CN111026754A - Safe and efficient circular range data uploading and querying method, corresponding storage medium and electronic device - Google Patents
Safe and efficient circular range data uploading and querying method, corresponding storage medium and electronic device Download PDFInfo
- Publication number
- CN111026754A CN111026754A CN201911237131.0A CN201911237131A CN111026754A CN 111026754 A CN111026754 A CN 111026754A CN 201911237131 A CN201911237131 A CN 201911237131A CN 111026754 A CN111026754 A CN 111026754A
- Authority
- CN
- China
- Prior art keywords
- data
- index
- query
- node
- trapdoor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2228—Indexing structures
- G06F16/2246—Trees, e.g. B+trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2228—Indexing structures
- G06F16/2264—Multidimensional index structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computational Linguistics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a safe and efficient circular range uploading and inquiring method, a corresponding storage medium and an electronic device. The invention constructs an index for a two-dimensional data set by using the SS tree, and provides a safe and efficient circular intersection judging method. The method comprises a plurality of clients and a cloud storage system, wherein the clients are connected with the cloud storage system through a network respectively.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a safe and efficient circular range data uploading and inquiring method, a corresponding storage medium and an electronic device.
Background
With the rapid development of network technologies and communication devices, more and more data are stored in the cloud storage system. However, data privacy issues have become one of the main reasons that hinder outsourced storage of data. After the data is stored in the cloud storage system, a data owner loses direct control over the data, and the data in the cloud storage system faces the threat of external network attack, so that confidential information can be leaked. A simple method is to encrypt sensitive data and upload the encrypted data to a cloud storage system, and when data needs to be inquired, all ciphertext data are downloaded to the local, and are retrieved after being decrypted. Obviously, the process is extremely inefficient, has high requirements on the storage capacity and the computing capacity of the client, and is not suitable for a big data application scenario.
A circular area query is a commonly used query type based on two-dimensional data (e.g., geographic location, etc.), and the query condition is a circular area, and the query result is the two-dimensional data in the area. Currently, a safe retrieval method supporting circular range query is mainly based on predicate encryption technology (for example, Wang, b., Li, m., Wang, h., & Li, h.circular ranging search on encrypted specific data.in CNS, pp.182-190(2015) and Wang, b., Li, m., & Wang, h.geographic ranging search on encrypted specific data.GIFs,11 (4)), pp.704-719(2016)), but the query efficiency of the method is low.
The chinese patent application CN201610113032.1 discloses a circular range search method for encrypted spatial data, which generates a search token according to a target circular range and uploads the search token to a cloud server, wherein the search token includes two squares respectively inscribed and circumscribed with the target circle. And the cloud server searches according to the search token to obtain an intermediate search result and sends the intermediate search result to the trusted third party, the trusted third party filters the intermediate search result to obtain a final search result, and the final search result is encrypted again and then sent to the user. The method needs multi-party participation, and the query efficiency is still low.
In the tree structured query, similar search trees (SS trees, White, D.A., & Jain, R.Similary indexing with the SS-tree. in ICDE, pp.516-523(1996)) improve the R tree, and the surrounding circle is used to replace the shape of the minimum surrounding rectangle to represent the area, thereby improving the performance of the nearest neighbor query. However, there is no record of applying the SS tree to ciphertext cloud storage system queries.
Therefore, a safe and efficient round range query method and system are designed and realized, and the method and system are very important for improving the confidentiality and the usability of the ciphertext cloud storage system.
Disclosure of Invention
In view of the above problem, the present invention provides a safe and efficient circular range data uploading and querying method, a corresponding storage medium, and an electronic device. The invention constructs an index for a two-dimensional data set by using an SS tree, and provides a safe and efficient circular range data uploading and inquiring method, a corresponding storage medium and an electronic device. Based on the method, the cloud storage system can quickly search the SS tree, effectively protect the two-dimensional data and the privacy of the query condition, and meanwhile, realize the round range query of the mass ciphertext two-dimensional data.
In order to achieve the purpose, the invention adopts the following technical scheme:
a safe and efficient circular range data uploading method for clients is suitable for a network formed by a plurality of clients and a cloud storage system, and comprises the following steps:
1) constructing data into SS tree indexes, representing each node of the SS tree as an index circular vector, and generating an initial index;
2) and uploading ciphertext data obtained by encrypting the data and a security index obtained by encrypting the initial index to a cloud storage system.
