TRANSMAT Trusted Operations for Untrusted Database Applications
نویسنده
چکیده
This paper presents a technique for allowing untrusted database applications to perform trusted operations. The approach is based on the TCB subset architecture with a commercial database and a small amount of easily assurable, generic, trusted code for the multilevel operations. The approach uses a trusted path mechanism to stop the threat of Trojan horses.
منابع مشابه
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
In the past decade, we have come to rely on computers for various safety and security-critical tasks, such as securing our homes, operating our vehicles, and controlling our finances. To facilitate these tasks, chip manufacturers have begun including trusted execution environments (TEEs) in their processors, which enable critical code (e.g., cryptographic functions) to run in an isolated hardwa...
متن کاملStealthDB: a Scalable Encrypted Database with Full SQL Query Support
Encrypted database systems provide a great method for protecting sensitive data in untrusted infrastructures. These systems are built using either specialpurpose cryptographic algorithms that support operations over encrypted data, or by leveraging trusted computing co-processors. Strong cryptographic algorithms usually result in high performance overheads (e.g., public-key encryptions, garbled...
متن کاملRunning ZooKeeper Coordination Services in Untrusted Clouds
Cloud computing is a recent trend in computer science. However, privacy concerns and a lack of trust in cloud providers are an obstacle for many deployments. Maturing hardware support for implementing Trusted Execution Environments (TEEs) aims at mitigating these problems. Such technologies allow to run applications in a trusted environment, thereby protecting data from unauthorized access. To ...
متن کاملInformation Flows in Encrypted Databases
In encrypted databases, sensitive data is protected from an untrusted server by encrypting columns using partially homomorphic encryption schemes, and storing encryption keys in a trusted client. However, encrypting columns and protecting encryption keys does not ensure confidentiality sensitive data can leak during query processing due to information flows through the trusted client. In this p...
متن کاملOblivious Search and Updates for Outsourced Tree-Structured Data on Untrusted Servers
Although tree-based index structures, such as B+-trees, R-trees, have proven their advantages to both traditional and modern database applications, they introduce numerous research challenges as database services are outsourced to untrusted servers. In the outsourced database service (ODBS) model, the crucial security research questions mainly relate to data confidentiality, data and user priva...
متن کامل