved definitions and efficient constructions[C]∥13th ACM Conference on Computer and Communications Security.ACM,2006:79-88.
[18]HORE B,MEHROTRA S,CANIM M,et al.Secure multidi-mensional range queries over outsourced data[J].The International Journal on Very Large Data Bases,2012,21(3):333-358.
[19]LI J G,TIAN X X,ZHOU A Y.Privacy Preserving Fuzzy Keyword Search in Database as a Service Paradigm [J].Chinese Journal of Computers,2016,39(2):414-428.(in Chinese)
李晋国,田秀霞,周傲英.面向DaaS保护隐私的模糊关键字查询[J].计算机学报,2016,39(2):414-428.
[20]YANG C,YANG S L,KE M.Ranked Fuzzy Keyword SearchBased on Simhash over Encrypted Cloud Data [J].Chinese Journal of Computers,2017,40(2):431-444.(in Chinese)
杨旸,杨书略,柯闽.加密云数据下基于Simhash的模糊排序搜索方案[J].计算机学报,2017,40(2):431-444.
[21]SCHEUERMANN P,OUKSEL A M.Multidimensional B-trees for associative searching in database systems[J].Information Systems,1982,7(2):123-137.
[22]WAN Z G,DENG R H.VPSearch:Achieving Verifiability forPrivacy-Preserving Multi-Keyword Search over Encrypted Cloud Data[J].IEEE Transactions on Dependable & Secure Computing,2016,PP(99):1-1.
[23]ZHU X Y,HAO R P,JIANG S R,et al.Verification of Boolean Queries over OutsourcedEncrypted Data Based on Counting Bloom Filter[C]∥IEEE Global Communications Conference.2015:1-6.
[24]SUN W H,LIU X F,LOU W J,et al.Catch You If You Lie to Me:Efficient Verifiable Conjunctive Keyword Search over Large Dynamic Encrypted Cloud Data[C]∥IEEE Conference on Computer Communications.2015:2110-2118.
[25]JIANG S R,ZHU X Y,GUO L K,et al.Publicly VerifiableBoolean Query Over Outsourced Encrypted Data[C]∥IEEE Global Communications Conference.2016:1-6.
[26]PALLIPAMU V,REDDY K,VARMA P.ASH-160:A novel algorithm for secure hashing using geometric concepts [J].Journal of Information Security and Applications,2014,21:52-63.
[27]LICHMAN M.UCI Machine Learning Repository [OL].http://archive.ics.uci.edu/ml.

相关文章 15

[1]	高诗尧, 陈燕俐, 许玉岚. 云环境下基于属性的多关键字可搜索加密方案 Expressive Attribute-based Searchable Encryption Scheme in Cloud Computing 计算机科学, 2022, 49(3): 313-321. https://doi.org/10.11896/jsjkx.201100214
[2]	杨润延, 程高峰, 刘建. 基于端到端语音识别的关键词检索技术研究 Study on Keyword Search Framework Based on End-to-End Automatic Speech Recognition 计算机科学, 2022, 49(1): 53-58. https://doi.org/10.11896/jsjkx.210800269
[3]	王政, 姜春茂. 一种基于三支决策的云任务调度优化算法 Cloud Task Scheduling Algorithm Based on Three-way Decisions 计算机科学, 2021, 48(6A): 420-426. https://doi.org/10.11896/jsjkx.201000023
[4]	潘瑞杰, 王高才, 黄珩逸. 云计算下基于动态用户信任度的属性访问控制 Attribute Access Control Based on Dynamic User Trust in Cloud Computing 计算机科学, 2021, 48(5): 313-319. https://doi.org/10.11896/jsjkx.200400013
[5]	陈玉平, 刘波, 林伟伟, 程慧雯. 云边协同综述 Survey of Cloud-edge Collaboration 计算机科学, 2021, 48(3): 259-268. https://doi.org/10.11896/jsjkx.201000109
[6]	蒋慧敏, 蒋哲远. 企业云服务体系结构的参考模型与开发方法 Reference Model and Development Methodology for Enterprise Cloud Service Architecture 计算机科学, 2021, 48(2): 13-22. https://doi.org/10.11896/jsjkx.200300044
[7]	王文娟, 杜学绘, 任志宇, 单棣斌. 基于因果知识和时空关联的云平台攻击场景重构 Reconstruction of Cloud Platform Attack Scenario Based on Causal Knowledge and Temporal- Spatial Correlation 计算机科学, 2021, 48(2): 317-323. https://doi.org/10.11896/jsjkx.191200172
[8]	何亨, 蒋俊君, 冯可, 李鹏, 徐芳芳. 多云环境中基于属性加密的高效多关键词检索方案 Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment 计算机科学, 2021, 48(11A): 576-584. https://doi.org/10.11896/jsjkx.201000026
[9]	毛瀚宇, 聂铁铮, 申德荣, 于戈, 徐石成, 何光宇. 区块链即服务平台关键技术及发展综述 Survey on Key Techniques and Development of Blockchain as a Service Platform 计算机科学, 2021, 48(11): 4-11. https://doi.org/10.11896/jsjkx.210500159
[10]	王勤, 魏立斐, 刘纪海, 张蕾. 基于云服务器辅助的多方隐私交集计算协议 Private Set Intersection Protocols Among Multi-party with Cloud Server Aided 计算机科学, 2021, 48(10): 301-307. https://doi.org/10.11896/jsjkx.210300308
[11]	穆聪聪, 王一舒, 袁野, 乔百友, 马玉亮. 时序图中Top-k稠密子图查询算法研究 Top-k Densest Subgraphs Search in Temporal Graphs 计算机科学, 2021, 48(10): 152-159. https://doi.org/10.11896/jsjkx.201100005
[12]	张恺琪, 涂志莹, 初佃辉, 李春山. 基于排队论的服务资源可用性相关研究综述 Survey on Service Resource Availability Forecast Based on Queuing Theory 计算机科学, 2021, 48(1): 26-33. https://doi.org/10.11896/jsjkx.200900211
[13]	雷阳, 姜瑛. 云计算环境下关联节点的异常判断 Anomaly Judgment of Directly Associated Nodes Under Cloud Computing Environment 计算机科学, 2021, 48(1): 295-300. https://doi.org/10.11896/jsjkx.191200186
[14]	徐蕴琪, 黄荷, 金钟. 容器技术在科学计算中的应用研究 Application Research on Container Technology in Scientific Computing 计算机科学, 2021, 48(1): 319-325. https://doi.org/10.11896/jsjkx.191100111
[15]	李彦, 申德荣, 聂铁铮, 寇月. 面向加密云数据的多关键字语义搜索方法 Multi-keyword Semantic Search Scheme for Encrypted Cloud Data 计算机科学, 2020, 47(9): 318-323. https://doi.org/10.11896/jsjkx.190800139

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed

面向云环境的一致性可验证单关键词检索方法

Integrity-verifying Single Keyword Search Method in Clouds

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

Metrics

本文评价

推荐阅读 0