Edge-Based Efficient Search over Encrypted Data Mobile Cloud Storage
Abstract
:1. Introduction
2. Related Work
3. Encrypted Search in Cloud Storage
3.1. Traditional Encrypted Search over Cloud Data
3.1.1. Index Generation and File Encryption
3.1.2. Encrypted File Search and Retrieval
- Keywords Processing: When users submit the keyword, the client first processes the keyword to generate the trapdoor of the keyword. Then, the client sends a search request (the trapdoor of the keyword) to the cloud server.
- Index Searching: On receiving the search request, the cloud uses the trapdoor to gain entry to the file index. Then, the posting list related to the keyword is sent back to the data user.
- Calculation&Rank: The data user decrypts the posting list and calculates the relevance scores to find the top-k relevant files, and then sends a request to retrieve the files.
- File Retrieval: The cloud server finds the target files and sends them back to the data user.
- File Decryption: The data user decrypts the target files to recover the original data.
3.2. Challenges in Mobile Cloud Storage
- Improve the performance efficiency of traditional encrypted search method, which includes reducing the file search/retrieval time and energy consumption.
- Try our best to minimize the information acquisition of the curious cloud.
4. ENSURE System Design
4.1. Edge Computing
4.2. The Basic Idea of ENSURE
- Sensor-equipped mobile devices move in some certain region.
- One of the available, controllable, trustworthy, and relative resource-rich local devices in that region plays the role of edge server.
- The data transmission between mobile devices and the edge server is safe.
4.3. Process of File Search and Retrieval in ENSURE
- Keyword Processing: Since the data owner permits the data user to access the data, the data user could encrypt and hash the keyword to generate the search request (a trapdoor of the keyword) in their mobile device when he wants to search the top-k relevant files involving the keyword. Following this, the mobile device would send the request to the edge server and wait for the response from the edge server.
- Index Searching: On receiving the request, the edge server first synchronizes the encrypted file index from the cloud in case of the file index update. Then, it would decrypt the file index and search the matching posting list in the index based on the search request. The posting list contains the information (e.g., word frequency) of files that involve the keyword.
- Calculation&Rank: The edge server obtains and decrypts the posting list corresponding to the keyword, then uses the information in the posting list to calculate the relevance scores to find the top-k relevant files. Lastly, since all the files are still stored in the cloud storage, a request should be sent to the cloud server in order to retrieve these files.
- File Retrieval: The cloud finds the retrieved files and sends them back to the edge server upon request.
- File Decryption: The edge server receives these files from the cloud. After decryption, the top-k relevant files are sent to the mobile device.
4.4. Performance Efficiency of ENSURE
- Keyword Processing: In two schemes, this step makes no difference, so the execution time is equal.
- Index Searching: The index search time of ENSURE is faster than the traditional method because in the traditional method, the client has a round-trip communication with the cloud to send the processed keyword and retrieve the posting list corresponding to the query keyword, but ENSURE only needs the client to send the search request to the edge server for the local index and wait for the results.
- Calculation&Rank: The computation workload in this step is an increasing function of the document frequency (the number of files containing the keyword). In the traditional method, the high document frequency results in the rapid growth of the execution time of Calculation&Rank because the resource-constrained mobile device cannot afford this heavy workload. As for ENSURE, it allows the edge server to implement this step. With the relative abundant computing resources, the edge server is slightly effected by the high document frequency and keeps the growth of execution time relatively slow.
- File Retrieval: The time consumption of this step mainly depends on the network bandwidth accessing the cloud. The higher the bandwidth, the faster the speed of file retrieval. In both of the schemes, the cloud sends the relevant files back upon request. The files are only determined by the keyword. Thus, if the network condition is the same, the time consumption exhibits almost no differences between the two schemes in this step.
- File Decryption: In ENSURE, the file decryption is handled by the edge server, so the file decryption time of ENSURE is smaller than the traditional method which leverages the mobile device to decrypt the files. However, after decrypting the files, the edge server should send the original data back to the mobile device, which is not needed in the traditional method. The extra transmission latency is too small to disturb the efficiency improvement since the edge server is in the same LAN with mobile devices and the distance between them is quite short.
