AESM² Attribute-Based Encrypted Search for Multi-Owner and Multi-User Distributed Systems

With the rapid development of cloud computing, it is popular for data owners to outsource massive data to the cloud server for data sharing. To protect the privacy of sensitive data, many searchable encryption schemes are proposed. However, most of the existing studies focus on the single-owner model. In practice, users need to query data from distributed owners one by one, which inevitably brings great communication and computation overheads. Moreover, it lacks a secure scheme that realizes the access control requirements of individual owners. In this paper, we propose AESM², a new attribute-based encrypted search with ownership enhancement scheme for multi-owner and multi-user distributed systems. Our design enables users to search data from authorized owners with only one trapdoor. Owners can enforce owner level permission on users and encrypt their data individually with fine-grained attribute level permission. For practical consideration, we further devise an efficient revocation method of the owner level permission for users, where ciphertexts do not need to be updated. We formally define and prove the security of our design. Moreover, we implement a system prototype and analyze the performance from theoretical and experimental aspects. The evaluation results demonstrate that our scheme is effective and efficient.