{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T09:33:28Z","timestamp":1769160808739,"version":"3.49.0"},"reference-count":59,"publisher":"SAGE Publications","issue":"2","license":[{"start":{"date-parts":[[2022,7,13]],"date-time":"2022-07-13T00:00:00Z","timestamp":1657670400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of Computer Security"],"published-print":{"date-parts":[[2023,4,6]]},"abstract":"<jats:p> Many breakthroughs on security and privacy-preserving techniques have emerged to mitigate the trust loss of cloud hosting environment caused by various types of attacks. To enhance memory-level security of multi-keyword fuzzy search, a widely occurred query request, we take the initiative to apply Trusted Execution Environment (a.k.a TEE) technology to our protocol design which provides hardware-based tamper-proof enclaves. Then we propose the Edit Distance-based Obfuscation Mechanism to further protect the query process executed outside TEE against access pattern leakage. With concerns of practicality and performance, we also propose the two-layer fuzzy index structure and Trend-aware Cache. The former addresses the space limitation of TEE memory for searching large datasets, while the latter optimizes the cache utility of TEE with trend-aware coordinator to effectively reduce the communication overhead. <\/jats:p>","DOI":"10.3233\/jcs-210145","type":"journal-article","created":{"date-parts":[[2022,7,15]],"date-time":"2022-07-15T14:58:03Z","timestamp":1657897083000},"page":"129-152","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":1,"title":["OTKI-F: An efficient memory-secure multi-keyword fuzzy search protocol"],"prefix":"10.1177","volume":"31","author":[{"given":"Ziyang","family":"Han","sequence":"first","affiliation":[{"name":"Department of Electronic and Information Engineering, Hong Kong Polytechnic University, Hong Kong SAR, China"}]},{"given":"Qingqing","family":"Ye","sequence":"additional","affiliation":[{"name":"Department of Electronic and Information Engineering, Hong Kong Polytechnic University, Hong Kong SAR, China"}]},{"given":"Haibo","family":"Hu","sequence":"additional","affiliation":[{"name":"Department of Electronic and Information Engineering, Hong Kong Polytechnic University, Hong Kong SAR, China"}]}],"member":"179","published-online":{"date-parts":[[2022,7,13]]},"reference":[{"key":"ref001","unstructured":"ARM.com, ARM TrustZone. https:\/\/www.arm.com\/products\/security-on-arm\/trustzone."},{"key":"ref002","unstructured":"J.\u00a0Aumasson and L.\u00a0Merino, SGX Secure Enclaves in Practice\u2013Security and Crypto Review, Black Hat, 2016."},{"key":"ref003","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2013.38"},{"key":"ref004","doi-asserted-by":"publisher","DOI":"10.1145\/362686.362692"},{"key":"ref005","unstructured":"M.\u00a0Blum, P.\u00a0Feldman and S.\u00a0Micali, Non-interactive zero-knowledge and its applications, in: Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, 2019, pp.\u00a0329\u2013349."},{"key":"ref006","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh, G.\u00a0Di Crescenzo, R.\u00a0Ostrovsky and G.\u00a0Persiano, Public key encryption with keyword search, in: International Conference on the Theory and Applications of Cryptographic Techniques, Springer, 2004, pp.\u00a0506\u2013522.","DOI":"10.1007\/978-3-540-24676-3_30"},{"key":"ref007","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23556-6_8"},{"key":"ref008","unstructured":"F.\u00a0Brasser, U.\u00a0M\u00fcller, A.\u00a0Dmitrienko, K.\u00a0Kostiainen, S.\u00a0Capkun and A.R.