The present invention relates to a search system which searches data with the data encrypted.
Storage services are one kind of cloud services. The storage services store document data uploaded by users and enable the users and user groups who are given permission by the users to share the document data. The storage services provide full-text search service which searches document data including keywords.
For the storage services, a problem that third parties might inspect the document data stored in the storage services has been pointed out. In particular, when legal organs, such as investigating authorities and court, request to submit the storage, the service providers cannot probably refuse to submit the storage, and the legal organs probably impound the storage. In the cloud services, a plurality of users share servers, storage, and the like. Thus, storage including one user's document data may be submitted even if the user is not an investigation target, and the third parties, such as the investigating authorities and the court, may access the document without being noticed by the user. Thus, it is required to take measures to prevent confidential information from leaking out.
Cloud service providers typically encrypt the document data and store the encrypted data. However, there are cases when the cloud service providers are requested to submit the document data by the legal organs and must follow an order to decrypt the encrypted data from the legal organs. This concern can be given not only in the case of storing the document data but also in the cases of key-value stores and relational DBs.
For taking measures against the problems, arts encrypting the document data with keys of users or organizations to which the users belong and storing the encrypted document are proposed. In addition, arts searching full-text of the document data with the data encrypted are proposed.
Background arts of the technical field of the present invention include JP 2002-278970 A and JP 2003-150600 A. The following describes JP 2002-278970 A. JP 2002-2789870 A discloses a document managing system comprising a client and a document managing server providing functions of storing an electronic document, searching a bibliography, searching full texts, and referencing. The client encrypts a document, the bibliography corresponding to the document, and full-text index information by a same method or different methods and sends them to the server. The server records the encrypted document and index information. In searching, the client encrypts search criteria by a method which is same as the method corresponding to the index information and sends encrypted search criteria to the server. The server searches index information encrypted with the encrypted search criteria, and sends the encrypted document to the client in referencing. The full-text index information is stored in the server by using inverted index method. The client encrypts the index information Caesar cipher.
JP 2003-150600 A discloses an information search method, by an information search device, comprising a language analyzing step of analyzing a character string, an encrypting step of encrypting, an information storing step of storing a plurality of pieces of information including the character string, a query input step of inputting a query, a character strings comparing step of comparing a first character string with a second character string, a decrypting step of decrypting, and a displaying or storing step of displaying one or a plurality of information names and the information contents including the coincident character string.