TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality

Traditionally, as soon as confidentiality becomes a concern, data are encrypted before outsourcing to a service provider. Any software-based cryptographic constructs then deployed, for server-side query processing on the encrypted data, inherently limit query expressiveness. Here, we introduce TrustedDB, an outsourced database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging server-hosted, tamper-proof trusted hardware in critical query processing stages, thereby removing any limitations on the type of supported queries. Despite the cost overhead and performance limitations of trusted hardware, we show that the costs per query are orders of magnitude lower than any (existing or) potential future software-only mechanisms. TrustedDB is built and runs on actual hardware, and its performance and costs are evaluated here.

[1]  Yaping Li,et al.  Privacy preserving joins on secure coprocessors , 2008 .

[2]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[3]  Michael Gertz,et al.  Handbook of Database Security - Applications and Trends , 2007, Handbook of Database Security.

[4]  Sean W. Smith,et al.  Practical server privacy with secure coprocessors , 2001, IBM Syst. J..

[5]  Pascal Paillier A Trapdoor Permutation Equivalent to Factoring , 1999, Public Key Cryptography.

[6]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[7]  Radu Sion,et al.  On securing untrusted clouds with cryptography , 2010, WPES '10.

[8]  Radu Sion,et al.  TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality , 2014, IEEE Trans. Knowl. Data Eng..

[9]  E. Mykletun,et al.  Incorporating a secure coprocessor in the database-as-a-service model , 2005, Innovative Architecture for Future Generation High-Performance Processors and Systems (IWIA'05).

[10]  Naoki Abe,et al.  Using secure coprocessors for privacy preserving collaborative data mining and analysis , 2006, DaMoN '06.

[11]  Radu Sion,et al.  To cloud or not to cloud?: musings on costs and viability , 2011, SOCC '11.

[12]  Beng Chin Ooi,et al.  Query optimization for massively parallel data processing , 2011, SoCC.

[13]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[14]  Radu Sion,et al.  TrustedDB: A Trusted Hardware based Outsourced Database Engine , 2011, Proc. VLDB Endow..

[15]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[16]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[17]  S. Rajsbaum Foundations of Cryptography , 2014 .

[18]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[19]  David J. DeWitt,et al.  Hybrid-Range Partitioning Strategy: A New Declustering Strategy for Multiprocessor Database Machines , 1990, VLDB.

[20]  Divyakant Agrawal,et al.  A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud , 2011, Secure Data Management.

[21]  Chris Clifton,et al.  Security Issues in Querying Encrypted Data , 2005, DBSec.

[22]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[23]  Vivek R. Narasayya,et al.  Integrating vertical and horizontal partitioning into automated physical database design , 2004, SIGMOD '04.

[24]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[25]  KiferMichael,et al.  Databases and transaction processing , 2002 .

[26]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[27]  Jignesh M. Patel,et al.  Cloud databases , 2010, Proc. VLDB Endow..

[28]  Daniel J. Abadi,et al.  The case for determinism in database systems , 2010, Proc. VLDB Endow..

[29]  Tom St Denis,et al.  Cryptography for developers , 2006 .

[30]  Stanley B. Zdonik,et al.  Fast, Secure Encryption for Indexing in a Column-Oriented DBMS , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[31]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[32]  Rajeev Motwani,et al.  Distributing data for secure database services , 2011, PAIS '11.

[33]  Gene Tsudik,et al.  Aggregation Queries in the Database-As-a-Service Model , 2006, DBSec.

[34]  Murat Kantarcioglu,et al.  Sovereign Joins , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[35]  Murat Kantarcioglu,et al.  Building disclosure risk aware query optimizers for relational databases , 2010, Proc. VLDB Endow..

[36]  Sushil Jajodia,et al.  Combining fragmentation and encryption to protect privacy in data storage , 2010, TSEC.

[37]  Luc Bouganim,et al.  Chip-Secured Data Access: Confidential Data on Untrusted Servers , 2002, VLDB.

[38]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[39]  Sean W. Smith Outbound authentication for programmable secure coprocessors , 2004, International Journal of Information Security.

[40]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[41]  Sean W. Smith,et al.  Protecting client privacy with trusted computing at the server , 2005, IEEE Security & Privacy Magazine.

[42]  Michael Stonebraker,et al.  MapReduce and parallel DBMSs: friends or foes? , 2010, CACM.

[43]  Gene Tsudik,et al.  DSAC: integrity for outsourced databases with signature aggregation and chaining , 2005, CIKM '05.

[44]  Jeffrey D. Ullman,et al.  Map-reduce extensions and recursive queries , 2011, EDBT/ICDT '11.

[45]  Mihir Bellare,et al.  New Proofs for NMAC and HMAC: Security without Collision Resistance , 2006, Journal of Cryptology.

[46]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[47]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[48]  Luc Bouganim,et al.  GhostDB: querying visible and hidden data without leaks , 2007, SIGMOD '07.

[49]  Yao Chen,et al.  On the ( Im ) Practicality of Securing Untrusted Computing Clouds with Cryptography , 2010 .

[50]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[51]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[52]  Stanley B. Zdonik,et al.  Answering Aggregation Queries in a Secure System Model , 2007, VLDB.