\u00a0Sadeghi, Software grand exposure: {SGX} cache attacks are practical, in: 11th USENIX Workshop on Offensive Technologies (WOOT 17), 2017."},{"key":"ref009","doi-asserted-by":"publisher","DOI":"10.1007\/11844662_6"},{"key":"ref010","doi-asserted-by":"crossref","unstructured":"D.\u00a0Cash, S.\u00a0Jarecki, C.\u00a0Jutla, H.\u00a0Krawczyk, M.C.\u00a0Ro\u015fu and M.\u00a0Steiner, Highly-scalable searchable symmetric encryption with support for Boolean queries, in: Annual Cryptology Conference, Springer, 2013, pp.\u00a0353\u2013373.","DOI":"10.1007\/978-3-642-40041-4_20"},{"key":"ref011","unstructured":"B.\u00a0Chor, O.\u00a0Goldreich, E.\u00a0Kushilevitz and M.\u00a0Sudan, Private information retrieval, in: Foundations of Computer Science, 1995. Proceedings., 36th Annual Symposium on, IEEE, 1995, pp.\u00a041\u201350."},{"key":"ref012","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCSW.2011.11"},{"issue":"086","key":"ref013","first-page":"1","volume":"2016","author":"Costan V.","year":"2016","journal-title":"IACR Cryptology ePrint Archive"},{"key":"ref014","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2011-0426"},{"key":"ref015","doi-asserted-by":"crossref","unstructured":"S.\u00a0Ding, Y.\u00a0Li, J.\u00a0Zhang, L.\u00a0Chen, Z.\u00a0Wang and Q.\u00a0Xu, An efficient and privacy-preserving ranked fuzzy keywords search over encrypted cloud data, in: 2016 International Conference on Behavioral, Economic and Socio-Cultural Computing (BESC), IEEE, 2016, pp.\u00a01\u20136.","DOI":"10.1109\/BESC.2016.7804500"},{"key":"ref016","unstructured":"S.\u00a0Eskandarian and M.\u00a0Zaharia, An oblivious general-purpose SQL database for the cloud, 2017, CoRR, arXiv:1710.00458."},{"key":"ref017","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2015.2506573"},{"key":"ref018","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2596138"},{"key":"ref019","unstructured":"C.\u00a0Gentry, A fully homomorphic encryption scheme, Stanford University, 2009."},{"key":"ref020","doi-asserted-by":"crossref","unstructured":"O.\u00a0Goldreich, Towards a theory of software protection and simulation by oblivious RAMs, in: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, ACM, 1987, pp.\u00a0182\u2013194.","DOI":"10.1145\/28395.28416"},{"key":"ref021","doi-asserted-by":"publisher","DOI":"10.1145\/116825.116852"},{"key":"ref022","unstructured":"Z.\u00a0Han, H.\u00a0Hu and Q.\u00a0Ye, ReFlat: A robust access pattern hiding solution for general cloud query processing based on K-isomorphism and hardware enclave, IEEE Transactions on Cloud Computing, 2021."},{"key":"ref023","doi-asserted-by":"publisher","DOI":"10.1109\/ASRU.2017.8268974"},{"key":"ref024","doi-asserted-by":"publisher","DOI":"10.1016\/B978-012722442-8\/50080-X"},{"key":"ref025","doi-asserted-by":"crossref","unstructured":"H.\u00a0Hu, Q.\u00a0Chen and J.\u00a0Xu, VERDICT: Privacy-preserving authentication of range queries in location-based services, in: Proc. of the 29th IEEE International Conference on Data Engineering (ICDE \u201913), IEEE, 2013, pp.\u00a01312\u20131315.","DOI":"10.1109\/ICDE.2013.6544932"},{"key":"ref026","doi-asserted-by":"crossref","unstructured":"H.\u00a0Hu, J.\u00a0Xu, X.\u00a0Xu, K.\u00a0Pei, B.\u00a0Choi and S.\u00a0Zhou, Private search on key-value stores with hierarchical indexes, in: Proc. of the 30th IEEE International Conference on Data Engineering (ICDE \u201914), IEEE, 2014, pp.\u00a0628\u2013639.","DOI":"10.1109\/ICDE.2014.6816687"},{"key":"ref027","doi-asserted-by":"crossref","unstructured":"T.\u00a0Huo, X.\u00a0Meng, W.\u00a0Wang, C.\u00a0Hao, P.\u00a0Zhao, J.\u00a0Zhai and M.