云计算中可验证的外包数据库加密搜索方案

doi:10.6040/j.issn.1671-9352.0.2017.145

山东大学学报（理学版） ›› 2017, Vol. 52 ›› Issue (9): 41-53.doi: 10.6040/j.issn.1671-9352.0.2017.145

云计算中可验证的外包数据库加密搜索方案

韩盼盼¹,秦静^1,2*

1.山东大学数学学院, 山东济南 250100;2.中国科学院信息工程研究所信息安全国家重点实验室, 北京 100093

收稿日期:2017-04-04 出版日期:2017-09-20 发布日期:2017-09-15
通讯作者: 秦静(1960— ),女,博士,教授,研究方向为信息安全. E-mail:qinjing@sdu.edu.cn E-mail:823518295@qq.com
作者简介:韩盼盼(1992— ),男,硕士研究生,研究方向为信息安全. E-mail:823518295@qq.com
基金资助:
国家自然科学基金资助项目(61272091,61772311);信息安全国家重点实验室开放课题项目(2017-MS-05)

Verifiable and searchable encryption scheme for outsourced database in cloud computing

HAN Pan-pan¹, QIN Jing^1,2*

1. School of Mathematics, Shandong University, Jinan 250100, Shandong, China;
2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China

Received:2017-04-04 Online:2017-09-20 Published:2017-09-15

摘要/Abstract

摘要： 云上外包数据库的安全问题已成为云计算安全的研究热点。给出两个具有数据保密性的云上外包数据库模型,可以验证查询完整性,并能有效保护数据搜索者的搜索隐私。这两个数据库模型支持单属性等值选择操作及其与投影的复合操作,支持数据的添加与删除。与已有的此类方案相比,在计算量相当的前提下,具有较高的安全性和较多的功能。

关键词: 云计算, 搜索隐私性, 查询完整性, 动态外包数据库

Abstract: The security problem of outsourced database in the cloud has become a research hotspot of cloud computing security. This paper proposed two outsourced database models which can achieve the confidentiality of outsourced data, verify the query integrity and protect the search privacy of data searcher effectively. These two models allow to perform exact select of one attribute and its union with projection, support the insert and delete of data. They have higher security properties and more functionality compared with other existing such schemes under the premise of similar computation cost.

Key words: dynamic outsourced database, query integrity, cloud computing, search privacy

中图分类号:

TP309

韩盼盼,秦静. 云计算中可验证的外包数据库加密搜索方案[J]. 山东大学学报（理学版）, 2017, 52(9): 41-53.

HAN Pan-pan, QIN Jing. Verifiable and searchable encryption scheme for outsourced database in cloud computing[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 41-53.