Further, the index circular vector I ═ (a)2+b2-c2,-2a,-2b,-2c,1)TWherein (a, b) is the circle center of the circle corresponding to the node, and c is the radius of the circle corresponding to the node.
Further, the encryption method of the data is an SMS4 encryption algorithm or an AES256 encryption algorithm.
Further, the encryption method of the initial index is a matrix encryption algorithm.
A safe and efficient round range data query method for clients is suitable for a network consisting of a plurality of clients and a cloud storage system, and comprises the following steps:
1) expressing the query condition as a trapdoor circular vector, encrypting the generated initial trapdoor into a safety trapdoor, uploading the safe trapdoor to a cloud storage system, and querying data uploaded by the method by the cloud storage system according to the safety index and the safety trapdoor to obtain ciphertext query data;
2) and receiving the ciphertext query data, and decrypting to obtain the required data.
Further, the trapdoor circular vector T ═ 1, x, y, z, x2+y2-z2)TAnd (x, y) is the center of the circle corresponding to the query condition, and z is the radius of the circle corresponding to the query condition.
Further, the step of querying the ciphertext query data comprises:
1) starting a search from a root node of the SS tree;
2) if a certain non-leaf node of the SS tree is intersected with the query condition, continuing to search the child node of the SS tree, otherwise, stopping searching the branch;
3) and if a certain leaf node of the SS tree is intersected with the query condition, returning ciphertext query data contained in the certain leaf node to the client, otherwise, ignoring the leaf node.
Further, the intersection with the query condition meansWhereinIn order to construct a vector for the security index,and constructing a vector for the safety trap door.
A storage medium having a computer program stored therein, wherein the computer program is arranged to perform the above method when executed.
An electronic device comprising a memory and a processor, wherein the memory stores a program for performing the steps of the above method.
Compared with the existing data query method, the method has the following advantages:
the invention simultaneously ensures the confidentiality and the availability of the sensitive data, and can search the data on the premise of not decrypting the ciphertext data through a safe retrieval technology. When data are uploaded, a data owner additionally constructs a security index for sensitive data, and the ciphertext data and the security index are stored in a cloud storage system together. When the data is queried, the data retriever constructs a safety trap door for the query condition and sends the safety trap door to the cloud storage system. And then, the cloud storage system searches by using the security index and the security trapdoor, and returns the ciphertext data meeting the query condition to the data searcher. The process does not reveal the content of sensitive data and query conditions, and most of the computing work is done by the cloud storage system.
Drawings
FIG. 1 is a diagram of a scenario for secure and efficient round range querying in accordance with the present invention;
FIG. 2 is a system block diagram of the safe and efficient round range query of the present invention;
FIG. 3 is a flow diagram of a secure index construction for a secure and efficient round range query of the present invention;
FIG. 4 is a query flow diagram of the secure and efficient round range query of the present invention;
fig. 5 is an SS tree constructed in an embodiment of the present invention.
Detailed Description
The features of the various aspects of the present invention are described in detail below with reference to the attached drawing figures, but do not limit the scope of the invention in any way.
The round range query method based on the SS tree is realized through a client and a cloud storage system, and comprises the following steps:
1. the client side respectively generates a key for encrypting and decrypting the two-dimensional data and a key for encrypting the initial index and the initial trapdoor;
preferably, the client may perform encryption and decryption operations on the two-dimensional data using any secure and reliable encryption algorithm, such as SMS4, AES256, and the like.
Preferably, the client may perform an encryption operation on the initial index and the initial trapdoor by using any encryption algorithm that keeps the vector inner product positive and negative, such as a matrix encryption algorithm.
2. The client constructs an SS tree index for the two-dimensional data set, where each node corresponds to a circle.
3. And the client represents each node of the SS tree in a vector form and generates an initial index.
Preferably, the circle corresponding to the node has a center (a, b) and a radius c, and a vector I is constructed according to a, b, and c:
I=(a2+b2-c2,-2a,-2b,-2c,1)T
4. and the client side encrypts each vector in the initial index respectively to generate a security index.
5. And the client side encrypts each two-dimensional data respectively and then sends the ciphertext two-dimensional data and the safety cable to the cloud storage system.
6. When two-dimensional data in a certain circular area needs to be queried, a client represents a query condition in a vector form, and an initial trapdoor is generated.
Preferably, the center of the circle corresponding to the query condition is (x, y), the radius is z, and the vector Q is constructed according to x, y, z:
T=(1,x,y,z,x2+y2-z2)T
7. and encrypting the initial trapdoor by the client to obtain the safe trapdoor.
8. And the client sends the security trapdoor to the cloud storage system.
9. After receiving the security trap door, the cloud storage system uses the security index and the security trap door to search. The searching process is the same as that of the SS tree, starting from a root node, if a certain non-leaf node is intersected with the query condition, continuing to search the child node, and otherwise, stopping searching the branch; if a certain leaf node is intersected with the query condition, returning the ciphertext two-dimensional data contained in the certain leaf node to the client, otherwise, ignoring the leaf node.
Preferably, (a-x) if the circle corresponding to the node (circle center (a, b), radius c) intersects with the circle corresponding to the query condition (circle center (x, y), radius z)2+(b-y)2≤(c+z)2. In particular, the amount of the solvent to be used,
I·T=(a2+b2-c2)-2ax-2by-2cz+(x2+y2-z2)=(a-x)2+(b-y)2-(c+z)2
if it is notThe node intersects the query condition, otherwise it does not. WhereinIn order to construct a vector for the security index,and constructing a vector for the safety trap door.
10. And the client decrypts the ciphertext two-dimensional data sent by the cloud storage system.
The round range query system based on the SS tree comprises a plurality of clients and a cloud storage system, wherein the clients are respectively connected with the cloud storage system through a network, each client comprises a security module, an index operation module and a trapdoor operation module, the cloud storage system comprises a query server and a ciphertext storage server, and the round range query system comprises:
the security module is mainly used for performing encryption and decryption operations on the two-dimensional data and performing encryption operations on the initial index and the initial trap door;
the index operation module is mainly used for constructing an SS tree and generating an initial index, and after the two-dimensional data and the initial index are encrypted by the security module, the two-dimensional data of the ciphertext and the security index are initiated and sent to the cloud storage system;
the trapdoor operation module is mainly used for generating an initial trapdoor, and after the initial trapdoor is encrypted by the security module, the security trapdoor is sent to the cloud storage system;
the query server is mainly used for storing the security index, performing query operation by using the security index and the security trapdoor, and sending an identifier id corresponding to the two-dimensional data meeting the query condition to the ciphertext storage server;
the ciphertext storage server is mainly used for storing ciphertext two-dimensional data and returning the ciphertext two-dimensional data corresponding to the identification id sent by the query server to the client.
Further, the security module comprises a two-dimensional data encryption and decryption component and an index trapdoor encryption component, wherein:
the two-dimensional data encryption and decryption component is mainly used for generating a key and related parameters required by encryption and decryption of two-dimensional data, and encrypting and decrypting the two-dimensional data needing encryption and decryption;
the index trapdoor encryption component is mainly used for generating keys and related parameters required by encrypting the initial index and the initial trapdoor and encrypting the initial index and the initial trapdoor which need to be encrypted.
Further, the index operation module in turn comprises an index tree construction component, an initial index construction component, and a transmission component, wherein:
the index tree construction component is mainly used for constructing an SS tree for a two-dimensional data set;
the initial index construction component mainly represents each node of the SS tree generated by the index tree construction component into a vector form to generate an initial index;
the transmission component is mainly used for sending the encrypted ciphertext two-dimensional data, the security index and other information of the security module to the cloud storage system.
Further, the trapdoor operating module in turn comprises an initial trapdoor construction assembly and a transmission assembly, wherein:
the initial trapdoor construction component is mainly used for constructing an initial trapdoor for the query condition;
the transmission component is mainly used for sending the security trap door encrypted by the security module to the cloud storage system.
As shown in fig. 1, the method involves a user, a cloud storage system:
1. the user: and the user submits the ciphertext two-dimensional data and the secure index to a cloud storage system for the owner and the searcher of the data, and generates a secure trapdoor for the query condition during query.
The cloud storage system comprises: the cloud storage system comprises an inquiry server and a ciphertext storage server, the inquiry server sends an identification id corresponding to the two-dimensional data meeting the inquiry condition to the ciphertext storage server, and then the ciphertext storage server returns the ciphertext two-dimensional data corresponding to the identification id to the client, so that ciphertext two-dimensional data, safety index storage service and ciphertext retrieval service are provided for a user.
