EVSEB: Efficient and Verifiable Searchable Encryption With Boolean Search for Encrypted Cloud Logs

EVSEB: Efficient and Verifiable Searchable Encryption With Boolean Search for Encrypted Cloud Logs

With the growing adoption of cloud services, organizations are increasingly outsourcing their system log management to cloud service providers (CSPs). While this approach offers cost efficiency and scalability, it introduces critical challenges related to the confidentiality, searchability, and inte...

Full description

Saved in:
Bibliographic Details
Main Authors: Somchart Fugkeaw, Jirakit Deevijit, Prapachai Ueasathitwong, Thanapoom Thanyasukpaisal
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Searchable encryption
multiple keyword search
bloom filter
log files
keyword search
blockchain
Online Access:https://ieeexplore.ieee.org/document/11027066/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the growing adoption of cloud services, organizations are increasingly outsourcing their system log management to cloud service providers (CSPs). While this approach offers cost efficiency and scalability, it introduces critical challenges related to the confidentiality, searchability, and integrity of sensitive log data. Specifically, existing solutions fall short in supporting fine-grained Boolean keyword search, dynamic access control, and verifiable result integrity over encrypted log records. To address these challenges, we propose EVSEB—an efficient and verifiable searchable encryption framework for encrypted cloud-hosted logs. EVSEB supports fine-grained multi-keyword Boolean search, privacy-preserving access control, and per-file integrity verification with minimal overhead. At its core, EVSEB introduces a hybrid indexing model that integrates a hierarchical log-type classification tree, Bloom filters, and inverted indexes to reduce search space and accelerate query execution. Access control is enforced through blockchain-based smart contracts that securely validate encrypted user tokens. For integrity assurance, EVSEB combines an off-chain distributed hash table (DHT) and an on-chain Merkle root to detect tampering at the level of individual log files. Experimental evaluion demonstrates that our proposed EVSEB outperforms existing solutions in terms of search under increasing keyword and file load, and integrity verification. This substantiates the practicality of our proposed scheme in implementing a searchable encryption and access solution for large-scale encrypted log management in cloud environments.
ISSN:2169-3536

Similar Items