{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T04:12:37Z","timestamp":1760242357280,"version":"build-2065373602"},"reference-count":36,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2017,5,9]],"date-time":"2017-05-09T00:00:00Z","timestamp":1494288000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Algorithms"],"abstract":"<jats:p>Cloud storage services allow users to efficiently outsource their documents anytime and anywhere. Such convenience, however, leads to privacy concerns. While storage providers may not read users\u2019 documents, attackers may possibly gain access by exploiting vulnerabilities in the storage system. Documents may also be leaked by curious administrators. A simple solution is for the user to encrypt all documents before submitting them. This method, however, makes it impossible to efficiently search for documents as they are all encrypted. To resolve this problem, we propose a multi-server searchable symmetric encryption (SSE) scheme and construct a system called the searchable data vault (SDV). A unique feature of the scheme is that it allows an encrypted document to be divided into blocks and distributed to different storage servers so that no single storage provider has a complete document. By incorporating the scheme, the SDV protects the privacy of documents while allowing for efficient private queries. It utilizes a web interface and a controller that manages user credentials, query indexes and submission of encrypted documents to cloud storage services. It is also the first system that enables a user to simultaneously outsource and privately query documents from a few cloud storage services. Our preliminary performance evaluation shows that this feature introduces acceptable computation overheads when compared to submitting documents directly to a cloud storage service.<\/jats:p>","DOI":"10.3390\/a10020052","type":"journal-article","created":{"date-parts":[[2017,5,9]],"date-time":"2017-05-09T11:50:48Z","timestamp":1494330648000},"page":"52","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Searchable Data Vault: Encrypted Queries in Secure Distributed Cloud Storage"],"prefix":"10.3390","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2905-688X","authenticated-orcid":false,"given":"Geong","family":"Poh","sequence":"first","affiliation":[{"name":"Information Security Lab, MIMOS Berhad, 57000 Kuala Lumpur, Malaysia"}]},{"given":"Vishnu","family":"Baskaran","sequence":"additional","affiliation":[{"name":"Faculty of Engineering, Multimedia University (MMU), 63000 Cyberjaya, Malaysia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9809-6976","authenticated-orcid":false,"given":"Ji-Jian","family":"Chin","sequence":"additional","affiliation":[{"name":"Faculty of Engineering, Multimedia University (MMU), 63000 Cyberjaya, Malaysia"}]},{"given":"Moesfa","family":"Mohamad","sequence":"additional","affiliation":[{"name":"Information Security Lab, MIMOS Berhad, 57000 Kuala Lumpur, Malaysia"}]},{"given":"Kay\u00a0Win","family":"Lee","sequence":"additional","affiliation":[{"name":"Information Security Lab, MIMOS Berhad, 57000 Kuala Lumpur, Malaysia"}]},{"given":"Dharmadharshni","family":"Maniam","sequence":"additional","affiliation":[{"name":"Information Security Lab, MIMOS Berhad, 57000 Kuala Lumpur, Malaysia"}]},{"given":"Muhammad","family":"Z\u2019aba","sequence":"additional","affiliation":[{"name":"Network Security Lab, MIMOS Berhad, 57000 Kuala Lumpur, Malaysia"}]}],"member":"1968","published-online":{"date-parts":[[2017,5,9]]},"reference":[{"key":"ref_1","unstructured":"Netwrix (2017, May 06). 2016 Cloud Security Report. Available online: https:\/\/www.netwrix.com\/2016cloud_security_report.html."},{"key":"ref_2","unstructured":"Cisco Systems, Inc. (2016). Cisco Global Cloud Index: Forecast and Methodology, 2015\u20132020, Cisco Systems, Inc."},{"key":"ref_3","unstructured":"Poh, G.S., Mohamad, M.S., and Chin, J.J. (2016, January 17\u201322). Searchable Symmetric Encryption over Multiple Servers. Proceedings of the Arctic Crypt, Longyearbyen, Norway."