The structure of the safe and efficient circular range uploading and querying system provided by the invention is shown in fig. 2 and comprises a cloud storage system and a plurality of clients which are connected through a network. The cloud storage system comprises a query server and a ciphertext storage server, and each client comprises a security module, an index operation module and a trapdoor operation module. The security module comprises a two-dimensional data encryption and decryption component and an index trapdoor encryption component; the index operation module comprises an index tree construction component, an initial index construction component and a transmission component; the trapdoor operation module comprises an initial trapdoor construction assembly and a transmission assembly.
The safe and efficient circular range uploading and inquiring method provided by the invention comprises three core scenes:
first, system initialization
The client generates a key and associated parameters for the encryption and decryption operations. The encryption and decryption of the two-dimensional data can use any secure and reliable encryption algorithm, such as SMS4, AES256 and the like; the encryption initial index and the initial trapdoor can use any encryption algorithm that keeps the vector inner product positive and negative, such as a matrix encryption algorithm and the like.
Second, safety index structure
The flow of the security index construction of the present invention is shown in FIG. 3. In particular, the amount of the solvent to be used,
1. the client constructs an SS tree index for the two-dimensional data set.
2. And the client represents each node of the SS tree in a vector form and generates an initial index. Assuming that the circle center of a circle corresponding to a certain node is (a, b) and the radius is c, constructing a vector I according to the a, b and c:
I=(a2+b2-c2,-2a,-2b,-2c,1)T
3. the client side encrypts each vector I in the initial index respectively to generate a security index
4. And the client side encrypts each two-dimensional data respectively and then sends the ciphertext two-dimensional data and the safety cable to the cloud storage system.
Three, round range query
The query flow of the present invention is shown in fig. 4. In particular, the amount of the solvent to be used,
1. the client represents the query condition in a vector form to generate an initial trap door. Assuming that the circle center of the circle corresponding to the query condition is (x, y) and the radius is z, constructing a vector Q according to the x, y and z:
T=(1,x,y,z,x2+y2-z2)T
3. And the client sends the security trapdoor to the cloud storage system.
4. After the cloud storage system receives the security trap door, the security index is searched from the root node. For non-leaf nodes, ifContinuing to search the child nodes, otherwise stopping searching the branch; for leaf node, ifAnd returning the ciphertext two-dimensional data contained in the node to the client, otherwise, ignoring the node.
5. And the client decrypts the ciphertext two-dimensional data sent by the cloud storage system.
The following is an embodiment of the present invention.
In this embodiment, the two-dimensional data to be uploaded is 4: { p1=(0,2),p2=(2,0),p3=(4,5),p4=(6,3)}。
The flow of this embodiment is as follows:
1. the client generates keys and related parameters for the AES256 encryption algorithm and the matrix encryption algorithm, respectively.
2. As shown in fig. 5, the client constructs an SS tree index for the two-dimensional data set, with an out-degree of the tree of 2. Specifically, the method comprises the following steps:
the root node root contains data of p1=(0,2),p2=(2,0),p3=(4,5),p4The circle center of the corresponding circle is (3,2) and the radius is 3.2;
the data contained in node A is { p }1=(0,2),p2The circle center of the corresponding circle is (1,1) and the radius is 1.5,;
the data contained in the node B is { p }3=(4,5),p4The circle center of the corresponding circle is (5,4), and the radius is 1.5;
the data contained in node a is { p }1The circle center of the corresponding circle is (0,2), and the radius is 0;
the node b contains data of { p }2The circle center of the corresponding circle is (2,0), and the radius is 0;
the data contained in node c is { p }3The circle center of the corresponding circle is (4,5), and the radius is 0;
the node d contains data of { p }4The circle center of the corresponding circle is (6,3), and the radius is 0.
3. And the client represents each node of the SS tree in a vector form and generates an initial index. Specifically, the method comprises the following steps:
constructing a vector I for a root node rootroot=(2.76,-6,-4,-6.4,1)T;
Constructing a vector I for node AA=(-0.25,-2,-2,-3,1)T;
Constructing a vector I for a node BB=(38.75,-10,-8,-3,1)T;
Constructing vector I for node aa=(4,0,-4,0,1)T;
Constructing a vector I for node bb=(4,-4,0,0,1)T;
Constructing vector I for node cc=(41,-8,-10,0,1)T;
Constructing vector I for node dd=(45,-12,-6,0,1)T。
4. The client side respectively encrypts each vector I in the initial index by using a matrix encryption algorithmroot,IA,IB,Ia,Ib,Ic,IdGenerating a secure index
5. The client side encrypts each two-dimensional data respectively by using an AES256 encryption algorithm, and then sends the ciphertext two-dimensional data and the safety cable to the cloud storage system.
