Documente Academic
Documente Profesional
Documente Cultură
BY
Pookotukavu Sairam Shreya 16UK1A05D4
Balguri Chandrika 16UK1A05G1
Kancham Ankitha 16UK1A05E8
Gattikopula Santosh 15UK5A05C2
CERTIFICATE
This is to certify that the Project entitled Achieving Secure and Efficient Dynamic
Searchable Symmetric Encryption Cloud Over Medical Cloud Data is submitted by
Pookotukavu Sairam Shreya (16UK1A05D4), Balguri Chandrika (16UK1A05D7),
Kancha Ankitha (16UK1A05E8), Gattikopula Santhosh (15UK5A05C2) in partial
fulfillment of the requirements for the award of the Degree in Bachelor of Technology in
Computer Science and Engineering during the academic year 2019--2020.
Guide: HOD:
Chaitanya Thuppari Dr R Naveen Kumar
External Examiner:
ACKNOWLEDGEMENT
By
Pookotukavu Sairam Shreya 16UK1A05D4
Balguri Chandrika 16UK1A05D7
In medical cloud computing, a patient can remotely outsource her medical data to the
cloud server. In this case, only authorized doctors are allowed to access the data since the
medical data is highly sensitive. Encrypting the data before outsourcing is a commonly used
approach, where the patient only needs to send the corresponding encryption key to the
authorized doctors. This, however, significantly limits the usability of outsourced medical
data due to the difficulty of searching over the encrypted data. In this paper, we propose two
Secure and Efficient Dynamic Searchable Symmetric Encryption (SEDSSE) schemes over
medical cloud data. Firstly, we leverage the secure k-Nearest Neighbor (kNN) and Attribute-
Based Encryption (ABE) techniques to propose a dynamic searchable symmetric encryption
scheme, which can achieve two important security features, i.e., forward privacy and
backward privacy which are very challenging in the area of dynamic searchable symmetric
encryption. Then, we propose an enhanced scheme to solve the key sharing problem which
widely exists in the kNN based searchable encryption scheme. Compared with existing
proposals, our schemes are better in terms of storage, search and updating complexity.
Extensive experiments demonstrate the efficiency of our schemes on storage overhead, index
building, trapdoor generating and query.
CONTENTS
1- INTRODUCTION
2- PROBLEM DEFINITIONS
3- FEASIBILITY STUDY
6- IMPLEMENTATIONS
7- SYSTEM TESTING
7.1-TESTING METHODOLOGIES
7.2- USER TRAINING
7.3-MAINTENANCE
8- RESULTS
9- CONCLUSION
BIBLOGRAPHY
FIGURES:
Health care service has been extensively studied to improve medical quality and
reduce the cost of medical services. With a large amount of medical data, a health care
system must extend its scale to provide efficient and secure services. Media cloud computing,
which treats computing as a utility, leases out the computing and storage capacities to the
public patients and doctors. It is a revolutionary computing paradigm which enables dynamic
resource allocation, self-demand services, measurement of service, transparency of resource,
etc. As such, a patient can remotely store her data on the cloud server, namely data
outsourcing, and then open her cloud data to the doctors. Note that the outsourced medical
data may contain sensitive and private information (e.g., medical case and diagnostic report).
It is often necessary to encrypt the medical data before it is uploaded to the cloud. However,
the encrypted data cannot provide good usability due to the difficulty of searching over
encrypted data. To address this issue, Searchable Symmetric Encryption (SSE) technology
has been proposed in the literature as a fundamental approach to enabling keyword search
over encrypted cloud data. The existing searchable encryption schemes can achieve fuzzy
keyword search, ranked keyword search, multi-keyword search, and so on. Recently, many k-
Nearest Neighbor (kNN) based SSE schemes have been proposed to search over encrypted
data.
However, in such schemes every search shares the same secret key among users, which
may cause disclosure of privacy. On the other hand, it is a challenging issue, especially in the
health care system, to develop a dynamic version of SSE (DSSE) in which encrypted
keyword search should be supported even if data is arbitrarily inserted into a collection
(forward privacy) or deleted from a collection (backward privacy). Stefano vetal proposed an
efficient DSSE scheme, which can achieve forward privacy, but cannot ensure backward
privacy. Some researchers use the Oblivious Random-Access Memory (ORAM) technique to
achieve the forward privacy and backward privacy in DSSE. However, these approaches
significantly increase the complexity in storage, search and updating processes. To address
the above issues, in this paper, we propose a Secure and Efficient Dynamic Searchable
Symmetric Encryption (SEDSSE) scheme over medical cloud data. This work extends and
improves our previous research [15]. Specifically, this paper addresses two new issues: the
collusion between the cloud server and search users as well as different secret key
distribution among search users. In addition, we apply the new design to the health care
system. Furthermore, the security and performance are analyzed. The original contributions
of the paper are: • Firstly, we combine the k-Nearest Neighbor (kNN) and Attribute-Based
Encryption (ABE) techniques to propose a
2.1-Previous Models
EXISTING SYSTEM: -
The concept of SPE was first proposed by Boneh et al. [26], which supports single
keyword search on encrypted data but the computation overhead is heavy. Curtmola et al.
[27] refined the definition of SSE later. After this work, Boneh et al. [24] proposed
conjunctive, subset, and range queries on encrypted data. Recently in static searchable
symmetric encryption, Wang et al. have developed the ranked keyword search scheme in
[8] and proposed a novel scheme supporting similarity search in [25]. However, these
schemes cannot efficiently support multi-keyword search. To overcome this problem, Sun
et al. [9] proposed a multi-keyword scheme which also considers the relevance scores of
keywords, and it can achieve efficient query by utilizing the multidimensional tree
technique.
Disadvantages
1- The system is not implemented Forward privacy and backward privacy.
2- The system is not implemented Attribute-based encryption.
3 FEASIBILITY STUDY
The first and foremost strategy for development of a project starts from the thought of
designing a mail enabled platform for a small firm in which it is easy and convenient of
sending and receiving messages, there is a search engine, address book and also including
some entertaining games. When it is approved by the organization and our project guide the
first activity, i.e. preliminary investigation begins. The activity has three parts:
Request Clarification
Feasibility Study
Request Approval
REQUEST CLARIFICATION
After the approval of the request to the organization and project guide, with an
investigation being considered, the project request must be examined to determine precisely
what the system requires.
Here our project is basically meant for users within the company whose systems can
be interconnected by the Local Area Network (LAN). In today’s busy schedule man need
everything should be provided in a readymade manner. So, taking into consideration of the
vastly use of the net in day to day life, the corresponding development of the portal came into
existence.
FEASIBILITY ANALYSIS
An important outcome of preliminary investigation is the determination that the
system request is feasible. This is possible only if it is feasible within limited resource and
time. The different feasibilities that have to be analyzed are
Operational Feasibility
Economic Feasibility
Technical Feasibility
Operational Feasibility
Operational Feasibility deals with the study of prospects of the system to be
developed. This system operationally eliminates all the tensions of the Admin and helps him
in effectively tracking the project progress. This kind of automation will surely reduce the
time and energy, which previously consumed in manual work. Based on the study, the system
is proved to be operationally feasible.
Economic Feasibility
Technical Feasibility
According to Roger S. Pressman, Technical Feasibility is the assessment of the
technical resources of the organization. The organization needs IBM compatible machines
with a graphical web browser connected to the Internet and Intranet. The system is developed
for platform Independent environment. Java Server Pages, JavaScript, HTML, SQL server
and WebLogic Server are used to develop the system. The technical feasibility has been
carried out. The system is technically feasible for development and can be developed with
the existing facility.
REQUEST APPROVAL
Not all request projects are desirable or feasible. Some organization receives so many
project requests from client users that only few of them are pursued. However, those projects
that are both feasible and desirable should be put into schedule. After a project request is
approved, it cost, priority, completion time and personnel requirement is estimated and used
to determine where to add it to any project list. Truly speaking, the approval of those above
factors, development works can be launched.