},{"key":"ref_4","unstructured":"Seak, S.C., Siong, N.K., Loon, W.H., and Haron, G.R. (2014, January 22\u201324). A Centralized Multimodal Unified Authentication Platform for Web-based Application. Proceedings of the World Congress on Engineering and Computer Science (WCECS) 2014, San Francisco, CA, USA."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"353","DOI":"10.1007\/978-3-642-40041-4_20","article-title":"Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries","volume":"Volume 8042","author":"Canetti","year":"2013","journal-title":"CRYPTO 2013"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"222","DOI":"10.1109\/TPDS.2013.45","article-title":"Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data","volume":"25","author":"Cao","year":"2014","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_7","unstructured":"Wobber, T., and Druschel, P. (2011). CryptDB: Protecting confidentiality with encrypted query processing. SOSP 2011, ACM."},{"key":"ref_8","unstructured":"Song, D.X., Wagner, D., and Perrig, A. (2000, January 14\u201317). Practical Techniques for Searches on Encrypted Data. Proceedings of the IEEE Symposium on Security and Privacy (S&P 2000), Berkeley, CA, USA."},{"key":"ref_9","unstructured":"Lau, B., Chung, S.P., Song, C., Jang, Y., Lee, W., and Boldyreva, A. (2014, January 20\u201322). Mimesis Aegis: A Mimicry Privacy Shield-A System\u2019s Approach to Data Privacy on Public Cloud. Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Pappas, V., Krell, F., Vo, B., Kolesnikov, V., Malkin, T., Choi, S.G., George, W., Keromytis, A.D., and Bellovin, S. (2014, January 18\u201321). Blind Seer: A Scalable Private DBMS. Proceedings of the IEEE Symposium on Security and Privacy (S&P 2014), San Jose, CA, USA.","DOI":"10.1109\/SP.2014.30"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Fisch, B.A., Vo, B., Krell, F., Kumarasubramanian, A., Kolesnikov, V., Malkin, T., and Bellovin, S.M. (2015, January 17\u201321). Malicious-Client Security in Blind Seer: A Scalable Private DBMS. Proceedings of the IEEE Symposium on Security and Privacy (S&P 2015), San Jose, CA, USA.","DOI":"10.1109\/SP.2015.31"},{"key":"ref_12","unstructured":"Popa, R.A., Stark, E., Valdez, S., Helfer, J., Zeldovich, N., and Balakrishnan, H. (2014, January 2\u20134). Building Web Applications on Top of Encrypted Data Using Mylar. Proceedings of the 11th USENIX Symposium on Networked Systems Design and Implementation, Seattle, WA, USA."},{"key":"ref_13","unstructured":"Networks, S. (2016, May 06). Skyhigh Networks: Cloud Security Software. Available online: https:\/\/www.skyhighnetworks.com\/."},{"key":"ref_14","unstructured":"CipherCloud (2016, May 06). CipherCloud: Enterprise Cloud Security. Available online: https:\/\/www.ciphercloud.com\/."},{"key":"ref_15","unstructured":"Bitglass (2016, May 06). Bitglass: Cloud Access Security Broker. Available online: http:\/\/www.bitglass.com\/."},{"key":"ref_16","unstructured":"Ray, I., Li, N., and Kruegel, C. (2015). Leakage-Abuse Attacks Against Searchable Encryption. ACM CCS 2015, ACM."},{"key":"ref_17","unstructured":"Goh, E.J. (2016, May 06). Secure Indexes. IACR Cryptology ePrint Archive, Report 2003\/216. Available online: http:\/\/eprint.iacr.org\/2003\/216\/."},{"key":"ref_18","first-page":"442","article-title":"Privacy Preserving Keyword Searches on Remote Encrypted Data","volume":"Volume 3531","author":"Ioannidis","year":"2005","journal-title":"ACNS 2005"},{"key":"ref_19","unstructured":"Juels, A., Wright, R.N., and di Vimercati, S.D.C. (2006). Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions. ACM CCS 2006, ACM."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"577","DOI":"10.1007\/978-3-642-17373-8_33","article-title":"Structured Encryption and Controlled Disclosure","volume":"Volume 6477","author":"Abe","year":"2010","journal-title":"ASIACRYPT 2010"},{"key":"ref_21","first-page":"258","article-title":"Parallel and Dynamic Searchable Symmetric Encryption","volume":"Volume 7859","author":"Sadeghi","year":"2013","journal-title":"FC\u201913"},{"key":"ref_22","unstructured":"Yu, T., Danezis, G., and Gligor, V.D. (2012). Dynamic Searchable Symmetric Encryption. ACM CCS\u201912, ACM."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Cash, D., Jaeger, J., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M.C., and Steiner, M. (2014, January 23\u201326). Dynamic Searchable Encryption in Very Large Databases: Data Structures and Implementation. Proceedings of the 2014 Network and Distributed System Security (NDSS) Symposium, San Diego, CA, USA.","DOI":"10.14722\/ndss.2014.23264"},{"key":"ref_24","unstructured":"Kurosawa, K., and Ohtaki, Y. (2017, May 09). How to Construct UC-Secure Searchable Symmetric Encryption Scheme. Available online: https:\/\/pdfs.semanticscholar.org\/bdbb\/d27c0cda8f05419565cfc20b8ce953515047.pdf."},{"key":"ref_25","first-page":"137","article-title":"Verifiable Structured Encryption","volume":"Volume 7763","author":"Kutylowski","year":"2012","journal-title":"Inscrypt\u201912"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Naveed, M., Prabhakaran, M., and Gunter, C.A. (2014, January 18\u201321). Dynamic Searchable Encryption via Blind Storage. Proceedings of the IEEE Symposium on Security and Privacy (S&P 2014), San Jose, CA, USA.","DOI":"10.1109\/SP.2014.47"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Stefanov, E., Papamanthou, C., and Shi, E. (2014, January 23\u201326). Practical Dynamic Searchable Encryption with Small Leakage. Proceedings of the 2014 Network and Distributed System Security (NDSS) Symposium, San Diego, CA, USA.","DOI":"10.14722\/ndss.2014.23298"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"B\u00f6sch, C., Peter, A., Leenders, B., Lim, H.W., Tang, Q., Wang, H., Hartel, P.H., and Jonker, W. (2014, January 23\u201324). Distributed Searchable Symmetric Encryption. Proceedings of the Twelfth Annual Conference on Privacy, Security and Trust (PST), Toronto, ON, Canada.","DOI":"10.1109\/PST.2014.6890956"},{"key":"ref_29","first-page":"1190","article-title":"Private Large-Scale Databases with Distributed Searchable Symmetric Encryption","volume":"2015","author":"Ishai","year":"2015","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_30","unstructured":"Park, J., and Squicciarini, A.C. (2015). Distributed Search over Encrypted Big Data. ACM CODASPY 2015, ACM."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"506","DOI":"10.1007\/978-3-540-24676-3_30","article-title":"Public Key Encryption with Keyword Search","volume":"Volume 3027","author":"Cachin","year":"2004","journal-title":"EUROCRYPT 2004"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Gentry, C. (2009). A Fully Homomorphic Encryption Scheme. [Ph.D. Thesis, Stanford University].","DOI":"10.1145\/1536414.1536440"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"431","DOI":"10.1145\/233551.233553","article-title":"Software Protection and Simulation on Oblivious RAMs","volume":"43","author":"Goldreich","year":"1996","journal-title":"J. ACM"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Stefanov, E., and Shi, E. (2013, January 19\u201322). ObliviStore: High Performance Oblivious Cloud Storage. Proceedings of the IEEE Symposium on Security and Privacy (S&P 2013), San Francisco, CA, USA.","DOI":"10.1109\/SP.2013.25"},{"key":"ref_35","first-page":"18","article-title":"A Survey of Provably Secure Searchable Encryption","volume":"47","author":"Hartel","year":"2014","journal-title":"ACM Comput. Surv."},{"key":"ref_36","unstructured":"Storage, I. (2017, May 06). Ceph. Available online: http:\/\/ceph.com\/."}],"container-title":["Algorithms"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-4893\/10\/2\/52\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T18:35:11Z","timestamp":1760207711000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-4893\/10\/2\/52"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5,9]]},"references-count":36,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2017,6]]}},"alternative-id":["a10020052"],"URL":"https:\/\/doi.org\/10.3390\/a10020052","relation":{},"ISSN":["1999-4893"],"issn-type":[{"type":"electronic","value":"1999-4893"}],"subject":[],"published":{"date-parts":[[2017,5,9]]}}}