6. Assuming that the query condition is a circle with a circle center of (3,3) and a radius of 2.5, the client represents the query condition in a vector form to generate an initial trapGate T ═ (1,3,3,2.5,11.75)T。
8. And the client sends the security trapdoor to the cloud storage system.
9. After the cloud storage system receives the security trap door, the security index is searched from the root node. Specifically, the method comprises the following steps:
for the leaf node c, the calculation results inC contains data p3Needs to be returned to the client;
In summary, the query result is { p }3And returning the ciphertext to the client by the cloud storage system.
10. The client decrypts the result returned by the cloud storage system to obtain { p3=(4,5)}。
The present invention has been described in detail by way of the form expression and the embodiment, but the specific implementation form of the present invention is not limited thereto. Various obvious changes and modifications can be made by one skilled in the art without departing from the spirit and principles of the process of the invention. The protection scope of the present invention shall be subject to the claims.
Claims (10)
1. A safe and efficient circular range data uploading method for clients is suitable for a network formed by a plurality of clients and a cloud storage system, and comprises the following steps:
1) constructing data into SS tree indexes, representing each node of the SS tree as an index circular vector, and generating an initial index;
2) and uploading ciphertext data obtained by encrypting the data and a security index obtained by encrypting the initial index to a cloud storage system.
2. The method of claim 1, wherein the indexed circular vector I ═ (a)2+b2-c2,-2a,-2b,-2c,1)TWherein (a, b) is the circle center of the circle corresponding to the node, and c is the radius of the circle corresponding to the node.
3. The method of claim 1, wherein the encryption method of the data is an SMS4 encryption algorithm or an AES256 encryption algorithm.
4. The method of claim 1, wherein the encryption method of the initial index is a matrix encryption algorithm.
5. A safe and efficient round range data query method for clients is suitable for a network consisting of a plurality of clients and a cloud storage system, and comprises the following steps:
1) expressing the query condition as a trapdoor circular vector, encrypting the generated initial trapdoor into a security trapdoor, and uploading the security trapdoor to a cloud storage system, so that the cloud storage system queries the data uploaded by the method according to any one of claims 1-4 according to the security index and the security trapdoor to obtain ciphertext query data;
2) and receiving the ciphertext query data, and decrypting to obtain the required data.
6. The method of claim 5, wherein the trapdoor circular vector T is (1, x, y, z, x)2+y2-z2)TAnd (x, y) is the center of the circle corresponding to the query condition, and z is the radius of the circle corresponding to the query condition.
7. The method of claim 5, wherein the step of querying the ciphertext query data comprises:
1) starting a search from a root node of the SS tree;
2) if a certain non-leaf node of the SS tree is intersected with the query condition, continuing to search the child node of the SS tree, otherwise, stopping searching the branch;
3) and if a certain leaf node of the SS tree is intersected with the query condition, returning ciphertext query data contained in the certain leaf node to the client, otherwise, ignoring the leaf node.
9. A storage medium having a computer program stored thereon, wherein the computer program is arranged to, when executed, perform the method according to any of claims 1-8.