4 DESIGN
1). Add Hospitals and
department
2). View patients and authorize
SYSTEM ARCHITECTURE 3) View doctors and authorize
4).View all patient disease details
and related doctor details in ABE
1. Upload patient details in ABE Format
Format by selecting hospital and
5). View all Patient results from
doctor, Enc attached document
doctors
2.View uploaded patient details, view
treatment schedule date and time Cloud Server 6). Make bill and View total bill
from doctor for particular patients
3.Delete files / patient details 7). View all patient treatment
4. Verify patient details schedule transactions
5. Manage Bank Account
6. View your bill and make payment 8. View Chart Result based on
patient disease (ie.no. of uses
caused malaria, h1n1, etc. by age
wise)
Attacker
Patient
Add Hospitals and department, View
patients and authorize, View doctors Cloud Server
and authorize, View all patient
disease details and related doctor
details in ABE Format, View all
Patient results from doctors, Make
bill and View total bill, View all
patient treatment schedule
transactions, View Chart Result
Doctor
View Profile, View patient details
and send request acceptance for
patients with treatment scheduled
date and time, Add treatment details
based on disease to corresponding
patient, View all scheduled patient
details Attacker
USE CASE DIAGRAM
Attack Patient
Details
Method
s Doctor
Members
In the diagram, classes are represented with boxes which contain three parts
In the design of a system, a number of classes are identified and grouped together in a
class diagram which helps to determine the static relations between those objects. With
detailed modeling, the classes of the conceptual design are often split into a number of
subclasses.
SEQUENCE DIAGRAM
Verify Patient
details?
With the varied topic in existence in the fields of computers, Client Server is one,
which has generated more heat than light, and also more hype than reality. This technology
has acquired a certain critical mass attention with its dedication conferences and magazines.
Major computer vendors such as IBM and DEC, have declared that Client Servers is their
main future market. A survey of DBMS magazine reveled that 76% of its readers were
actively looking at the client server solution. The growth in the client server development
tools from $200 million in 1992 to more than $1.2 billion in 1996.
Client server implementations are complex but the underlying concept is simple and
powerful. A client is an application running with local resources but able to request the
database and relate the services from separate remote server. The software mediating this
client server interaction is often referred to as MIDDLEWARE.
The typical client either a PC or a Work Station connected through a network to a
more powerful PC, Workstation, Midrange or Main Frames server usually capable of
handling request from more than one client. However, with some configuration server may
also act as client. A server may need to access other server in order to process the original
client request.
The key client server idea is that client as user is essentially insulated from the physical
location and formats of the data needs for their application. With the proper middleware, a
client input from or report can transparently access and manipulate both local database on the
client machine and remote databases on one or more servers. An added bonus is the client
server opens the door to multi-vendor database access indulging heterogeneous table joins.
computing: how best to distribute your computing, data generation and data storage resources in order to
obtain efficient, cost effective departmental an enterprise wide data processing. During mainframe era
choices were quite limited. A central machine housed both the CPU and DATA (cards, tapes, drums and
later disks). Access to these resources was initially confined to batched runs that produced departmental
A strong central information service department ruled the corporation. The role of the
rest of the corporation limited to requesting new or more frequent reports and to provide hand
written forms from which the central data banks were created and updated. The earliest client
Time-sharing changed the picture. Remote terminal could view and even change the
central data, subject to access permissions. And, as the central data banks evolved in to
sophisticated relational database with non-programmer query languages, online users could
formulate adhoc queries and produce local reports without adding to the MIS applications
software backlog. However remote access was through dumb terminals, and the client server
remained subordinate to the Slave\Master.
Compilation of code
When you compile the code, the Java compiler creates machine code (called byte code)
for a hypothetical machine called Java Virtual Machine (JVM). The JVM is supposed to
execute the byte code. The JVM is created for overcoming the issue of portability. The code
is written and compiled for one machine and interpreted on all machines. This machine is
Java Java
PC Compiler Interpreter
Source Byte code (PC)
Code
……….. Macintosh Java
Compiler (Platform Interpreter
………..
indepen (Macintosh)
dent)
………..
SPARC
Java
Compiler Interpreter
………… (Sparc)
Simple
Java was designed to be easy for the Professional programmer to learn and to use effectively.
If you are an experienced C++ programmer, learning Java will be even easier. Because Java
inherits the C/C++ syntax and many of the object-oriented features of C++. Most of the
confusing concepts from C++ are either left out of Java or implemented in a cleaner, more
approachable manner. In Java there are a small number of clearly defined ways to accomplish
a given task.
Object-Oriented
Java was not designed to be source-code compatible with any other language. This allowed
the Java team the freedom to design with a blank slate. One outcome of this was a clean
usable, pragmatic approach to objects. The object model in Java is simple and easy to extend,
while simple types, such as integers, are kept as high-performance non-objects.
Robust
JAVASCRIPT
Even though JavaScript supports both client and server Web programming, we prefer
JavaScript at Client-side programming since most of the browsers supports it. JavaScript is
almost as easy to learn as HTML, and JavaScript statements can be included in HTML
documents by enclosing the statements between a pair of scripting tags
<SCRIPTS>…</SCRIPT>.
</SCRIPT>
Here are a few things we can do with JavaScript:
Validate the contents of a form and make calculations.
Add scrolling or changing messages to the Browser’s status line.
Animate images or rotate images that change when we move the mouse over
them.
Detect the browser in use and display different content for different browsers.
Detect installed plug-ins and notify the user if a plug-in is required.
We can do much more with JavaScript, including creating entire application.
J A V A S C R I P T V s J A V A
JavaScript and Java are entirely different languages. A few of the most glaring
differences are:
Java applets are generally displayed in a box within the web document;
JavaScript can affect any part of the Web document itself.
While JavaScript is best suited to simple applications and adding interactive
features to Web pages; Java can be used for incredibly complex applications.
There are many other differences but the important thing to remember is that JavaScript and
Java are separate languages. They are both useful for different things; in fact they can be used
together to combine their advantages.
A D V A N T A G E S
ADVANTAGES
A HTML document is small and hence easy to send over the net. It is small
because it does not include formatted information.
HTML is platform independent.
HTML tags are not case-sensitive.
6 IMPLEMENTATIONS
Patient:
A patient outsources her documents to the cloud server to provide convenient and
reliable data access to the corresponding search doctors. To protect the data privacy, the
patient encrypts the original documents under an access policy using attribute-based
encryption. To improve the search efficiency, she also generates some keyword for each
outsourced document. The corresponding index is then generated according to the keywords
using the secret key of the secure kNN scheme. After that, the patient sends the encrypted
documents, and the corresponding indexes to the cloud server, and submits the secret key to
the search doctors.
Cloud server:
A cloud server is an intermediary entity which stores the encrypted documents and the
corresponding indexes received from patients, and then provides data access and search
services to authorized search doctors. When a search doctor sends a trapdoor to the cloud
server, it would return a collection of matching documents based on certain operations.
Doctor:
An authorized doctor can obtain the secret key from the patient, where this key can be
used to generate trapdoors. When she needs to search the outsourced documents stored in the
cloud server, she will generate a search keyword set. Then according to the keyword set, the
doctor uses the secret key to generate a trapdoor and sends it to the cloud server. Finally, she
receives the matching document collection from the cloud server and decrypts them with the
ABE key received from the trusted authority. After getting the health information of the
patient, the doctor can also outsource medical report to the cloud server by the same way. For
simplicity, we just consider one-way communication in our schemes.
7 SYSTEM TESTING
o Unit Testing.
o Integration Testing.
o User Acceptance Testing.
o Output Testing.
o Validation Testing.
Unit Testing
Unit testing focuses verification effort on the smallest unit of Software design that is the
module. Unit testing exercises specific paths in a module’s control structure to ensure
complete coverage and maximum error detection. This test focuses on each module
individually, ensuring that it functions properly as a unit. Hence, the naming is Unit Testing.
During this testing, each module is tested individually and the module interfaces are
verified for the consistency with design specification. All-important processing path are
tested for the expected results. All error handling paths are also tested.
Integration Testing
Integration testing addresses the issues associated with the dual problems of verification
and program construction. After the software has been integrated a set of high order tests are
conducted. The main objective in this testing process is to take unit tested modules and builds
a program structure that has been dictated by design.
2. Bottom-up Integration
This method begins the construction and testing with the modules at the lowest level
in the program structure. Since the modules are integrated from the bottom up, processing
required for modules subordinate to a given level is always available and the need for stubs is
eliminated. The bottom up integration strategy may be implemented with the following steps:
The low-level modules are combined into clusters into clusters that perform a
specific Software sub-function.
A driver (i.e.) the control program for testing is written to coordinate test case input
and output.
The cluster is tested.
Drivers are removed and clusters are combined moving upward in the program
structure
The bottom up approaches test each module individually and then each module is
module is integrated with a main module and tested for functionality.
After performing the validation testing, the next step is output testing of the proposed
system, since no system could be useful if it does not produce the required output in the
specified format. Asking the users about the format required by them tests the outputs
generated or displayed by the system under consideration. Hence the output format is
considered in 2 ways – one is on screen and another in printed format.
Validation Checking
Validation checks are performed on the following fields.
Text Field
The text field can contain only the number of characters lesser than or equal to its
size. The text fields are alphanumeric in some tables and alphabetic in other tables. Incorrect
entry always flashes and error message.
Numeric Field
The numeric field can contain only numbers from 0 to 9. An entry of any character
flashes an error message. The individual modules are checked for accuracy and what it has to
perform. Each module is subjected to test run along with sample data. The individually
tested modules are integrated into a single system. Testing involves executing the real data
information is used in the program the existence of any program defect is inferred from the
output. The testing should be planned so that all the requirements are individually tested.A
successful test is one that gives out the defects for the inappropriate data and produces and
output revealing the errors in the system.
Live test data are those that are actually extracted from organization files. After a
system is partially constructed, programmers or analysts often ask users to key in a set of data
from their normal activities. Then, the systems person uses this data as a way to partially test
the system. In other instances, programmers or analysts extract a set of live data from the files
and have them entered themselves.
Whenever a new system is developed, user training is required to educate them about
the working of the system so that it can be put to efficient use by those for whom the system
has been primarily designed. For this purpose the normal working of the project was
demonstrated to the prospective users. Its working is easily understandable and since the
expected users are people who have good knowledge of computers, the use of this system is
very easy.
7.3 MAINTAINENCE
This covers a wide range of activities including correcting code and design errors. To
reduce the need for maintenance in the long run, we have more accurately defined the user’s
requirements during the process of system development. Depending on the requirements, this
system has been developed to satisfy the needs to the largest possible extent. With
development in technology, it may be possible to add many more features based on the
requirements in future. The coding and designing is simple and easy to understand which will
make maintenance easier.
TESTING STRATEGY
A strategy for system testing integrates system test cases and design techniques into a
well-planned series of steps that results in the successful construction of software. The testing
strategy must co-operate test planning, test case design, test execution, and the resultant data
collection and evaluation .A strategy for software testing must accommodate low-level
tests that are necessary to verify that a small source code segment has been correctly
implemented as well as high level tests that validate major system functions against user
requirements.
Software testing is a critical element of software quality assurance and represents the
ultimate review of specification design and coding. Testing represents an interesting anomaly
for the software. Thus, a series of testing are performed for the proposed system before the
system is ready for user acceptance testing.
SYSTEM TESTING
Software once validated must be combined with other system elements (e.g.
