Searchable Encryption with Access Control

Nils Löken
2017 Proceedings of the 12th International Conference on Availability, Reliability and Security - ARES '17  
Outsourcing data to the cloud is becoming increasingly prevalent. To ensure data con dentiality, encrypting the data before outsourcing it is advised. While encryption protects the secrets in the data, it also prevents operations on the data. For example in a multi-user se ing, data is o en accessed via search, but encryption prevents search. Searchable encryption solves this dilemma. However, in a multi-user se ing not all users may be allowed to access all data, requiring some means of access
more » ... control. We address the question how searchable encryption and access control can be combined. Combining these technologies is required to achieve strong notions of con dentiality: if a ciphertext occurs as a search result, we learn something about the underlying document, even if access control does not let us access the document. is illustrates a need to link search and access control, so that search results presented to users only feature data the users are allowed to access. Our searchable encryption scheme with access control establishes that link.
doi:10.1145/3098954.3098987 dblp:conf/IEEEares/Loken17 fatcat:ymqsggozuzgabmtqzo4ywohaee