TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality

Author

Bajaj, Sumit ; Sion, Radu

Author_Institution

Comput. Sci. Dept., Stony Brook Univ., Stony Brook, NY, USA

Volume

26

Issue

3

fYear

2014

fDate

Mar-14

Firstpage

752

Lastpage

765

Abstract

Traditionally, as soon as confidentiality becomes a concern, data are encrypted before outsourcing to a service provider. Any software-based cryptographic constructs then deployed, for server-side query processing on the encrypted data, inherently limit query expressiveness. Here, we introduce TrustedDB, an outsourced database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging server-hosted, tamper-proof trusted hardware in critical query processing stages, thereby removing any limitations on the type of supported queries. Despite the cost overhead and performance limitations of trusted hardware, we show that the costs per query are orders of magnitude lower than any (existing or) potential future software-only mechanisms. TrustedDB is built and runs on actual hardware, and its performance and costs are evaluated here.

Keywords

cryptography; data privacy; database management systems; query processing; trusted computing; SQL queries; TrustedDB; data confidentiality; data encryption; data privacy; query expressiveness; regulatory compliance constraints; server-side query processing; software-based cryptographic constructs; software-only mechanisms; tamper-proof trusted hardware; trusted hardware-based database; Data privacy; Encryption; Hardware; Query processing; Servers; Database architectures; privacy; security; special-purpose hardware;

fLanguage

English

Journal_Title

Knowledge and Data Engineering, IEEE Transactions on

Publisher

ieee

ISSN

1041-4347

Type

jour

DOI

10.1109/TKDE.2013.38

Filename

6468039