参考文献

[1] MELL P, GRANCE T. The NIST definition of cloud computing[M]. Gaithersburg: National Institute of Standards & Technology, 2011.
[2] HACIGUMUS H, IYER B, MEHROTRA S. Providing database as a service[C] // Proceedings of the International Conference on Data Engineering. Los Alamitos: IEEE Computer Society, 2002: 29-38.
[3] SHAIKH F B, HAIDER S. Security threats in cloud computing[C] // Proceedings of 2015 International Conference on Computing, Communication & Automation(ICCCA). New York: IEEE, 2011: 214-219.
[4] CURTMOLAR, GARAYJ, KAMARA S, et al. Searchable symmetric encryption: improved definitions and efficient constructions[EB/OL].(2006-6-26)[2017-2-14]. http://eprint. iacr.org/2006/210.
[5] LI Feifei, HADJIELEFTHERIOU M, KOLLIOS G, et al. Dynamic authenticated index structures for outsourced databases[C] // ACM SIGMOD International Conference on Management of Data. New York: ACM, 2008: 121-132.
[6] HAN Fei, QIN Jing, HU Jiankun. Secure searches in the cloud: a survey[J]. Future Generation Computer Systems, 2016, 62:66-75.
[7] WANG Jianfeng, CHEN Xiaofeng. Efficient and secure storage for outsourced data: a survey[J]. Data Science & Engineering, 2016, 1(3):178-188.
[8] DEVANBU P, GERTZ M, MARTEL C, et al. Authentic data publication over the internet[J]. Journal of Computer Security, 2003, 11(3):291-314.
[9] MA Di, DENG R H, PANG H, et al. Authenticating query results in data publishing[C] // Proceedings of the International Conference on Information and Communications Security. Berlin: Springer-Verlag, 2005: 376-388.
[10] SION R. Query execution assurance for outsourced databases[C] // Proceedings of the 31st International Conference on Very Large Data Bases. [S.l.] : DBLP, 2005: 601-612.
[11] XIE Min, WANG Haixun, YIN Jian, et al. Integrity auditing of outsourced data[C] // Proceedings of the 33rd International Conference on Very Large Data Bases.[S.l.] : DBLP, 2007: 782-793.
[12] MYKLETUN E, NARASIMHA M, TSUDIK G. Authentication and integrity in outsourced databases[J]. ACM Transactions on Storage, 2004, 2(2):107-138.
[13] NARASIMHA M, TSUDIK G. DSAC: integrity for outsourced databases with signature aggregation and chaining[C] // ACM CIKM International Conference on Information and Knowledge Management. New York: ACM Press, 2005: 235-236.
[14] WANG Jianfeng, CHEN Xiaofeng, HUANG Xinyi, et al. Verifiable auditing for outsourced database in cloud computing[J]. IEEE Transactions on Computers, 2015, 64(11):3293-3303.
[15] WANG Jianfeng, CHEN Xiaofeng, LI Jin, et al. Towards achieving flexible and verifiable search for outsourced database in cloud computing[J]. Future Generation Computer Systems, 2017, 67:266-275.
[16] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C] // ACM Conference on Computer and Communications Security. New York: ACM, 2007: 598-609.
[17] MERKLE R C. A certified digital signature [M] //Advances in Cryptology—CRYPTO’ 89 Proceedings. New York: Springer-Verlag, 1989: 218-238.
[18] BUCHMANN J, DAHMEN E, SCHNEIDER M. Merkle tree traversal revisited[M] // Post-Quantum Cryptography. Berlin: Springer-Verlag, 2008: 63-78.
[19] BURTON H B. Space/Time trade-offs in hash coding with allowable errors[J]. Communications of the ACM, 1970, 13(7):422-426.
[20] EPPSTEIN D, GOODRICH M T. Straggler identification in round-trip data streams via Newton's identities and invertible Bloom filters[J]. IEEE Transactions on Knowledge & Data Engineering, 2010, 23(2):297-306.
[21] FAN Li, CAO Pei, ALMEIDA J, et al. Summary cache: a scalable wide-area Web cache sharing protocol[J]. IEEE/ACM Transactions on Networking, 2000, 8(3):281-293.
[22] EVDOKIMOV S, GUNTHER O. Encryption techniques for secure database outsourcing[C] // Proceedings of the12th European Symposium on Research in Computer Security. Heidelberger: Springer-Verlag Berlin, 2007: 327-342.
[23] CHU Chengkang, TZENG W G. Efficient k-out-of-n oblivious transfer schemes with adaptive and non-adaptive queries [J]. Journal of Universal Computer Science, 2005, 3(3):172-183.

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed

云计算中可验证的外包数据库加密搜索方案

Verifiable and searchable encryption scheme for outsourced database in cloud computing

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 8

多维度评价

本文评价

推荐阅读 0

[1]	王小艳,陈兴蜀,王毅桐,葛龙. 基于OpenStack的云计算网络性能测量与分析[J]. 山东大学学报（理学版）, 2018, 53(1): 30-37.
[2]	黄宇晴,赵波,肖钰,陶威. 一种基于KVM的vTPM虚拟机动态迁移方案[J]. 山东大学学报（理学版）, 2017, 52(6): 69-75.
[3]	陈广瑞,陈兴蜀,王毅桐,葛龙. 一种IaaS多租户环境下虚拟机软件更新服务机制[J]. 山东大学学报（理学版）, 2017, 52(3): 60-67.
[4]	姚克,朱斌瑞,秦静. 基于生物信息的可验证公钥可搜索加密协议[J]. 山东大学学报（理学版）, 2017, 52(11): 11-22.
[5]	岳猛,吴志军,姜军. 云计算中基于可用带宽欧氏距离的LDoS攻击检测方法[J]. 山东大学学报（理学版）, 2016, 51(9): 92-100.
[6]	蔡红云, 田俊峰. 云计算中的数据隐私保护研究[J]. 山东大学学报（理学版）, 2014, 49(09): 83-89.
[7]	罗海燕, 吕萍, 刘林忠, 杨洵. 云环境下基于模糊粗糙AHP的企业信任综合评估[J]. 山东大学学报（理学版）, 2014, 49(08): 111-117.
[8]	刘洋，秦丰林，葛连升. 云计算测量研究综述[J]. J4, 2013, 48(11): 27-35.