SECURE ACCESS CONTROL AND MULTIPLE KEYWORD SEARCH SCHEME IN CLOUD SYSTEMS

Secure search over encrypted remote data is crucial in cloud computing to guarantee the data privacy and usability. To prevent unauthorized data usage, finegrained access control is necessary in multi-user system. However, authorized user may intentionally leak the secret key for financial benefit. Thus, tracing and revoking the malicious user who abuses secret key needs to be solved imminently. In this paper, we propose a Privacy Protection Access Control and Keyword Search Scheme (PPACKS). The key escrow free mechanism could effectively prevent the key generation centre (KGC) from unscrupulously searching and decrypting all encrypted files of users. Also, the decryption process only requires ultra lightweight computation, which is a desirable feature for energy-limited devices. In addition, efficient user revocation is enabled after the malicious user is figured out. Moreover, the proposed system is able to support flexible number of attributes rather than polynomial bounded. Flexible multiple keyword subset search pattern is realized, and the change of the query keywords order does not affect the search result. Security analysis indicates that PPACKS is provably secure. Efficiency analysis and experimental results show that PPACKS improves the efficiency and greatly reduces the computation overhead of users' terminals.