10. An electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer to perform the method according to any of claims 1-8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911237131.0A CN111026754B (en) | 2019-12-05 | 2019-12-05 | Safe and efficient circular range data uploading and querying method, corresponding storage medium and electronic device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911237131.0A CN111026754B (en) | 2019-12-05 | 2019-12-05 | Safe and efficient circular range data uploading and querying method, corresponding storage medium and electronic device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111026754A true CN111026754A (en) | 2020-04-17 |
CN111026754B CN111026754B (en) | 2022-12-02 |
Family
ID=70204367
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911237131.0A Active CN111026754B (en) | 2019-12-05 | 2019-12-05 | Safe and efficient circular range data uploading and querying method, corresponding storage medium and electronic device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111026754B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103440280A (en) * | 2013-08-13 | 2013-12-11 | 江苏华大天益电力科技有限公司 | Retrieval method and device applied to massive spatial data retrieval |
CN105791283A (en) * | 2016-02-29 | 2016-07-20 | 电子科技大学 | Circle range search method specific to encrypted spatial data |
US20170139985A1 (en) * | 2015-11-12 | 2017-05-18 | Sap Se | Poly-Logarithmic Range Queries on Encrypted Data |
CN107169114A (en) * | 2017-05-12 | 2017-09-15 | 东北大学 | A kind of mass data multidimensional ordering searching method |
CN108388807A (en) * | 2018-02-28 | 2018-08-10 | 华南理工大学 | It is a kind of that the multiple key sequence that efficiently can verify that of preference search and Boolean Search is supported to can search for encryption method |
CN109815730A (en) * | 2018-12-29 | 2019-05-28 | 中国科学院软件研究所 | It is a kind of support skyline inquire can search for encryption method and system |
-
2019
- 2019-12-05 CN CN201911237131.0A patent/CN111026754B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103440280A (en) * | 2013-08-13 | 2013-12-11 | 江苏华大天益电力科技有限公司 | Retrieval method and device applied to massive spatial data retrieval |
US20170139985A1 (en) * | 2015-11-12 | 2017-05-18 | Sap Se | Poly-Logarithmic Range Queries on Encrypted Data |
CN105791283A (en) * | 2016-02-29 | 2016-07-20 | 电子科技大学 | Circle range search method specific to encrypted spatial data |
CN107169114A (en) * | 2017-05-12 | 2017-09-15 | 东北大学 | A kind of mass data multidimensional ordering searching method |
CN108388807A (en) * | 2018-02-28 | 2018-08-10 | 华南理工大学 | It is a kind of that the multiple key sequence that efficiently can verify that of preference search and Boolean Search is supported to can search for encryption method |
CN109815730A (en) * | 2018-12-29 | 2019-05-28 | 中国科学院软件研究所 | It is a kind of support skyline inquire can search for encryption method and system |
Non-Patent Citations (1)
Title |
---|
田雪等: "基于相似查询树的快速密文检索方法", 《软件学报》 * |
Also Published As
Publication number | Publication date |
---|---|
CN111026754B (en) | 2022-12-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Pasupuleti et al. | An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing | |
CN112270006A (en) | Searchable encryption method for hiding search mode and access mode in e-commerce platform | |
CN103955537A (en) | Method and system for designing searchable encrypted cloud disc with fuzzy semantics | |
Egorov et al. | ZeroDB white paper | |
Abduljabbar et al. | Privacy-preserving image retrieval in IoT-cloud | |
Shao et al. | Achieve efficient and verifiable conjunctive and fuzzy queries over encrypted data in cloud | |
JP6879311B2 (en) | Message transmission system, communication terminal, server device, message transmission method, and program | |
Yuan et al. | Towards privacy-preserving and practical image-centric social discovery | |
Peng et al. | LS-RQ: A lightweight and forward-secure range query on geographically encrypted data | |
CN109740378B (en) | Security pair index structure resisting keyword privacy disclosure and retrieval method thereof | |
CN105897419B (en) | A kind of multi-user's dynamic keyword word can search for encryption method | |
CN113132345B (en) | Agent privacy set intersection method with searchable function | |
Kabir et al. | A dynamic searchable encryption scheme for secure cloud server operation reserving multi-keyword ranked search | |
CN106874379B (en) | Ciphertext cloud storage-oriented multi-dimensional interval retrieval method and system | |
Ren et al. | Privacy-preserving ranked multi-keyword search leveraging polynomial function in cloud computing | |
EP2775420A1 (en) | Semantic search over encrypted data | |
Yan et al. | Secure and efficient big data deduplication in fog computing | |
CN116760840A (en) | Efficient data sharing method based on block chain | |
CN111026754B (en) | Safe and efficient circular range data uploading and querying method, corresponding storage medium and electronic device | |
ThandaiahPrabu et al. | An efficient and secured multiple keyword cloud data searching scheme with dynamic encryption procedure | |
Salehi et al. | RESeED: A secure regular‐expression search tool for storage clouds | |
WO2019178792A1 (en) | Ciphertext search method and system supporting access control | |
CN109582818B (en) | Music library cloud retrieval method based on searchable encryption | |
Gao et al. | Secure approximate nearest neighbor search over encrypted data | |
Handa et al. | An efficient approach for secure information retrieval on cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |