Secure and controllable k-NN query over encrypted cloud data with key confidentiality

To enjoy the advantages of cloud service while preserving security and privacy, huge data are increasingly outsourced to cloud in encrypted form. Unfortunately, most conventional encryption schemes cannot smoothly support encrypted data analysis and processing. As a significant topic, several scheme...

Full description

Saved in:
Bibliographic Details
Published inJournal of parallel and distributed computing Vol. 89; pp. 1 - 12
Main Authors Zhu, Youwen, Huang, Zhiqiu, Takagi, Tsuyoshi
Format Journal Article
LanguageEnglish
Published Elsevier Inc 01.03.2016
Subjects
[formula omitted]-nearest neighbors
Cloud computing
Privacy
Query
Cloud computing
Privacy
Query
k-nearest neighbors
Online AccessGet full text

Cover

More Information
Summary:To enjoy the advantages of cloud service while preserving security and privacy, huge data are increasingly outsourced to cloud in encrypted form. Unfortunately, most conventional encryption schemes cannot smoothly support encrypted data analysis and processing. As a significant topic, several schemes have been recently proposed to securely compute k-nearest neighbors (k-NN) on encrypted data being outsourced to cloud server (CS). However, most existing k-NN search methods assume query users (QUs) are fully-trusted and know the key of data owner (DO) to encrypt/decrypt outsourced database. It is not realistic in many situations. In this paper, we propose a new secure k-NN query scheme on encrypted cloud data. Our approach simultaneously achieves: (1) data privacy against CS: the encrypted database can resist potential attacks of CS, (2) key confidentiality against QUs: to avoid the problems caused by key-sharing, QUs cannot learn DO’s key, (3) query privacy against CS and DO: the privacy of query points is preserved as well, (4) query controllability: QUs cannot launch a feasible k-NN query for any new point without approval of DO. We provide theoretical guarantees for security and privacy properties, and show the efficiency of our scheme through extensive experiments. •We present a new scheme for encrypting the outsourced database and query points.•The new scheme can effectively support k-nearest neighbor computation while preserving data privacy and query privacy.•The new scheme enables data owner to keep his key in private, instead of sharing the key with query users.•In the new scheme, query users cannot launch any feasible k-nearest neighbor query without approval of data owner.•Experimental results validate the efficiency of the new approach.
ISSN:0743-7315
1096-0848
DOI:10.1016/j.jpdc.2015.11.004