Skip to Main Content
This paper proposes an inverted-index-based, practical, encrypted search engine, including encrypted index creation, search, and maintenance methods. Recently, more and more patients are placing their medical data at online third-party services, such as Google Health. If such sensitive data are stored at a semi-trusted third-party, security guarantee is necessary for assurance of data confidentiality and access pattern privacy. However, most service providers only provide such assurance by policy means. The new method proposed in this paper can efficiently resolve both the medical data confidentiality and sharing privacy issues. Based on our encrypted inverted-index table structure, key derivation and distribution methods, it is convenient for a patient to authorize others to access his encrypted medical data without any loss of data confidentiality and access pattern privacy to an unauthorized person. Further with the help of virtual deletion technology, our method resolves the encrypted index table maintenance issue when medical data are deleted. The experimental results show that the overhead of our solution is small compared to indexing and search times of traditional search engines. The security analysis shows that our solution assures data confidentiality and access pattern privacy.