Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Prior Related Work
Additional Related Work
Cryptographic Background
Final Protocol
Experimental Results
Synthetic Data
Comparison with Previous Work
Conclusion
References

Verifying Search Results Over Web Collections

Profile image of Duy NguyenDuy Nguyen

2012

Abstract

Web searching accounts for one of the most frequently performed computations over the Internet as well as one of the most important applications of outsourced computing, producing results that critically affect users' decision-making behaviors. As such, verifying the integrity of Internet-based searches over vast amounts of web contents is essential. In this paper, we provide the first solution to this general security problem. We introduce the concept of an authenticated web crawler and present the design and prototype implementation of this new concept. An authenticated web crawler is a trusted program that computes a special "signature" S over a collection of web contents it visits. Subject to this signature, web searches can be verified to be correct with respect to the integrity of their produced results. But this signature serves more advanced purposes than just content verification: It allows the verification of complicated queries on web pages, such as conjunctive keyword searches, which are vital for the functionality of online web-search engines today. In our solution, along with the web pages that satisfy any given search query, the search engine also returns a cryptographic proof. This proof, together with the signature S, enables any user to efficiently verify that no legitimate web pages are omitted from the result computed by the search engine, and that no pages that are non-conforming with the query are included in the result. An important property of our solution is that the proof size and the verification time are proportional only to the sizes of the query description and the query result, but do not depend on the number or sizes of the web pages over which the search is performed. Our authentication protocols are based on standard Merkle trees and the more involved bilinear-map accumulators. As we experimentally demonstrate, the prototype implementation of our system gives a low communication overhead between the search engine and the user, and allows for fast verification of the returned results on the user side.

Related papers

Let's Trust Users It is Their Search
Abdul Sattar

2010 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology, 2010

ABSTRACT The current search engine model considers users not trustworthy, so no tools are provided to let them specify what they are looking for or in what context, which severely limits what they are able to achieve. Instead, search engines try to guess that, which is currently done using "implicit feedback''. In this paper we propose a "web exploration engine'' - a model where users can use the search engine as their tool and explicitly specify the context of their search. Information about the web has been pre-classified in a large number of categories; users can explore this hierarchy by providing relevance feedback or search within a particular category. Search is truly ``local'' in the sense that keyword relevance is not global, but specific to the category. In contrast to using a search engine, users can guide the exploration engine with relevance feedback alone without entering keywords.

View PDFchevron_right
Enhanced Trustworthy and High-Quality Information Retrieval System for Web Search Engines
Sumalatha Ramachandran

Computing Research Repository, 2009

The WWW is the most important source of information. But, there is no guarantee for information correctness and lots of conflicting information is retrieved by the search engines and the quality of provided information also varies from low quality to high quality. We provide enhanced trustworthiness in both specific (entity) and broad (content) queries in web searching. The filtering of

View PDFchevron_right
Providing Customized Requirements for Privacy Preserving In Web Search Engines
International Journal IJRITCC

— Web search tools are generally used to get information from web servers. These web crawlers use client profiles and as of late sought information to give indexed lists, so here there is no security insurance for client information. We give an framework that can assist clients with customizing their protection necessities. The protections prerequisites gave by client are utilized here for querying the Web server with the hunt keys given by client. In this methodology we can ready to conceal the protection information of client from web search servers. The procedure of modifying protection necessities will happen in offline and will be utilized dynamically .The calculations utilized here will give speculation inquiries expected to look by safeguarding security prerequisites gave. The Experimental results will prove that this Framework will ensure privacy of client.

View PDFchevron_right
Helping Johnny to Search: Encrypted Search on Webmail System
Akira Kanaoka

2018 13th Asia Joint Conference on Information Security (AsiaJCIS), 2018

View PDFchevron_right
Secured implementation of personalized web search with UPS
IRJET Journal

Web search engines are valuable tools that are widely used to find specific information in the World Wide Web. When the query is searched in a web should provide the relevant information to the users. The irrelevant results may disappoint the users and the efficiency of the query search should be improved. Personalized web search has established to improve the quality of the various search services on the internet by customizing search results, based on the personal data of user provided to the search engine. Personalized search that involves building models of user context as ontological profiles by assigning implicitly derived from the interest scores to existing concepts in domain ontology. When retrieving the information based on user's interest, user's profile will be shown. A PWS framework called User Customizable Privacy Preserving Search, UPS framework generalizes profiles by queries when the user specifies privacy requirements. Runtime generalization method is used for providing a balance between the two predictive metrics that evaluate the utility of personalization and privacy risk of disclosing the generalized profile. Two greedy algorithms, namely Greedy discriminating power algorithm (GreedyDP) and the Greedy Information Loss algorithm (GreedyIL), are used for runtime generalization. GreedyIL algorithm achieves the higher efficiency than the Greedy discriminating power algorithm. Online prediction mechanism is used for deciding whether personalizing a given query is beneficial. Re-ranking the search results based on the interest scores and semantic evidence in an ontological user profile are very effective in presenting the most relevant results to the user.

View PDFchevron_right
VPSearch: Achieving Verifiability for Privacy-Preserving Multi-Keyword Search over Encrypted Cloud Data
zhiguo wan

IEEE Transactions on Dependable and Secure Computing, 2016

Although cloud computing offers elastic computation and storage resources, it poses challenges on verifiability of computations and data privacy. In this work we investigate verifiability for privacy-preserving multi-keyword search over outsourced documents. As the cloud server may return incorrect results due to system faults or incentive to reduce computation cost, it is critical to offer verifiability of search results and privacy protection for outsourced data at the same time. To fulfill these requirements, we design a Verifiable Privacy-preserving keyword Search scheme, called VPSearch, by integrating an adapted homomorphic MAC technique with a privacy-preserving multi-keyword search scheme. The proposed scheme enables the client to verify search results efficiently without storing a local copy of the outsourced data. We also propose a random challenge technique with ordering for verifying top-k search results, which can detect incorrect top-k results with probability close to 1. We provide detailed analysis on security, verifiability, privacy, and efficiency of the proposed scheme. Finally, we implement VPSearch using Matlab and evaluate its performance over three UCI bag-of-words data sets. Experiment results show that authentication tag generation incurs about 3 percent overhead only and a search query over 300,000 documents takes about 0.98 seconds on a laptop. To verify 300,000 similarity scores for one query, VPSearch costs only 0.29 seconds.

View PDFchevron_right
Privacy Security in Personalized Web Search
Priyanka Deulkar

International Journal of Engineering Research and, 2015

One user hundred needs on internet. As more and more queries are being searched on the web, it is increasingly difficult to let the search engine know in what context user wants to search. Coping with ambiguous queries has long been an important part in the research of Information Retrieval, but still remains to be a challenging task. Personalized search has recently got significant attention to address this challenge in the web search community, based on the premise that a user's general preference may help the search engine disambiguate the true intention of a query. In this paper, we implement an algorithm that returns relevant results to users based on their preferences keeping sensitive data more secure. Our experiments show that user's sensitive preferences can be preserved accurately from attacks. Our scheme provides an affordable overhead while offering privacy benefits to the users.

View PDFchevron_right
Implementing advanced internet search engines
Sujeet Shenoi

IFIP Advances in Information and Communication Technology, 1998

View PDFchevron_right
Verification of Query Results Over Secure Cloud Data
Parvathi Ravali, J4R - Journal for Research

Secure search techniques over encrypted cloud data allow an authorized user to query data files of interest by submitting encrypted query keywords to the cloud server in a privacy-preserving manner. However, in practice, the returned query results may be incorrect or incomplete in the dishonest cloud environment. For example, the cloud server may intentionally omit some qualified resultstosavecomputationalresourcesandcommunicationoverhead.Thus, a well-functioning secure query system should provide a query results verification mechanism that allows the data user to verify results. In this paper, we design a secure, easily integrated, and fine-grained query results verification mechanism, by which, given an encrypted query results set, the query user not only can verify the correctness of each data file in the set but also can further check how many or which qualified data files are not returned if the set is incomplete before decryption. The verification scheme is loose-coupling to concrete secure search techniques and can be very easily integrated into any secure query scheme. We achieve the goal by constructing secure verification object for encrypted cloud data. Furthermore, a short signature technique with extremely small storage cost is proposed to guarantee the authenticity of verification object and a verification object request technique is presented to tallow the query user to securely obtain the desired verification object. Performance evaluation shows that the proposed schemes are practical and efficient.

View PDFchevron_right
Helping Johnny to Search: Usable Encrypted Search on Webmail System
Akira Kanaoka

Journal of Information Processing

End-to-end encryption is becoming common in messaging applications. E-mail that is the one of most popular a messaging application has several standards and systems in its encryption. However, it is hard to say that e-mail encryption has spread enough. It has been pointed out that there are usability problems in message encryption. Even though various studies on message encryption and usability have been made, there is no study discussing utility function such as searching and sorting. In this paper, the search function is focused. We aim to investigate the usability problems on encrypted search. Therefore, a method that applies encrypted search transparently is proposed at first. The implementation of the proposed method is achieved using Google Chrome Extension for Gmail, and evaluation both performance and usability is conducted. We found that participants do not mind whether the search function is encrypted or not if both have almost identical UI and encrypted search operates at high speed.

View PDFchevron_right

References (29)

  1. Apache Thrift Software. Version 0.6.2. http://thrift.apache.org/.
  2. M. J. Atallah, Y. Cho, and A. Kundu. Efficient data authentication in an environment of untrusted third-party distributors. In Data Engineering, 2008. ICDE 2008. IEEE 24th Inter- national Conference on, pages 696 -704, april 2008.
  3. E. Bertino, B. Carminati, E. Ferrari, B. Thuraisingham, and A. Gupta. Selective and au- thentic third-party distribution of xml documents. IEEE Trans. on Knowl. and Data Eng., 16(10):1263-1278, Oct. 2004.
  4. A. Buldas, P. Laud, and H. Lipmaa. Accountable certificate management using undeniable attestations. In Proceedings of the 7th ACM conference on Computer and communications security, CCS '00, pages 9-17, New York, NY, USA, 2000. ACM.
  5. J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revo- cation of anonymous credentials. In Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '02, pages 61-76, London, UK, UK, 2002. Springer-Verlag.
  6. P. Devanbu, M. Gertz, A. Kwong, C. Martel, G. Nuckolls, and S. G. Stubblebine. Flexible authentication of xml documents. In Proceedings of the 8th ACM conference on Computer and Communications Security, CCS '01, pages 136-145, New York, NY, USA, 2001. ACM.
  7. P. Devanbu, M. Gertz, C. Martel, and S. G. Stubblebine. Authentic data publication over the internet. Journal of Computer Security,, 11(3):291-314, Apr. 2003.
  8. M. T. Goodrich, R. Tamassia, and J. Hasic. An efficient dynamic and distributed cryptographic accumulator. In Proceedings of the 5th International Conference on Information Security, ISC '02, pages 372-388, London, UK, UK, 2002. Springer-Verlag.
  9. M. T. Goodrich, R. Tamassia, and A. Schwerin. Implementation of an authenticated dictionary with skip lists and commutative hashing. In DARPA Information Survivability Conference amp; Exposition II, 2001. DISCEX '01. Proceedings, volume 2, pages 68 -82 vol.2, 2001.
  10. M. T. Goodrich, R. Tamassia, and N. Triandopoulos. Super-efficient verification of dynamic outsourced databases. In Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology, CT-RSA'08, pages 407-424, Berlin, Heidelberg, 2008. Springer-Verlag.
  11. M. T. Goodrich, R. Tamassia, and N. Triandopoulos. Efficient authenticated data structures for graph connectivity and geometric search problems. Algorithmica, 60(3):505-552, July 2011.
  12. F. Li, M. Hadjieleftheriou, G. Kollios, and L. Reyzin. Dynamic authenticated index structures for outsourced databases. In Proceedings of the 2006 ACM SIGMOD international conference on Management of data, SIGMOD '06, pages 121-132, New York, NY, USA, 2006. ACM.
  13. C. Martel, G. Nuckolls, P. Devanbu, M. Gertz, A. Kwong, and S. G. Stubblebine. A general model for authenticated data structures. Algorithmica, 39(1):21-41, Jan. 2004.
  14. R. C. Merkle. A certified digital signature. In Proceedings on Advances in cryptology, CRYPTO '89, pages 218-238, New York, NY, USA, 1989. Springer-Verlag New York, Inc.
  15. M. Naehrig, R. Niederhagen, and P. Schwabe. New software speed records for cryptographic pairings. In Proceedings of the First international conference on Progress in cryptology: cryp- tology and information security in Latin America, LATINCRYPT'10, pages 109-123, Berlin, Heidelberg, 2010. Springer-Verlag.
  16. M. Naor and K. Nissim. Certificate revocation and certificate update. In Proceedings of the 7th conference on USENIX Security Symposium -Volume 7, SSYM'98, pages 17-17, Berkeley, CA, USA, 1998. USENIX Association.
  17. M. Narasimha and G. Tsudik. Authentication of outsourced databases using signature aggre- gation and chaining. In Proceedings of the 11th international conference on Database Systems for Advanced Applications, DASFAA'06, pages 420-436, Berlin, Heidelberg, 2006. Springer- Verlag.
  18. L. Nguyen. Accumulators from bilinear pairings and applications. In Proceedings of the 2005 international conference on Topics in Cryptology, CT-RSA'05, pages 275-292, Berlin, Heidel- berg, 2005. Springer-Verlag.
  19. G. Nuckolls. Verified query results from hybrid authentication trees. In Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security, DBSec'05, pages 84-98, Berlin, Heidelberg, 2005. Springer-Verlag.
  20. H. Pang, A. Jain, K. Ramamritham, and K.-L. Tan. Verifying completeness of relational query results in data publishing. In Proceedings of the 2005 ACM SIGMOD international conference on Management of data, SIGMOD '05, pages 407-418, New York, NY, USA, 2005. ACM.
  21. H. Pang and K. Mouratidis. Authenticating the query results of text search engines. Proceedings of the VLDB Endowment, 1(1):126-137, Aug. 2008.
  22. C. Papamanthou, R. Tamassia, and N. Triandopoulos. Authenticated hash tables. In Proceed- ings of the 15th ACM conference on Computer and communications security, CCS '08, pages 437-448, New York, NY, USA, 2008. ACM.
  23. C. Papamanthou, R. Tamassia, and N. Triandopoulos. Optimal verification of operations on dynamic sets. In Proceedings of the 31st annual conference on Advances in cryptology, CRYPTO'11, pages 91-110, Berlin, Heidelberg, 2011. Springer-Verlag.
  24. R. Tamassia. Authenticated data structures. In Proceedings of the 11th Annual European Symposium on Algorithms, volume 2832 of LNCS, pages 2-5. Springer-Verlag, 2003.
  25. R. Tamassia and N. Triandopoulos. Computational bounds on hierarchical data processing with applications to information security. In Proceedings of the 32nd international conference on Automata, Languages and Programming, ICALP'05, pages 153-165, Berlin, Heidelberg, 2005. Springer-Verlag.
  26. R. Tamassia and N. Triandopoulos. Certification and authentication of data structures. In Proceedings of the 4th Alberto Mendelzon International Workshop on Foundations of Data Management, 2010.
  27. Y. Yang, D. Papadias, S. Papadopoulos, and P. Kalnis. Authenticated join processing in outsourced databases. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, SIGMOD '09, pages 5-18, New York, NY, USA, 2009. ACM.
  28. M. L. Yiu, Y. Lin, and K. Mouratidis. Efficient verification of shortest path search via au- thenticated hints. In Data Engineering (ICDE), 2010 IEEE 26th International Conference on, pages 237 -248, march 2010.
  29. J. Zobel and A. Moffat. Inverted files for text search engines. ACM Computing Surveys, 38(2), 2006.

Related papers

Efficient verification of web-content searching through authenticated web crawlers
Duy Khanh Nguyen

Proceedings of the VLDB Endowment, 2012

We consider the problem of verifying the correctness and completeness of the result of a keyword search. We introduce the concept of an authenticated web crawler and present its design and prototype implementation. An authenticated web crawler is a trusted program that computes a specially-crafted signature over the web contents it visits. This signature enables (i) the verification of common Internet queries on web pages, such as conjunctive keyword searches---this guarantees that the output of a conjunctive keyword search is correct and complete ; (ii) the verification of the content returned by such Internet queries---this guarantees that web data is authentic and has not been maliciously altered since the computation of the signature by the crawler. In our solution, the search engine returns a cryptographic proof of the query result. Both the proof size and the verification time are proportional only to the sizes of the query description and the query result, but do not depend o...

View PDFchevron_right
Verified Query Results from Hybrid Authentication Trees
Glen Nuckolls

Lecture Notes in Computer Science, 2005

We address the problem of verifying the accuracy of query results provided by an untrusted third party Publisher on behalf of a trusted data Owner. We propose a flexible database verification structure, the Hybrid Authentication Tree (HAT), based on fast cryptographic hashing and careful use of a more expensive one-way accumulator. This eliminates the dependence on tree height of earlier Merkle tree based proposals and improves on the VB tree, a recent proposal to reduce proof sizes, by eliminating a trust assumption and reliance on signatures. An evaluation of the Hybrid Authentication Tree against the VB tree and Authentic Publication showing that a HAT provides the smallest proofs and faster verification than the VB tree. With moderate bandwidth limitations, the HATs low proof overhead reduces transfer time to significantly outweigh the faster verification time of Authentic Publication. A HAT supports two verification modes that can vary per query and per Client to match Client resources and applications. This flexibility allows the HAT to match the best performance of both hash based and accumulator based methods.

View PDFchevron_right
Security of World Wide Web Search Engines
Massimo Marchiori

Reliability, Quality and Safety of Software-Intensive Systems, 1997

As all the recent market surveys witness, the World Wide Web (WWW) is expanding at a phenomenal rate, both in the number of users and in the amount of available information. This has made the World Wide Web one of the key fields for companies advertisement. On the other hand, advertisement on the web depends crucially on its visibility, i.e. on the possibility to be noticed by as many users as possible. The backbone of information management in the WWW is given by search engines, that allow users to access the enormous amount of information present in the web. Hence, advertisement has identified search engines as the major strategic component in web advertisement: it is essential for a company to appear on top tens of search engines, when the user asks for a product in their market field. Just by their automatic nature, search engines can be fooled by artificially manipulating web pages, so to make them rank higher: this relatively new phenomenon (called sep, after search engine persuasion) has now become so widespread to be a great problem: Indeed, on the one hand it provokes a great loss in advertisement profits for search engines maintainers, which are unwillingly giving free advertisement to companies that are sepping; on the other hand, it makes searching in the web extremely more difficult for users, since the performances of search engines are heavily affected by the artificial sep manipulation, making their evaluation mechanisms going wrong. In this paper, we thoroughly analyze the problem of security of search engines, giving a complete panoramic, and proposing various levels of security for search engines. Practically, we propose implementations of such security shields, that can be smoothly integrated in nowadays search engines: the original evaluation mechanism of a search engine is not modified, but it is seen as a black box, and simply integrated with security modules, in the form of pre-and post-processors.

View PDFchevron_right
Trustworthy Distributed Search and Retrieval over the Internet
Louise Moser

2011

This paper describes iTrust, a novel distributed search and retrieval system that provides trustworthy acce ss to information over the Internet. iTrust involves distribu tion of metadata and requests, matching of requests and metadata , and retrieval of information corresponding to metadata. Nodes with information to distribute transmit their metadata to n odes that are selected at random from a set of participating nodes . Similarly, nodes seeking information distribute their requests to nodes that are selected at random from the set of participati ng nodes. When a node receives a request, the node tries to match the metadata in the request with the metadata that it holds. I f the node has a match, it supplies a URL for the information to the requesting node, which then retrieves the information from the source node. This paper provides a performance evaluation of iTrust, based on both analysis and simulation using our implementation of iTrust. Distribution of metadata and requests...

View PDFchevron_right
Publicly verifiable conjunctive keyword search in outsourced databases
Refik Molva

2015 IEEE Conference on Communications and Network Security (CNS), 2015

Recent technological developments in cloud computing and the ensuing commercial appeal have encouraged companies and individuals to outsource their storage and computations to powerful cloud servers. However, the challenge when outsourcing data and computation is to ensure that the cloud servers comply with their advertised policies. In this paper, we focus in particular on the scenario where a data owner wishes to (i) outsource its public database to a cloud server; (ii) enable anyone to submit multi-keyword search queries to the outsourced database; and (iii) ensure that anyone can verify the correctness of the server's responses. To meet these requirements, we propose a solution that builds upon the well-established techniques of Cuckoo hashing, polynomial-based accumulators and Merkle trees. The key idea is to (i) build an efficient index for the keywords in the database using Cuckoo hashing; (ii) authenticate the resulting index using polynomial-based accumulators and Merkle tree; (iii) and finally, use the root of the Merkle tree to verify the correctness of the server's responses. Thus, the proposed solution yields efficient search and verification and incurs a constant storage at the data owner. Furthermore, we show that it is sound under the strong bilinear Diffie-Hellman assumption and the security of Merkle trees.

View PDFchevron_right
580 California St., Suite 400
San Francisco, CA, 94104
© 2025 Academia. All rights reserved