SEARCHABLE ENCRYPTION ENABLING ENCRYPTED SEARCH BASED ON DOCUMENT TYPE

摘要

A searchable encryption method enables encrypted search of encrypted documents based on document type. In some embodiments, the searchable encryption method is implemented in a network intermediary, such as a proxy server. The network intermediary encrypts documents on behalf of a user or an enterprise destined to be stored on a cloud service provider. The searchable encryption method encodes document type information into the encrypted search index while preserving encryption security. Furthermore, the searchable encryption method enables search of encrypted documents using the same encrypted index, either for a particular document type or for all encrypted documents regardless of the document type.

主权项

1. A method for searchable encryption of cloud stored data encoding a document type, comprising:
receiving, at a network intermediary, a document of a first document type destined for a cloud service provider; encrypting, at a network intermediary, the document using a searchable encryption algorithm; generating one or more entries in a search index stored in the network intermediary, the one or more entries including a mapping of encrypted keyword labels for some or all of the keywords in the document to an encrypted document index identifying the document being encrypted, each encrypted keyword label being generated as a function of a respective keyword of the document and encoding a document type identifier indicative of the first document type of the document; encrypting the document using a second encryption algorithm; and transmitting the encrypted document to the cloud service provider.