\u00a0Li, Bluethunder: A 2-level Directional Predictor Based Side-Channel Attack against SGX, IACR Transactions on Cryptographic Hardware and Embedded Systems (2020), 321\u2013347.","DOI":"10.46586\/tches.v2020.i1.321-347"},{"key":"ref028","unstructured":"IBM, IBM 4758 PCI Cryptographic Coprocessor General Information Manual, 2016. ftp:\/\/www6.software.ibm.com\/software\/cryptocards\/4758gi.pdf."},{"key":"ref029","doi-asserted-by":"publisher","DOI":"10.1109\/APSCC.2012.59"},{"key":"ref030","doi-asserted-by":"crossref","unstructured":"P.\u00a0Indyk and R.\u00a0Motwani, Approximate nearest neighbors: Towards removing the curse of dimensionality, in: Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing, 1998, pp.\u00a0604\u2013613.","DOI":"10.1145\/276698.276876"},{"key":"ref031","unstructured":"Intel, IntelR 64 and IA-32 Architectures Software Developer\u2019s Manual, 2015, https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/intel-sdm.html."},{"key":"ref032","unstructured":"Intel, Intel(r) Software Guard Extensions Remote Attestation End-to-End Example, 2016. https:\/\/software.intel.com\/en-us\/articles\/intel-software-guard-extensions-remote-attestation-end-to-end-example."},{"key":"ref033","unstructured":"Intel, Intel(R) Software Guard Extensions (Intel(R) SGX). http:\/\/software.intel.com\/en-us\/sgx."},{"key":"ref034","unstructured":"Intel, Software Guard Extensions Programming Reference, 2014, https:\/\/www.intel.com\/content\/dam\/develop\/external\/us\/en\/documents\/329298-002-629101.pdf."},{"key":"ref035","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.12.001"},{"key":"ref036","doi-asserted-by":"publisher","DOI":"10.1145\/3144730.3144739"},{"key":"ref037","doi-asserted-by":"crossref","unstructured":"J.\u00a0Li, Q.\u00a0Wang, C.\u00a0Wang, N.\u00a0Cao, K.\u00a0Ren and W.\u00a0Lou, Fuzzy keyword search over encrypted data in cloud computing, in: 2010 Proceedings IEEE INFOCOM, IEEE, 2010, pp.\u00a01\u20135.","DOI":"10.1109\/INFCOM.2010.5462196"},{"key":"ref038","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2011.55"},{"key":"ref039","doi-asserted-by":"crossref","unstructured":"Y.\u00a0Luo, X.\u00a0Jia, H.\u00a0Duan, C.\u00a0Wang, M.\u00a0Xu and S.\u00a0Fu, pRide: Private ride request for online ride hailing service with secure hardware enclave, in: Proceedings of the International Symposium on Quality of Service, 2019, pp.\u00a01\u201310.","DOI":"10.1145\/3326285.3329062"},{"key":"ref040","unstructured":"M.\u00a0Mayzner, English Letter Frequency Counts: Mayzner Revisited or ETAOIN SRHLDCU, http:\/\/norvig.com\/mayzner.html."},{"key":"ref041","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00045"},{"key":"ref042","unstructured":"M.H.\u00a0Mofrad, A.\u00a0Lee and S.L.\u00a0Gray, Leveraging Intel SGX to Create a Nondisclosure Cryptographic library, 2017, arXiv preprint arXiv:1705.04706."},{"key":"ref043","unstructured":"S.\u00a0Raghavendra, C.\u00a0Geeta, K.\u00a0Shaila, R.\u00a0Buyya, K.\u00a0Venugopal, S.\u00a0Iyengar and L.\u00a0Patnaik, MSSS: Most significant single-keyword search over encrypted cloud data, in: Proceedings of the 6th Annual Intrernational Conference on ICT: BigData, Cloud and Security, 2015."},{"key":"ref044","doi-asserted-by":"crossref","unstructured":"Z.\u00a0Shen, J.\u00a0Shu and W.\u00a0Xue, Preferred keyword search over encrypted data in cloud computing, in: 2013 IEEE\/ACM 21st International Symposium on Quality of Service (IWQoS), IEEE, 2013, pp.\u00a01\u20136.","DOI":"10.1109\/IWQoS.2013.6550283"},{"key":"ref045","doi-asserted-by":"publisher","DOI":"10.1109\/IWQoS.2014.6914304"},{"key":"ref046","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00887-0_6"},{"key":"ref047","doi-asserted-by":"crossref","unstructured":"E.