The Community for Technology Leaders
RSS Icon
Issue No.03 - March (2014 vol.26)
pp: 752-765
Sumeet Bajaj , Stony Brook University, Stony Brook
Radu Sion , Stony Brook University, Stony Brook
Traditionally, as soon as confidentiality becomes a concern, data are encrypted before outsourcing to a service provider. Any software-based cryptographic constructs then deployed, for server-side query processing on the encrypted data, inherently limit query expressiveness. Here, we introduce TrustedDB, an outsourced database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging server-hosted, tamper-proof trusted hardware in critical query processing stages, thereby removing any limitations on the type of supported queries. Despite the cost overhead and performance limitations of trusted hardware, we show that the costs per query are orders of magnitude lower than any (existing or) potential future software-only mechanisms. TrustedDB is built and runs on actual hardware, and its performance and costs are evaluated here.
Servers, Hardware, Encryption, Data privacy, Query processing,special-purpose hardware, Database architectures, security, privacy
Sumeet Bajaj, Radu Sion, "TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality", IEEE Transactions on Knowledge & Data Engineering, vol.26, no. 3, pp. 752-765, March 2014, doi:10.1109/TKDE.2013.38
[1] FIPS PUB 140-2, Security Requirements for Cryptographic Modules, , 2013.
[2] TPC-H Benchmark, http://www.tpc.orgtpch/, 2013.
[3] IBM 4764 PCI-X Cryptographic Coprocessor, http://www-03. pcixccoverview.shtml, 2007.
[4] G. Aggarwal, M. Bawa, P. Ganesan, H. Garcia-Molina, K. Kenthapadi, R. Motwani, U. Srivastava, D. Thomas, and Y. Xu, "Two Can Keep a Secret: A Distributed Architecture for Secure Database Services," Proc. Conf. Innovative Data Systems Research (CIDR), pp. 186-199, 2005.
[5] A. Iliev and S.W. Smith, "Protecting Client Privacy with Trusted Computing at the Server," IEEE Security and Privacy, vol. 3, no. 2, pp. 20-28, Mar./Apr. 2005.
[6] M. Bellare, "New Proofs for NMAC and HMAC: Security Without Collision-Resistance," Proc. 26th Ann. Int'l Conf. Advances in Cryptology, pp. 602-619, 2006.
[7] B. Bhattacharjee, N. Abe, K. Goldman, B. Zadrozny, C. Apte, V.R. Chillakuru, and M. del Carpio, "Using Secure Coprocessors for Privacy Preserving Collaborative Data Mining and Analysis," Proc. Second Int'l Workshop Data Management on New Hardware (DaMoN '06), 2006.
[8] M. Canim, M. Kantarcioglu, B. Hore, and S. Mehrotra, "Building Disclosure Risk Aware Query Optimizers for Relational Databases," Proc. VLDB Endowment, vol. 3, nos. 1/2, pp. 13-24, Sept. 2010.
[9] Y. Chen and R. Sion, "To cloud or Not to Cloud?: Musings on Costs and Viability," Proc. Second ACM Symp. Cloud Computing (SOCC '11), pp. 29:1-29:7, 2011.
[10] V. Ciriani, S.D.C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, "Combining Fragmentation and Encryption to Protect Privacy in Data Storage," ACM Trans. Information and System Security, vol. 13, no. 3, pp. 22:1-22:33, July 2010.
[11] T. Denis, Cryptography for Developers, Syngress, 2007.
[12] E. Damiani, C. Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati, "Balancing Confidentiality and Efficiency in Untrusted Relational DBMSs," Proc. 10th ACM Conf. Computer and Communications Security (CCS '12), 2003.
[13] E. Mykletun and G. Tsudik, "Aggregation Queries in the Database-as-a-Service Model," Proc. 20th IFIP WG 11.3 Working Conf. Data and Applications Security, pp. 89-103, 2006.
[14] F.N. Afrati and V. Borkar, and M. Carey, and N. Polyzotis, and J.D. Ullman, "Map-Reduce Extensions and Recursive Queries," Proc. 14th Int'l Conf. Extending Database Technology (EDBT), pp. 1-8, 2011.
[15] V. Ganapathy, D. Thomas, T. Feder, H. Garcia-Molina, and R. Motwani, "Distributing Data for Secure Database Services," Proc. Fourth Int'l Workshop Privacy and Anonymity in the Information Soc. (PAIS '11), pp. 8:1-8:10, 2011.
[16] T. Ge and S. Zdonik, "Fast Secure Encryption for Indexing in a Column-Oriented DBMS," Proc. IEEE 23rd Int'l Conf. Data Eng. (ICDE), 2007.
[17] R. Gennaro, C. Gentry, and B. Parno, "Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers," Proc. 30th Ann. Conf. Advances in Cryptology (CRYPTO '10), pp. 465-482, 2010.
[18] O. Goldreich, Foundations of Cryptography I. Cambridge Univ. Press, 2001.
[19] B.I.H. Hacigumus and S. Mehrotra, "Efficient Execution of Aggregation Queries over Encrypted Relational Databases," Proc. Ninth Int'l Conf. Database Systems for Advanced Applications, vol. 2973, pp. 633-650, 2004.
