Secure Multi-Client Data Access with Boolean Queries in Distributed Key-Value Stores

Xu Yuan; Xingliang Yuan; Baochun Li; Cong Wang

doi:10.1109/CNS.2017.8228619

Secure Multi-Client Data Access with Boolean Queries in Distributed Key-Value Stores

Xu Yuan, Xingliang Yuan, Baochun Li, Cong Wang

Department of Computer Science

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

5 Citations (Scopus)

Abstract

In the era of big data processing, it is desirable to manage large volumes of data with high scalability, confidentiality protection, and flexible types of search queries. In this paper, we propose a design to store encrypted data on a cluster of distributed servers while supporting secure and authorized Boolean queries. In particular, the data owner encrypts the database with encrypted searchable index attributes, and the encrypted data values are stored evenly across multiple servers by leveraging a distributed index framework. Based on this design, we show how to construct encrypted indexes, generate search tokens, and query parallelly to achieve efficient Boolean search. Moreover, these queries are not only limited to those initiated by the data owner but also by other authorized clients. Specifically, we further integrate a recent scheme to make the authorization of client's requests non-interactive. The data owner is not required to stay online to interact with the clients. We characterize the leakage profile and provide a formal security analysis to demonstrate that our system can guarantee data confidentiality and query privacy. To validate our protocol, we implement a system prototype and evaluate the efficiency of our construction experimentally. Through experimental results, we show the effectiveness of our protocol in term of data encryption time and Boolean query time.

Original language	English
Title of host publication	2017 IEEE Conference on Communications and Network Security (CNS)
Publisher	IEEE
ISBN (Electronic)	9781538606834
ISBN (Print)	9781538606841
DOIs	https://doi.org/10.1109/CNS.2017.8228619
Publication status	Published - Oct 2017
Event	2017 IEEE Conference on Communications and Network Security - Las Vegas, NV USA, Las Vegas, NV, United States Duration: 9 Oct 2017 → 11 Oct 2017 http://cns2017.ieee-cns.org/content/technical-program

Conference

Conference	2017 IEEE Conference on Communications and Network Security
Place	United States
City	Las Vegas, NV
Period	9/10/17 → 11/10/17
Internet address	http://cns2017.ieee-cns.org/content/technical-program

Bibliographical note

Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).

Access Output

10.1109/CNS.2017.8228619

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@inproceedings{a029e83f46524cbc944fab38c59d52b3,

title = "Secure Multi-Client Data Access with Boolean Queries in Distributed Key-Value Stores",

abstract = "In the era of big data processing, it is desirable to manage large volumes of data with high scalability, confidentiality protection, and flexible types of search queries. In this paper, we propose a design to store encrypted data on a cluster of distributed servers while supporting secure and authorized Boolean queries. In particular, the data owner encrypts the database with encrypted searchable index attributes, and the encrypted data values are stored evenly across multiple servers by leveraging a distributed index framework. Based on this design, we show how to construct encrypted indexes, generate search tokens, and query parallelly to achieve efficient Boolean search. Moreover, these queries are not only limited to those initiated by the data owner but also by other authorized clients. Specifically, we further integrate a recent scheme to make the authorization of client's requests non-interactive. The data owner is not required to stay online to interact with the clients. We characterize the leakage profile and provide a formal security analysis to demonstrate that our system can guarantee data confidentiality and query privacy. To validate our protocol, we implement a system prototype and evaluate the efficiency of our construction experimentally. Through experimental results, we show the effectiveness of our protocol in term of data encryption time and Boolean query time.",

author = "Xu Yuan and Xingliang Yuan and Baochun Li and Cong Wang",

note = "Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).; 2017 IEEE Conference on Communications and Network Security ; Conference date: 09-10-2017 Through 11-10-2017",

year = "2017",

month = oct,

doi = "10.1109/CNS.2017.8228619",

language = "English",

isbn = "9781538606841",

booktitle = "2017 IEEE Conference on Communications and Network Security (CNS)",

publisher = "IEEE",

address = "United States",

url = "http://cns2017.ieee-cns.org/content/technical-program",

}

TY - GEN

T1 - Secure Multi-Client Data Access with Boolean Queries in Distributed Key-Value Stores

AU - Yuan, Xu

AU - Yuan, Xingliang

AU - Li, Baochun

AU - Wang, Cong

N1 - Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).

PY - 2017/10

Y1 - 2017/10

N2 - In the era of big data processing, it is desirable to manage large volumes of data with high scalability, confidentiality protection, and flexible types of search queries. In this paper, we propose a design to store encrypted data on a cluster of distributed servers while supporting secure and authorized Boolean queries. In particular, the data owner encrypts the database with encrypted searchable index attributes, and the encrypted data values are stored evenly across multiple servers by leveraging a distributed index framework. Based on this design, we show how to construct encrypted indexes, generate search tokens, and query parallelly to achieve efficient Boolean search. Moreover, these queries are not only limited to those initiated by the data owner but also by other authorized clients. Specifically, we further integrate a recent scheme to make the authorization of client's requests non-interactive. The data owner is not required to stay online to interact with the clients. We characterize the leakage profile and provide a formal security analysis to demonstrate that our system can guarantee data confidentiality and query privacy. To validate our protocol, we implement a system prototype and evaluate the efficiency of our construction experimentally. Through experimental results, we show the effectiveness of our protocol in term of data encryption time and Boolean query time.

AB - In the era of big data processing, it is desirable to manage large volumes of data with high scalability, confidentiality protection, and flexible types of search queries. In this paper, we propose a design to store encrypted data on a cluster of distributed servers while supporting secure and authorized Boolean queries. In particular, the data owner encrypts the database with encrypted searchable index attributes, and the encrypted data values are stored evenly across multiple servers by leveraging a distributed index framework. Based on this design, we show how to construct encrypted indexes, generate search tokens, and query parallelly to achieve efficient Boolean search. Moreover, these queries are not only limited to those initiated by the data owner but also by other authorized clients. Specifically, we further integrate a recent scheme to make the authorization of client's requests non-interactive. The data owner is not required to stay online to interact with the clients. We characterize the leakage profile and provide a formal security analysis to demonstrate that our system can guarantee data confidentiality and query privacy. To validate our protocol, we implement a system prototype and evaluate the efficiency of our construction experimentally. Through experimental results, we show the effectiveness of our protocol in term of data encryption time and Boolean query time.

UR - http://www.scopus.com/inward/record.url?scp=85046551160&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85046551160&origin=recordpage

U2 - 10.1109/CNS.2017.8228619

DO - 10.1109/CNS.2017.8228619

M3 - RGC 32 - Refereed conference paper (with host publication)

SN - 9781538606841

BT - 2017 IEEE Conference on Communications and Network Security (CNS)

PB - IEEE

T2 - 2017 IEEE Conference on Communications and Network Security

Y2 - 9 October 2017 through 11 October 2017

ER -

Secure Multi-Client Data Access with Boolean Queries in Distributed Key-Value Stores

Abstract

Conference

Bibliographical note

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this