当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
An Efficient and Verifiable Encrypted Data Filtering Framework Over Large-Scale Storage in Cloud Edge
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 2024-09-09 , DOI: 10.1109/tifs.2024.3456600 Qinlong Huang 1 , Chao Wang 1 , Boyu Lu 1
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 2024-09-09 , DOI: 10.1109/tifs.2024.3456600 Qinlong Huang 1 , Chao Wang 1 , Boyu Lu 1
Affiliation
The rapid growth of edge computing is accelerating data subscriptions between cloud platforms and mobile subscribers, but sensitive information in these data faces security and privacy concerns. Fortunately, matchmaking attribute-based encryption (MABE) as a new type of encrypted data filtering mechanism has been introduced in cloud edge, which not only enforces fine-grained access control over the encrypted data, but also allows subscribers to dynamically filter data of interest from authentic publishers through edge nodes. However, filtering entire ciphertext collection in linear time is not feasible for large-scale data storage, and edge nodes may return mismatched or incomplete results due to corruption or compromise. To this end, we propose VDFilter, an efficient and verifiable encrypted data filtering framework over large-scale storage in cloud edge. VDFilter first introduces a verifiable MABE as the underlying primitive, which achieves efficient data filtering in edge nodes with an inverted collection from the ciphertext collection, and verifies the soundness and completeness of filtered results with an accumulation tree. To accommodate the ciphertext collection from multiple publishers, VDFilter deploys the construction of the accumulation tree on the Intel SGX enclave within the cloud server, and utilizes authenticated data structures to guarantee secure and efficient filtered result verification. Finally, we provide formal security proofs for VDFilter and demonstrate its efficiency with extensive experiments. Compared with existing schemes, VDFilter is much more efficient in data storing and filtering even with verification operations, and its computational and communication overhead on the subscriber is also low.
中文翻译:
云边缘大规模存储的高效可验证加密数据过滤框架
边缘计算的快速增长正在加速云平台和移动用户之间的数据订阅,但这些数据中的敏感信息面临安全和隐私问题。幸运的是,云边缘引入了基于匹配属性的加密(MABE)作为一种新型的加密数据过滤机制,不仅可以对加密数据实施细粒度的访问控制,还允许订阅者动态过滤感兴趣的数据来自真实的发布者通过边缘节点。然而,在线性时间内过滤整个密文集合对于大规模数据存储来说是不可行的,并且边缘节点可能由于损坏或妥协而返回不匹配或不完整的结果。为此,我们提出了VDFilter,一种基于云边缘大规模存储的高效且可验证的加密数据过滤框架。 VDFilter首先引入可验证的MABE作为底层原语,通过密文集合的倒排集合实现边缘节点的高效数据过滤,并通过累积树验证过滤结果的健全性和完整性。为了适应来自多个发布者的密文收集,VDFilter在云服务器内的Intel SGX enclave上部署了累积树的构建,并利用经过身份验证的数据结构来保证安全高效的过滤结果验证。最后,我们为 VDFilter 提供了正式的安全证明,并通过大量实验证明了其效率。与现有方案相比,VDFilter在数据存储和过滤方面(即使有验证操作)也更加高效,并且订阅者的计算和通信开销也很低。
更新日期:2024-09-09
中文翻译:
云边缘大规模存储的高效可验证加密数据过滤框架
边缘计算的快速增长正在加速云平台和移动用户之间的数据订阅,但这些数据中的敏感信息面临安全和隐私问题。幸运的是,云边缘引入了基于匹配属性的加密(MABE)作为一种新型的加密数据过滤机制,不仅可以对加密数据实施细粒度的访问控制,还允许订阅者动态过滤感兴趣的数据来自真实的发布者通过边缘节点。然而,在线性时间内过滤整个密文集合对于大规模数据存储来说是不可行的,并且边缘节点可能由于损坏或妥协而返回不匹配或不完整的结果。为此,我们提出了VDFilter,一种基于云边缘大规模存储的高效且可验证的加密数据过滤框架。 VDFilter首先引入可验证的MABE作为底层原语,通过密文集合的倒排集合实现边缘节点的高效数据过滤,并通过累积树验证过滤结果的健全性和完整性。为了适应来自多个发布者的密文收集,VDFilter在云服务器内的Intel SGX enclave上部署了累积树的构建,并利用经过身份验证的数据结构来保证安全高效的过滤结果验证。最后,我们为 VDFilter 提供了正式的安全证明,并通过大量实验证明了其效率。与现有方案相比,VDFilter在数据存储和过滤方面(即使有验证操作)也更加高效,并且订阅者的计算和通信开销也很低。
京公网安备 11010802027423号