4.5. Security of ENSURE
5. Evaluation
5.1. Experimental Environment
5.2. File Search and Retrieval Time
5.3. Energy Consumption
6. Conclusions
Acknowledgments
Author Contributions
Conflicts of Interest
References
- Tang, J.; Liu, A.; Zhang, J.; Xiong, N.N.; Zeng, Z.; Wang, T. A trust-based secure routing scheme using the traceback approach for energy-harvesting wireless sensor networks. Sensors 2018, 18, 751. [Google Scholar] [CrossRef] [PubMed]
- Liu, A.; Huang, M.; Zhao, M.; Wang, T. A smart high-speed backbone path construction approach for energy and delay optimization in WSNS. IEEE Access 2018. [Google Scholar] [CrossRef]
- Li, Y.; Cai, Z.; Xu, H. LLMP: Exploiting LLDP for Latency Measurement in Software-Defined Data Center Networks. J. Comput. Sci. Technol. 2018, 33, 277–285. [Google Scholar] [CrossRef]
- Chun, B.G.; Ihm, S.; Maniatis, P.; Naik, M.; Patti, A. Clonecloud: Elastic execution between mobile device and cloud. In Proceedings of the 6th Conference on Computer systems, Salzburg, Austria, 10–13 April 2011; pp. 301–314. [Google Scholar]
- Huang, D. Mobile cloud computing. In Proceedings of the 2011 10th IEEE/ACIS International Conference on Computer and Information Science, Sanya, China, 16–18 May 2011; p. 432. [Google Scholar]
- Huang, D.; Zhang, X.; Kang, M.; Luo, J. Mobicloud: Building secure cloud framework for mobile computing and communication. In Proceedings of the IEEE International Symposium on Service Oriented System Engineering, Nanjing, China, 4–5 June 2010; pp. 27–34. [Google Scholar]
- Liu, F.; Li, T. A clustering k-anonymity privacy-preserving method for wearable IoT devices. Secur. Commun. Netw. 2018. [Google Scholar] [CrossRef]
- Sun, W.; Cai, Z.; Li, Y.; Liu, F.; Fang, S.; Wang, G. Security and Privacy in the Medical Internet of Things: A Review. Secur. Commun. Netw. 2018. [Google Scholar] [CrossRef]
- Liu, Y.; Ota, K.; Zhang, K.; Ma, M.; Xiong, N.; Liu, A.; Long, J. QTSAC: An energy-efficient mac protocol for delay minimization in wireless sensor networks. IEEE Access 2018, 6, 8273–8291. [Google Scholar] [CrossRef]
- Zerr, S.; Demidova, E.; Olmedilla, D.; Nejdl, W.; Winslett, M.; Mitra, S. Zerber: R-confidential indexing for distributed documents. In Proceedings of the International Conference on Extending Database Technology (EDBT 2008), Nantes, France, 25–29 March 2008; pp. 287–298. [Google Scholar]
- Swaminathan, A.; Mao, Y.; Su, G.M.; Gou, H.; Varna, A.L.; He, S.; Wu, M.; Oard, D.W. Confidentiality-preserving rank-ordered search. In Proceedings of the 2007 ACM Workshop on Storage Security and Survivability, Alexandria, VA, USA, 29 October 2007; pp. 7–12. [Google Scholar]
- Curtmola, R.; Garay, J.; Kamara, S.; Ostrovsky, R. Searchable symmetric encryption: Improved definitions and efficient constructions. J. Comput. Secur. 2011, 19, 895–934. [Google Scholar] [CrossRef]
- Waters, B.R.; Balfanz, D.; Durfee, G.; Smetters, D.K. Building an encrypted and searchable audit log. Annu. Netw. Distrib. Syst. Secur. Symp. 2004, 4, 5–6. [Google Scholar]
- Li, J.; Ma, R.; Guan, H. Tees: An efficient search scheme over encrypted data on mobile cloud. IEEE Trans. Cloud Comput. 2017, 5, 126–139. [Google Scholar] [CrossRef]
- Wang, C.; Cao, N.; Li, J.; Ren, K.; Lou, W. Secure ranked keyword search over encrypted cloud data. In Proceedings of the IEEE International Conference on Distributed Computing Systems, Genova, Italy, 21–25 June 2010; pp. 253–262. [Google Scholar]
- Zerr, S.; Olmedilla, D.; Nejdl, W.; Siberski, W. Zerber+r: Top-k retrieval from a confidential index. In Proceedings of the International Conference on Extending Database Technology: Advances in Database Technology, Saint-Petersburg, Russia, 23–26 March 2009; pp. 439–449. [Google Scholar]
- Islam, M.S.; Kuzu, M.; Kantarcioglu, M. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Proceedings of the 19th Annual Network & Distributed System Security Symposium, San Diego, CA, USA, 5–8 February 2012. [Google Scholar]
- Cai, Z.; Wang, Z.; Zheng, K.; Cao, J. A distributed TCAM coprocessor architecture for integrated longest prefix matching, policy filtering, and content filtering. IEEE Trans. Comput. 2013, 62, 417–427. [Google Scholar] [CrossRef]
- Zhang, H.; Cai, Z.; Liu, Q.; Xiao, Q.; Li, Y.; Chak, F.C. A survey on security-aware network measurement in SDN. Secur. Commun. Netw. 2018, 2018. [Google Scholar]
- Satyanarayanan, M. The emergence of edge computing. Computer 2017, 50, 30–39. [Google Scholar] [CrossRef]
- Shi, W.; Cao, J.; Zhang, Q.; Li, Y.; Xu, L. Edge computing: Vision and challenges. IEEE Internet Things J. 2016, 3, 637–646. [Google Scholar] [CrossRef]
- Paradrop. Available online: https://www.paradrop.org/ (accessed on 2 January 2018).