Hardware, people, database). System testing verifies that all the elements are proper and that
overall system function performance is achieved. It also tests to find discrepancies between
the system and its original objective, current specifications and system documentation.
UNIT TESTING
In unit testing different are modules are tested against the specifications produced
during the design for the modules. Unit testing is essential for verification of the code
produced during the coding phase, and hence the goals to test the internal logic of the
modules. Using the detailed design description as a guide, important Conrail paths are tested
to uncover errors within the boundary of the modules. This testing is carried out during the
programming stage itself. In this type of testing step, each module was found to be working
satisfactorily as regards to the expected output from the module.
In Due Course, latest technology advancements will be taken into consideration. As
part of technical build-up many components of the networking system will be generic in
nature so that future projects can either use or interact with this. The future holds a lot to
offer to the development and refinement of this project.
8 RESULTS
PROPOSED SYSTEM
In the proposed system, the system proposes a Secure and Efficient Dynamic Searchable
Symmetric Encryption (SEDSSE) scheme over medical cloud data. This work extends and
improves our previous research [15]. Specifically, this paper addresses two new issues: the
collusion between the cloud server and search users as well as different secret key
distribution among search users. In addition, we apply the new design to the health care
system. Furthermore, the security and performance are analyzed. The original
contributions of the paper are:
Firstly, the system combines the k-Nearest Neighbor (kNN) and Attribute-Based
Encryption (ABE) techniques to propose a Secure and Efficient Dynamic Searchable
Symmetric Encryption scheme, named SEPSSE I. The proposed scheme can achieve
forward privacy, backward privacy, and collusion resistance between the cloud server and
search users.
Secondly, based on the scheme, we further propose an enhanced scheme, named SEPSSE II
to solve the key sharing problem which widely exists in the kNN based searchable
encryption schemes. Compared with the existing DSSE schemes, our proposed schemes are
have less storage costs, search and updating complexity. Extensive experiments demonstrate
the efficiency of our schemes in term of storage overhead, index building, trapdoor
generating and query.
Advantages
The system implemented very strong security scheme of Privacy protection of
documents, indexes and trapdoors.
The system provides Collusion resistance between the cloud server and search
Users.
9 CONCLUSIONS
In this paper, we propose two dynamic searchable encryption schemes with high
security level. The first one can not only achieve collusion resistance between the cloud
server and search users, but also can achieve both forward privacy and backward privacy.
The second one further solves the key sharing problem which widely exists in the kNN based
searchable encryption scheme. Performance evaluation demonstrates that the proposed
schemes can achieve better efficiency than the existing works in terms of storage, search and
updating complexity. Extensive experiments demonstrate the efficiency of our schemes in
term of storage overhead, index building, trapdoor generating and query.
SCREENSHOTS
BIBLOGRAPHY
References for the Project Development were taken from the following
Books and Web Sites.
Oracle
HTML
JDBC
REFERENCES
[1] M. Li, S. Yu, K. Ren, and W. Lou, “Securing personal health records in cloud computing:
Patient-centric and fine-grained data access control in multi-owner settings,” in Security and
Privacy in Communication Networks. Springer, 2010, pp. 89–106.
[2] A. M.-H. Kuo, “Opportunities and challenges of cloud computing to improve health care
services,” Journal of medical Internet research, vol. 13, no. 3, 2011.
[3] M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, “Scalable and secure sharing of personal
health records in cloud computing using attribute-based encryption,” IEEE Transactions on
Parallel and Distributed Systems, vol. 24, no. 1, pp. 131–143, 2013.
[5] H. Liang, L. X. Cai, D. Huang, X. Shen, and D. Peng, “An smdp based service model for
interdomain resource allocation in mobile cloud networks,” IEEE Transactions on Vehicular
Technology, vol. 61, no. 5, pp. 2222–2232, 2012.
