TY - JOUR
T1 - Enabling Verifiable and Secure Range Query in Multi-User Setting Under Cloud Environments
AU - Cui, Ningning
AU - Wang, Dong
AU - Zhu, Huaijie
AU - Li, Jianxin
AU - Xu, Jianliang
AU - Yang, Xiaochun
N1 - This work was supported by the Basic scientific research funds of central universities (Nos. 300102404101; 300102404901), National Natural Science Foundation of China (Nos. U22A2025, 62232007, 61991404), ARC Linkage Project (LP180100750), Hong Kong Research Grants Council (C2004-21GF; C2003-23Y; 12202221), Guangdong Basic and Applied Basic Research Foundation (2023B1515130002), and Liaoning Provincial Science and Technology Plan Project-Key R&D Department of Science and Technology (No.2023JH2/101300182).
Publisher Copyright:
IEEE
PY - 2024/12
Y1 - 2024/12
N2 - Data outsourcing to the cloud has become increasingly popular for high-speed storage and retrieval. However, privacy and security are pressing concerns that hinder the further development of cloud computing. A common approach is to encrypt data before outsourcing, assuming the cloud is semi-honest. However, in reality, the cloud may be malicious and forge query results unexpectedly. Moreover, most previous schemes are designed for single-user setting, where different users share the same secret key, leading to potential privacy leaks. Therefore, ensuring confidentiality and verifiability in multi-user setting is crucial but has not been well-addressed. In this paper, we formally define the notion of Verifiable and Secure Range Query in Multi-User Setting (VSRQM) and propose a prefix-aware encoding (Pcode) scheme to encode spatial data for query processing. Next, we design a Tree-Aided Verifiable and Secure Index (SATree) on top of the Pcode and symmetric re-encryption scheme. SATree preserves data privacy, provides a mechanism to verify query results' integrity and achieves sub-linear search time. Additionally, we propose two compression schemes to reduce the space cost of storage and transmission. Finally, we present formal complexity and security analyses and conduct empirical evaluations on real and synthetic datasets to demonstrate our proposed approaches' practical performance.
AB - Data outsourcing to the cloud has become increasingly popular for high-speed storage and retrieval. However, privacy and security are pressing concerns that hinder the further development of cloud computing. A common approach is to encrypt data before outsourcing, assuming the cloud is semi-honest. However, in reality, the cloud may be malicious and forge query results unexpectedly. Moreover, most previous schemes are designed for single-user setting, where different users share the same secret key, leading to potential privacy leaks. Therefore, ensuring confidentiality and verifiability in multi-user setting is crucial but has not been well-addressed. In this paper, we formally define the notion of Verifiable and Secure Range Query in Multi-User Setting (VSRQM) and propose a prefix-aware encoding (Pcode) scheme to encode spatial data for query processing. Next, we design a Tree-Aided Verifiable and Secure Index (SATree) on top of the Pcode and symmetric re-encryption scheme. SATree preserves data privacy, provides a mechanism to verify query results' integrity and achieves sub-linear search time. Additionally, we propose two compression schemes to reduce the space cost of storage and transmission. Finally, we present formal complexity and security analyses and conduct empirical evaluations on real and synthetic datasets to demonstrate our proposed approaches' practical performance.
KW - Data outsourcing
KW - privacy-preserving
KW - range query
KW - result verification
UR - http://www.scopus.com/inward/record.url?scp=85197523918&partnerID=8YFLogxK
U2 - 10.1109/TKDE.2024.3419930
DO - 10.1109/TKDE.2024.3419930
M3 - Journal article
AN - SCOPUS:85197523918
SN - 1041-4347
VL - 36
SP - 8148
EP - 8163
JO - IEEE Transactions on Knowledge and Data Engineering
JF - IEEE Transactions on Knowledge and Data Engineering
IS - 12
ER -