- Hung, S.H.; Shih, C.S.; Shieh, J.P.; Lee, C.P.; Huang, Y.H. An online migration environment for executing mobile applications on the cloud. In Proceedings of the Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Seoul, Korea, 30 June–2 July 2011; pp. 20–27. [Google Scholar]
- Zou, P.; Wang, C.; Liu, Z.; Bao, D. Phosphor: A cloud based DRM scheme with sim card. In Proceedings of the 2010 12th International Asia-Pacific Web Conference, Busan, Korea, 6–8 April 2010; pp. 459–463. [Google Scholar]
- Ristenpart, T.; Tromer, E.; Shacham, H.; Savage, S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, IL, USA, 9–13 November 2009; pp. 199–212. [Google Scholar]
- Chang, Y.C.; Mitzenmacher, M. Privacy preserving keyword searches on remote encrypted data. In Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS 2005), New York, NY, USA, 7–10 June 2005; pp. 442–455. [Google Scholar]
- Miettinen, A.P.; Nurminen, J.K. Energy efficiency of mobile clients in cloud computing. In Proceedings of the 2nd Usenix Conference on Hot Topics in Cloud Computing, Boston, MA, USA, 22–25 June 2010; p. 4. [Google Scholar]
- Bowers, K.D.; Juels, A.; Oprea, A. Hail: A high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, IL, USA, 9–13 November 2009; pp. 187–198. [Google Scholar]
- Hu, Y.C.; Patel, M.; Sabella, D.; Sprecher, N.; Young, V. Mobile edge computing—A key technology towards 5G. ETSI White Paper 2015, 11, 1–6. [Google Scholar]
- Abdul, W.; Ali, Z.; Ghouzali, S.; Alfawaz, B.; Muhammad, G.; Hossain, M.S. Biometric security through visual encryption for fog edge computing. IEEE Access 2017, 5, 5531–5538. [Google Scholar] [CrossRef]
- Jridi, M.; Chapel, T.; Dorez, V.; Le Bougeant, G.; Le Botlan, A. SoC-Based Edge Computing Gateway in the Context of the Internet of Multimedia Things: Experimental Platform. J. Low Power Electron. Appl. 2018, 8, 1. [Google Scholar] [CrossRef]
- Jindal, M.; Dave, M. Data security protocol for cloudlet based architecture. In Proceedings of the Recent Advances and Innovations in Engineering, Jaipur, India, 9–11 May 2014; pp. 1–5. [Google Scholar]
- Huang, D.; Zhou, Z.; Xu, L.; Xing, T.; Zhong, Y. In Secure data processing framework for mobile cloud computing. In Proceedings of the Computer Communications Workshops, Shanghai, China, 10–15 April 2011; pp. 614–618. [Google Scholar]
- Zobel, J.; Moffat, A. Inverted Files for Text Search Engines. ACM Comput. Surv. 2006, 38, 6. [Google Scholar] [CrossRef]
- Kumar, K.; Lu, Y.H. Cloud computing for mobile users: Can offloading computation save energy? Computer 2010, 43, 51–56. [Google Scholar] [CrossRef]
- Cash, D.; Perry, J.; Perry, J.; Ristenpart, T. Leakage-abuse attacks against searchable encryption. In Proceedings of the ACM Conference on Computer and Communications Security, Denver, CO, USA, 12–16 October 2015; pp. 668–679. [Google Scholar]
- Liu, C.; Zhu, L.; Wang, M.; Tan, Y.A. Search pattern leakage in searchable encryption: Attacks and new construction. Inf. Sci. 2014, 265, 176–188. [Google Scholar] [CrossRef]
- Internet Engineering Task Force (IETF). RFCs. Available online: http://www.ietf.org/standards/rfcs/ (accessed on 8 February 2018).
- Qualcomm. Trepn Power Profiler. Available online: https://developer.qualcomm.com/software/trepn-power-profiler (accessed on 10 February 2018).
Keyword | Document Frequency |
---|---|
MAC | 97 |
TCP | 277 |
Security | 586 |
Internet | 1291 |
IP | 2137 |
© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Guo, Y.; Liu, F.; Cai, Z.; Xiao, N.; Zhao, Z. Edge-Based Efficient Search over Encrypted Data Mobile Cloud Storage. Sensors 2018, 18, 1189. https://doi.org/10.3390/s18041189
Guo Y, Liu F, Cai Z, Xiao N, Zhao Z. Edge-Based Efficient Search over Encrypted Data Mobile Cloud Storage. Sensors. 2018; 18(4):1189. https://doi.org/10.3390/s18041189
Chicago/Turabian StyleGuo, Yeting, Fang Liu, Zhiping Cai, Nong Xiao, and Ziming Zhao. 2018. "Edge-Based Efficient Search over Encrypted Data Mobile Cloud Storage" Sensors 18, no. 4: 1189. https://doi.org/10.3390/s18041189
APA StyleGuo, Y., Liu, F., Cai, Z., Xiao, N., & Zhao, Z. (2018). Edge-Based Efficient Search over Encrypted Data Mobile Cloud Storage. Sensors, 18(4), 1189. https://doi.org/10.3390/s18041189