Skip to main content
SpringerLink
Log in

Outsourcing Encrypted Excel Files

  • Conference paper
  • First Online:
Information Security Practice and Experience (ISPEC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10701))

Abstract

With the development of cloud computing, the enterprises tend to outsource their data to the third party for saving cost and mobile access. However, simultaneously achieving the security and the operability of the outsourced data becomes a real challenge. Existing solutions mainly deal with the security of the outsourced data, but cannot support the operation of encrypted data at the same time, except for few kinds of operations. In this paper, we propose an outsourcing encrypted Excel file scheme, which supports most operations of the encrypted data, as if it were not encrypted in Excel. Based on extensive experimental tests, the system achieves the function of summing, seeking mean, searching, indexing. The analysis shows that our scheme can provide proper security in practice.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    downloaded from http://www.tpc.org/tpc_documents_current_versions/current_specifications.asp.

References

  1. Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.X.: Provable data possession at untrusted stores. In: Proceedings of CCS 2007, pp. 598–609. ACM (2007)

    Google Scholar 

  2. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_30

    Chapter  Google Scholar 

  3. Boneh, D., Sahai, A., Waters, B.: Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 573–592. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_34

    Chapter  Google Scholar 

  4. Boneh, D., Waters, B.: A fully collusion resistant broadcast, trace, and revoke system. In: Proceedings CCS 2006, pp. 211–220. ACM (2006)

    Google Scholar 

  5. Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_29

    Chapter  Google Scholar 

  6. Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25(1), 222–233 (2014)

    Article  Google Scholar 

  7. Castiglione, A., De Santis, A., Masucci, B., Palmieri, F., Huang, X., Castiglione, A.: Supporting dynamic updates in storage clouds with the akl-taylor scheme. Inf. Sci. 387, 56–74 (2017)

    Article  Google Scholar 

  8. Castiglione, A., Santis, A.D., Masucci, B., Palmieri, F., Castiglione, A., Huang, X.: Cryptographic hierarchical access control for dynamic structures. IEEE Trans. Inf. Forensics Secur. 11(10), 2349–2364 (2016)

    Article  MATH  Google Scholar 

  9. Castiglione, A., Santis, A.D., Masucci, B., Palmieri, F., Castiglione, A., Li, J., Huang, X.: Hierarchical and shared access control. IEEE Trans. Inf. Forensics Secur. 11(4), 850–865 (2016)

    Google Scholar 

  10. Chen, X., Li, J., Weng, J., Ma, J., Lou, W.: Verifiable computation over large database with incremental updates. IEEE Trans. Comput. 65(10), 3184–3195 (2016)

    Article  MathSciNet  MATH  Google Scholar 

  11. China, I.: China’s social mobile office software market in 2015. https://www.idc.com.cn/about/press.jsp?id=OTUw. Accessed 10 Mar 2016

  12. Chow, S.S.M., Chu, C., Huang, X., Zhou, J., Deng, R.H.: Dynamic secure cloud storage with provenance. In: Cryptography and Security: From Theory to Applications - Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, pp. 442–464 (2012)

    Google Scholar 

  13. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_27

    Chapter  Google Scholar 

  14. Clearinghouse, P.R.: Chronology of data breaches. https://www.privacyrights.org/data-breaches

  15. Deng, H., Wu, Q., Qin, B., Chow, S.S.M., Domingo-Ferrer, J., Shi, W.: Tracing and revoking leaked credentials: accountability in leaking sensitive outsourced data. In: Proceedings ASIA CCS 2014, pp. 425–434. ACM (2014)

    Google Scholar 

  16. Erway, C.C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. ACM Trans. Inf. Syst. Secur. 17(4), 15:1–15:29 (2015)

    Article  Google Scholar 

  17. Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)

    Article  Google Scholar 

  18. Karcher, P., Burris, P., Keitt, T.: Market update: Office 2013 and productivity suite alternatives. Forrester Research, Inc (2013)

    Google Scholar 

  19. Li, J., Chen, X., Li, J., Jia, C., Ma, J., Lou, W.: Fine-grained access control system based on outsourced attribute-based encryption. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 592–609. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40203-6_33

    Chapter  Google Scholar 

  20. Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Fuzzy keyword search over encrypted data in cloud computing. In: Proceedings of INFOCOM 2010, pp. 441–445. IEEE (2010)

    Google Scholar 

  21. Li, J., Zhao, G., Chen, X., Xie, D., Rong, C., Li, W., Tang, L., Tang, Y.: Fine-grained data access control systems with user accountability in cloud computing. In: Cloud Computing, Second International Conference, CloudCom 2010, 30 November - 3 December 2010, Indianapolis, Indiana. Proceedings, pp. 89–96 (2010)

    Google Scholar 

  22. Liu, H., Mu, Y., Zhao, J., Xu, C., Wang, H., Chen, L., Yu, Y.: Identity-based provable data possession revisited: security analysis and generic construction. Computer Stand. Interfaces 54, 10–19 (2017)

    Article  Google Scholar 

  23. Liu, J.K., Au, M.H., Huang, X., Lu, R., Li, J.: Fine-grained two-factor access control for web-based cloud computing services. IEEE Trans. Inf. Forensics Secur. 11(3), 484–497 (2016)

    Article  Google Scholar 

  24. Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. In: 2013 IEEE Symposium on Security and Privacy SP 2013, Berkeley, CA, 19–22 May 2013, pp. 463–477 (2013)

    Google Scholar 

  25. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: Proceedings of SOSP 2011, pp. 85–100. ACM (2011)

    Google Scholar 

  26. Somani, U., Lakhani, K., Mundra, M.: Implementing digital signature with RSA encryption algorithm to enhance the data security of cloud in cloud computing. In: 2010 1st International Conference on Parallel Distributed and Grid Computing (PDGC), pp. 211–216. IEEE (2010)

    Google Scholar 

  27. Sun, W., Wang, B., Cao, N., Li, M., Lou, W., Hou, Y.T., Li, H.: Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking. In: Proceedings of ASIA CCS 2013, pp. 71–82. ACM (2013)

    Google Scholar 

  28. Support, M.: Excel help center. https://support.office.com/en-us/excel

  29. Tahir, S., Rajarajan, M., Sajjad, A.: A ranked searchable encryption scheme for encrypted data hosted on the public cloud. In: 2017 International Conference on Information Networking, ICOIN 2017, Da Nang, Vietnam, 11–13 Jan 2017, pp. 242–247 (2017)

    Google Scholar 

  30. Wang, B., Yu, S., Lou, W., Hou, Y.T.: Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In: Proceedings of INFOCOM 2014, pp. 2112–2120. IEEE (2014)

    Google Scholar 

  31. Wang, X., Wu, Q., Zhang, Y.: T-DB: toward fully functional transparent encrypted databases in dbaas framework. CoRR abs/1708.08191 (2017)

    Google Scholar 

  32. Wang, Y., Wu, Q., Qin, B., Tang, S., Susilo, W.: Online/offline provable data possession. IEEE Trans. Inf. Forensics Secur. 12(5), 1182–1194 (2017)

    Article  Google Scholar 

  33. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM 2010, pp. 534–542 (2010)

    Google Scholar 

  34. Zhou, J., Duan, H., Liang, K., Yan, Q., Chen, F., Yu, F.R., Wu, J., Chen, J.: Securing outsourced data in the multi-authority cloud with fine-grained access control and efficient attribute revocation. Comput. J. 60(8), 1210–1222 (2017)

    Article  Google Scholar 

Download references

Acknowledgment

Qianhong Wu is the corresponding author. This paper is supported by the National Key Research and Development Program of China through project 2017YFB0802505, the Natural Science Foundation of China through projects 61772538, 61672083, 61370190, 61532021, 61472429 and 61402029, and by the National Cryptography Development Fund through project MMJJ20170106.

Author information

Authors and Affiliations

  1. School of Electronics and Information Engineering, Beihang University, Beijing, China

    Ya-Nan Li, Qianhong Wu & Qin Wang

  2. State Key Laboratory of Cryptology, P. O. Box 5159, Beijing, 100878, China

    Ya-Nan Li

  3. Key Laboratory of Data Engineering and Knowledge Engineering, Ministry of Education, School of Information, Renmin University of China, Beijing, China

    Wenyi Tang & Bo Qin

  4. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Bo Qin

  5. State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an, 710071, China

    Meixia Miao

Authors
  1. Ya-Nan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qianhong Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenyi Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bo Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Meixia Miao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qianhong Wu .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, Victoria, Australia

    Joseph K. Liu

  2. University of Milan, Milan, Italy

    Pierangela Samarati

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, YN., Wu, Q., Tang, W., Qin, B., Wang, Q., Miao, M. (2017). Outsourcing Encrypted Excel Files. In: Liu, J., Samarati, P. (eds) Information Security Practice and Experience. ISPEC 2017. Lecture Notes in Computer Science(), vol 10701. Springer, Cham. https://doi.org/10.1007/978-3-319-72359-4_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72359-4_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72358-7

  • Online ISBN: 978-3-319-72359-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation