Advanced Search
CS Search Google Search
Subscribers, please login

Published Articles >> Table of Contents >> Abstract

Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)   pp. 129-139
SSARES: Secure Searchable Automated Remote Email Storage
Adam J. Aviv
Michael E. Locasto
Shaya Potter
Angelos D. Keromytis

Full Article Text: Download PDF of full textBuy this article

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2007.30
Send link to a friend

Abstract
The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their lo- cal disk. Doing so allows users to gain the benefit of reg- ular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end­to­end en- cryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common oper- ations, such as server­side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy­preserving search of that email collection. Our solution encrypts email (the head- ers, body, and attachments) as it arrives on the server us- ing public­key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transpar- ent to both the sender and recipient. This work was partially supported by the National Science Foundation through Grant ITR CNS-04-26623. all work done at the Network Security Lab at Columbia University Department of Computer Science
Additional Information

Citation:  Adam J. Aviv, Michael E. Locasto, Shaya Potter, Angelos D. Keromytis, "SSARES: Secure Searchable Automated Remote Email Storage," acsac, pp. 129-139,  Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007),  2007

Similar Articles

Abstract Contents
Abstract
Citation

Download Citation
Ascii Text
BibTex
RefWorks
Procite/RefMan/Endnote




Free access to

  • Abstracts
  • Selected PDFs

Electronic subscribers login to:

  • Access HTML/PDFs of full text articles

Subscription information

Get a Web account

PDFs require Adobe Acrobat Reader.

Peer Review Notice

Give us Feedback