Searchitect - A Developer Framework for Hybrid Searchable Encryption (Position Paper)
Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security
In light of the trend towards cloud-based applications, privacy enhancing technologies are becoming increasingly important. Searchable encryption (SE) allows to outsource data to the cloud in a secure way, whilst permitting search functionality on that encrypted data: the host is able to perform search queries on behalf of the user, but without having access to the encryption keys. We propose Searchitect, a developer framework which allows to enhance existing cloud-based applications with
... able encryption. Searchitect provides a ready-to-use client-server infrastructure, which is expandable by custom SE schemes, the server being a configurable webservice offering searchable encryption as a service (SEaaS). Unlike other searchable encryption frameworks our approach is hybrid: Searchitect separates the index component from the data encryption scheme, leaving the application's own specific encryption paradigm and access control untouched. In this way, we hope to ease the integration of searchable encryption into already existing cloud-based applications, requiring only the client code to be modified. Further, as searchable encryption is a very active field of research, we emphasize the experimental character of Searchitect's framework. It aims at developers keeping track of recent SE developments, providing an easy deployable solution for testing in public and private clouds.