\u00a0Stefanov, M.\u00a0Van Dijk, E.\u00a0Shi, C.\u00a0Fletcher, L.\u00a0Ren, X.\u00a0Yu and S.\u00a0Devadas, Path ORAM: An extremely simple oblivious RAM protocol, in: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, ACM, 2013, pp.\u00a0299\u2013310.","DOI":"10.1145\/2508859.2516660"},{"key":"ref048","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2018.8485838"},{"key":"ref049","unstructured":"J.\u00a0Van Bulck, M.\u00a0Minkin, O.\u00a0Weisse, D.\u00a0Genkin, B.\u00a0Kasikci, F.\u00a0Piessens, M.\u00a0Silberstein, T.F.\u00a0Wenisch, Y.\u00a0Yarom and R.\u00a0Strackx, Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution, in: 27th USENIX Security Symposium (USENIX Security, Vol.\u00a018, 2018, pp.\u00a0991\u20131008."},{"key":"ref050","doi-asserted-by":"crossref","unstructured":"P.\u00a0Van Liesdonk, S.\u00a0Sedghi, J.\u00a0Doumen, P.\u00a0Hartel and W.\u00a0Jonker, Computationally efficient searchable symmetric encryption, in: Workshop on Secure Data Management, Springer, 2010, pp.\u00a087\u2013100.","DOI":"10.1007\/978-3-642-15546-8_7"},{"key":"ref051","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2014.6848153"},{"key":"ref052","doi-asserted-by":"publisher","DOI":"10.2298\/CSIS121104028W"},{"key":"ref053","doi-asserted-by":"publisher","DOI":"10.1007\/s13369-015-1737-3"},{"key":"ref054","doi-asserted-by":"crossref","unstructured":"Y.\u00a0Wang, L.\u00a0Liu, C.\u00a0Su, J.\u00a0Ma, L.\u00a0Wang, Y.\u00a0Yang, Y.\u00a0Shen, G.\u00a0Li, T.\u00a0Zhang and X.\u00a0Dong, CryptSQLite: Protecting Data Confidentiality of SQLite with Intel SGX, in: Networking and Network Applications (NaNA), 2017 International Conference on, IEEE, 2017, pp.\u00a0303\u2013308.","DOI":"10.1109\/NaNA.2017.48"},{"key":"ref055","unstructured":"S.\u00a0Weibo, WEIBO-INDEX, 2019, https:\/\/data.weibo.com\/index."},{"key":"ref056","doi-asserted-by":"crossref","unstructured":"C.\u00a0Xu, J.\u00a0Xu, H.\u00a0Hu and M.H.\u00a0Au, When query authentication meets fine-grained access control: A zero-knowledge approach, in: Proc. of the 2018 ACM SIGMOD International Conference on Management of Data, ACM, 2018, pp.\u00a0147\u2013162.","DOI":"10.1145\/3183713.3183741"},{"key":"ref057","doi-asserted-by":"publisher","DOI":"10.1145\/1807167.1807266"},{"issue":"3","key":"ref058","first-page":"4","volume":"36","author":"Zheng K.","year":"2010","journal-title":"Computer Engineering"},{"key":"ref059","doi-asserted-by":"crossref","unstructured":"M.\u00a0Zheng and H.\u00a0Zhou, An efficient attack on a fuzzy keyword search scheme over encrypted data, in: 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing, IEEE, 2013, pp.\u00a01647\u20131651.","DOI":"10.1109\/HPCC.and.EUC.2013.232"}],"container-title":["Journal of Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-210145","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/JCS-210145","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-210145","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,11]],"date-time":"2025-03-11T07:26:54Z","timestamp":1741678014000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/JCS-210145"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,13]]},"references-count":59,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2023,4,6]]}},"alternative-id":["10.3233\/JCS-210145"],"URL":"https:\/\/doi.org\/10.3233\/jcs-210145","relation":{},"ISSN":["0926-227X","1875-8924"],"issn-type":[{"value":"0926-227X","type":"print"},{"value":"1875-8924","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,7,13]]}}}