[20] H. Hacigumus, B. Iyer, C. Li, and S. Mehrotra, "Executing SQL over Encrypted Data in the Database-Service-Provider Model," Proc. ACM SIGMOD Int'l Conf. Management of Data (SIGMOD '02), pp. 216-227, 2002.
[21] B. Hore, S. Mehrotra, and G. Tsudik, "A Privacy-Preserving Index for Range Queries," Proc. 13th Int'l Conf. Very Large Data Bases (VLDB '04), 2004.
[22] Intel 64 and IA-32 Architectures Optimization Reference Manual, Intel, Santa Clara, CA, 2008.
[23] M. Kantarcioglu and C. Clifton, "Security Issues in Querying Encrypted Data," Proc. 19th Ann. IFIP WG 11.3 Working Conf. Data and Applications Security (DBSec '05), pp. 325-337, 2005.
[24] P. Lewis, A. Bernstein, and M. Kifer, Databases and Transaction Processing. Addison-Wesley, 2002.
[25] L. Bouganim and P. Pucheral, "Chip-Secured Data Access: Confidential Data on Untrusted Server," Proc. 28th Int'l Conf. Very Large Data Bases (VLDB '02), pp. 131-141, 2002.
[26] E. Mykletun and G. Tsudik, "Incorporating a Secure Coprocessor in the Database-as-a-Service Model," Proc. Innovative Architecture on Future Generation High-Performance Processors and Systems (IWIA '05), pp. 38-44, 2005.
[27] N. Anciaux, M. Benzine, L. Bouganim, P. Pucheral, and D. Shasha, "GhostDB: Querying Visible and Hidden Data Without Leaks," Proc. 26th Int'l ACM Conf. Management of Data (SIGMOD), 2007.
[28] P. Paillier, "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes," Proc. 17th Int'l Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT '99), 1999.
[29] P. Paillier, "A Trapdoor Permutation Equivalent to Factoring," Proc. Second Int'l Workshop Practice and Theory in Public Key Cryptography (PKC '99), pp. 219-222, 1999.
[30] R.A. Popa, C. Redfield, and N. Zeldovich, "Cryptdb: Protecting Confidentiality with Encrypted Query Processing," Proc. 23rd ACM Symp. Operating Systems Principles (SOSP '11), 2011.
[31] M.O. Rabin, "Digitalized Signatures and Public-Key Functions as Intractable as Factorization," technical report, Massachusetts Inst. of Tech nology, 1979.
[32] R. Agrawal, D. Asonov, M. Kantarcioglu, and Y. Li, "Sovereign Joins," Proc. 22nd Int'l Conf. Data Eng., p. 26, 2006.
[33] R. Rivest, L. Adleman, and M. Dertouzos, "On Data Banks and Privacy Homomorphisms," Foundations of Secure Computation, Academic, 1978.
[34] S.W. Smith and D. Safford, "Practical Server Privacy with Secure Coprocessors," IBM Systems J., vol. 40, no. 3, pp. 683-695, 2001.
[35] S. Wu, F. Li, S. Mehrotra, and B.C. Ooi, "Query Optimization for Massively Parallel Data Processing," Proc. Second ACM Symp. Cloud Computing (CCS '11), Article 12, 2011.
[36] S. Agrawal, V. Narasayya, and B. Yang, "Integrating Vertical and Horizontal Partitioning into Automated Physical Database Design," Proc. ACM SIGMOD Int'l Conf. Management of Data (SIGMOD '04), pp. 359-370, 2004.
[37] S.W. Smith, "Outbound Authentication for Programmable Secure Coprocessors," doi= , 2001.
[38] S. Ghandeharizadeh and D.J. DeWitt, "Hybrid-Range Partitioning Strategy: A New Declustering Strategy for Multiprocessor Database Machines," Proc. 16th Int'l Conf. Very Large Data Bases (VLDB), pp. 481-492, 1990.
[39] S. Bajaj and R. Sion, "TrustedDB: A Trusted Hardware Based Database with Privacy and Data Confidentiality," Proc. ACM SIGMOD Int'l Conf. Management of Data (SIGMOD '11), pp. 205-216, 2011.
[40] S. Bajaj and R. Sion, "TrustedDB: A Trusted Hardware Based Outsourced Database Engine," Proc. Int'l Conf. Very Large Data Bases (VLDB), 2011.
[41] A. Thomson and D.J. Abadi, "The Case for Determinism in Database Systems," Proc. VLDB Endowment, vol. 3, no. 1, pp. 70-80, 2010.
[42] T. Ge and S. Zdonik, "Answering Aggregation Queries in a Secure System Model," Proc. 33rd Int'l Conf. Very Large Data Bases (VLDB), pp. 519-530, 2007.
[43] M. van Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan, "Fully Homomorphic Encryption over the Integers," Proc. 29th Ann. Int'l Conf. Theory and Applications of Cryptographic Techniques (EUROCRYPT '10), pp. 24-43, 2010.
[44] H. Wang and L.V.S. Lakshmanan, "Efficient Secure Query Evaluation over Encrypted XML Databases," Proc. 32nd Int'l Conf. Very Large Data Bases (VLDB), 2006.
[45] S. Wang, D. Agrawal, and A.E. Abbadi, "A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud," Proc. Eighth VLDB Int'l Conf. Secure Data Management, pp. 52-69, 2011.
3 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool