Abstract
Under the overwhelming trend in Cloud Computing, Cloud Databases possessing high scalability / high availability / high parallel performance have become a prevalent paradigm of data outsourcing. In consideration of security and privacy, both individuals and enterprises prefer to outsource service data in encrypted form. Unfortunately, most encrypted databases cannot support such complicated queries as wildcard-based fuzzy searching, which, to some extent, limits the practicability in real applications. To explore more business logic in encrypted databases, an enhanced wildcard-based fuzzy searching scheme (enWFS) is proposed in this paper, which integrates specialized Adjacent Character Matrix/Tensor into proxy middleware, appends two types of ancillary columns into data tables, as well as designs an advanced adaptive overwriting method to revise query expressions with wildcards (‘%’ and ‘_’). Meanwhile, some security enhancements and TupleRank are added to enWFS scheme so as to achieve superior fuzzy searching experiences. Extensive experiments based on real datasets demonstrate effectiveness, feasibility of our proposal.
Similar content being viewed by others
Notes
For the sake of simplicity, among illustrations of this paper, the beginning and the end of a string will be uniformly represented as ‘#’ (as you can see in Table 1). But these two cases will be treated respectively during the implementation.
In many real applications, sensitive information may only contained in some of the columns in data tables, so data owners just need to focus on those specific columns. i.e. attribute values in those specific columns are regarded as the corpus.
LSH dimension means the number of features returned from LSH corresponding to a word in attribute values. Details will be introduced in the next section.
This is an offline process conducted by data owners regularly. After updates of CFA, ACM and ACT are completed locally, both will be outsourced to the cloud.
After several tuples are matched via ancillary columns, corresponding DET ciphertext will be returned for decryption. i.e. Ancillary columns are used for fuzzy searching, and all matched results are achieved by decrypting DET ciphertext.
A word’s signature on each dimension is assured of an equal width by padding zero.
We use popular n-gram methods described in Section 3.1.1 .
Remark: In the clause ‘a__le%’, ‘a__le’ may refer to ‘apple’, ‘ankle’, etc, so ‘a__le’ can be treated as an unbroken word in the clause ‘a__le%’; On the contrary, ‘app%’ may refer to ‘applaud’, ‘applicant’, etc, so ‘app’ in the clause ‘app%’ is reckoned to be a fragment of words.
This flag array provides a reference for our algorithm, and it will be revised in the process.
We don’t consider the number of total underscores. e.g.mcu = 2 for ‘a__l_’.
About 5000 rows of data are processed in the c-LSH experiment while nearly 50000 rows of data are processed here.
We construct these three structures separately in the experiment. In fact, the construction can be conducted simultaneously in real applications.
So we evaluate the FSE (LSH) and FSE (BF) respectively with regard to c-LSH and c-BF.
Following the standard of good accuracy stated above the accuracy metrics, if the result set from a scheme has false negative phenomenon, we won’t evaluate its # of false positive tuples anymore.
Results from experiments in Section 5.2.4 are used here.
e.g. If the original clause is ‘a__le%’, attribute values satisfying ‘apple%’, ‘ankle%’, etc, should all be retrieved.
References
Boldyreva, A., Chenette, N.: Efficient Fuzzy Search on Encrypted Data. In: FSE 2014 Workshop, pp. 613–633 (2014)
Cash, D., Jaeger, J., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation. In: NDSS (2014)
Cash, D., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries. In: CRYPTO 2013, Proceedings, Part I, pp. 353–373 (2013)
Chase, M., Kamara, S.: Structured Encryption and Controlled Disclosure. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 577–594 (2010)
Chen, H., Tian, X., Jin, C.: Fuzzy Searching Encryption with Complex Wild-Cards Queries on Encrypted Database. In: APWeb-WAIM 2018, pp. 3–18 (2018)
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable Symmetric Encryption:Improved Definitions and Efficient Constructions. In: ACM Conference on Computer and Communications Security, pp. 79–88 (2006)
Fan, K., Yin, J., Wang, J., Li, H., Yang, Y.: Multi-Keyword Fuzzy and Sortable Ciphertext Retrieval Scheme for Big Data. In: GLOBECOM 2017, pp. 1–6 (2017)
Fu, Z., Wu, X., Guan, C., Sun, X., Ren, K.: Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans. Inf. Forensic. Secur. 11(12), 2706–2716 (2017)
Gonzalez, L.M.V., Rodero-merino, L., Caceres, J., Lindner, M.A.: A break in the clouds: towards a cloud definition. Comput. Commun. Rev. 39(1), 50–55 (2009)
Hahn, F., Kerschbaum, F.: Searchable encryption with secure and efficient updates. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 310–320 (2014)
Kamara, S., Papamanthou, C.: Parallel and Dynamic Searchable Symmetric Encryption. In: International Conference on Financial Cryptography and Data Security, pp. 258–274 (2013)
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic Searchable Symmetric Encryption. In: Acm Conference on Computer and Communications Security, pp. 965–976 (2012)
Kurosawa, K., Ohtaki, Y.: Uc-Secure Searchable Symmetric Encryption. In: International Conference on Financial Cryptography and Data Security, pp. 285–298 (2012)
Kurosawa, K., Sasaki, K., Ohta, K., Yoneyama, K.: Uc-Secure Dynamic Searchable Symmetric Encryption Scheme. In: IWSEC, pp. 73–90 (2016)
Kuzu, M., Islam, M.S., Kantarcioglu, M.: Efficient Similarity Search over Encrypted Data. In: IEEE International Conference on Data Engineering, pp. 1156–1167 (2012)
Li, J., Liu, Z., Chen, X., Xhafa, F., Tan, X., Wong, D.S.: L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl.-Based Syst. 79, 18–26 (2015)
Liu, Z., Li, J., Li, J., Jia, C., Yang, J., Yuan, K.: Sql-based fuzzy query mechanism over encrypted database. Int. J. Data Warehous. Min. (IJDWM) 10 (4), 71–87 (2014)
Liu, Z., Ma, H., Li, J., Jia, C., Li, J., Yuan, K.: Secure Storage and Fuzzy Query over Encrypted Databases. In: International Conference on Network and System Security, pp. 439–450 (2013)
Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. IEEE Symposium on Security and Privacy, pp. 463–477 (2013)
Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: Cryptdb: Protecting Confidentiality with Encrypted Query Processing. In: ACM SOSP, pp. 85–100 (2011)
Song, D.X., Wagner, D.A., Perrig, A.: Practical Techniques for Searches on Encrypted Data. In: IEEE Symposium on Security and Privacy, pp. 44–55 (2000)
Tetali, S.D., Lesani, M., Majumdar, R., Millstein, T.D.: Mrcrypt: Static Analysis for Secure Cloud Computations. In: ACM SIGPLAN OOPSLA, pp. 271–286 (2013)
Wang, B., Yu, S., Lou, W., Hou, Y.T.: Privacy-Preserving Multi-Keyword Fuzzy Search over Encrypted Data in the Cloud. In: IEEE INFOCOM, pp. 2112–2120 (2014)
Wang, C., Cao, N., Li, J., Ren, K.: Secure Ranked Keyword Search over Encrypted Cloud Data. In: IEEE International Conference on Distributed Computing Systems (ICDCS), pp. 253–262 (2010)
Wang, J., Ma, H., Tang, Q., Li, J., Zhu, H., Ma, S., Chen, X.: Efficient verifiable fuzzy keyword search over encrypted data in cloud computing. Comput. Sci. Inf. Syst. 10(2), 667–684 (2013)
Wang, Q., He, M., Du, M., Chow, S.S.M., Lai, R.W.F., Zou, Q.: Searchable encryption over feature-rich data. IEEE Trans. Dependable Sec. Comput. 15(3), 496–510 (2018)
Wei, X., Zhang, H.: Verifiable Multi-Keyword Fuzzy Search over Encrypted Data in the Cloud. In: International Conference on Advanced Materials and Information Technology Processing, pp. 271–277 (2016)
Acknowledgments
Supported by the National Key Research and Development Program of China (No. 2016YFB1000905), NSFC (Nos. 61772327, 61532021, U1501252, U1401256 and 61402180).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article belongs to the Topical Collection: Special Issue on Web Information Management and Applications
Guest Editors: Yi Cai and Jianliang Xu
Rights and permissions
About this article
Cite this article
Hua, J., Liu, Y., Chen, H. et al. An enhanced wildcard-based fuzzy searching scheme in encrypted databases. World Wide Web 23, 2185–2214 (2020). https://doi.org/10.1007/s11280-019-00774-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11280-019-00774-x