[7] Q. Shen, X. Liang, X. Shen, X. Lin, and H. Luo, “Exploiting geo distributed clouds for e-
health monitoring system with minimum service delay and privacy preservation,” IEEE
Journal of Biomedical and Health Informatics, vol. 18, no. 2, pp. 430–439, 2014.
[8] C. Wang, N. Cao, K. Ren, and W. Lou, “Enabling secure and efficient ranked keyword
search over outsourced cloud data,” IEEE Transactions on Parallel and Distributed Systems,
vol. 23, no. 8, pp. 1467–1479, 2012.
[9] W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y. T. Hou, and H. Li, “Verifiable privacy-
preserving multi-keyword text search in the cloud supporting similarity-based ranking,” IEEE
Transactions on Parallel and Distributed Systems, vol. 25, no. 11, pp. 3025–3035, 2014.
[10] J. Yu, P. Lu, Y. Zhu, G. Xue, and M. Li, “Towards secure multi keyword top-k retrieval
over encrypted cloud data,” IEEE Transactions on Dependable and Secure Computing, vol.
10, no. 4, pp. 239–250, 2013. [11] N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, “Privacy-
preserving multi keyword ranked search over encrypted cloud data,” IEEE Transactions on
Parallel and Distributed Systems, vol. 25, no. 1, pp. 222–233, 2014.
[14] D. Cash, A. K¨upc¸¨u, and D. Wichs, “Dynamic proofs of retrievability via oblivious
ram,” in Advances in Cryptology–EUROCRYPT. Springer, 2013, pp. 279–295.
[15] Y. Yang, H. Li, L. Wenchao, H. Yang, and W. Mi, “Secure dynamic searchable
symmetric encryption with constant document update cost,” in Proceedings of GLOBECOM.
IEEE, 2014, pp. 775–780.
[16] S. Luo, J. Hu, and Z. Chen, “Ciphertext policy attribute-based proxy re encryption,” in
Information and Communications Security. Springer, 2010, pp. 401–415.
[17] R. Brinkman, Searching in encrypted data. University of Twente, 2007. [18] Y. Ishai, E.
Kushilevitz, R. Ostrovsky, and A. Sahai, “Cryptography from anonymity,” in 47th Annual
IEEE Symposium on Foundations of Computer Science, 2006, pp. 239–248.
[19] J. Zobel and A. Moffat, “Exploring the similarity space,” in ACM SIGIR Forum, vol. 32,
no. 1, 1998, pp. 18–34.
[20] W. K. Wong, D. W.-l. Cheung, B. Kao, and N. Mamoulis, “Secure kNN computation on
encrypted databases,” in Proceedings of ACM SIGMOD International Conference on
Management of data, 2009, pp. 139–152.
[23] P. Golle, J. Staddon, and B. Waters, “Secure conjunctive keyword search over
encrypted data,” in Applied Cryptography and Network Security. Springer, 2004, pp. 31–45.
[24] D. Boneh and B. Waters, “Conjunctive, subset, and range queries on encrypted data,” in
Theory of cryptography. Springer, 2007, pp. 535– 554.
[25] C. Wang, K. Ren, S. Yu, and K. M. R. Urs, “Achieving usable and privacy-assured
similarity search over outsourced cloud data,” in Proceedings of IEEE INFOCOM, 2012, pp.
451–459. [
26] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, “Public key encryption with
keyword search,” in Advances in Cryptology–Eurocrypt. Springer, 2004, pp. 506–522.
[27] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric
encryption: improved definitions and efficient constructions,” in Proceedings o ACM CCS,
2006, pp. 79—88.
[28] K. Ren, C. Wang, and Q. Wang, “Security challenges for the public cloud,” IEEE
Internet Computing, vol. 16, no. 1, pp. 69–73, Jan 2012.
[29] D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on encrypted
data,” in IEEE Symposium on Security and Privacy, 2000, pp. 44–55.
[30] F. Hahn and F. Kerschbaum, “Searchable encryption with secure and efficient updates,”
in Proceedings of CCS. ACM, 2014, pp. 310–320.