research-article

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

Authors:
Harshavardhan Unnibhavi

Technical University of Munich, Munich, Germany

Technical University of Munich, Munich, Germany
View Profile

,
David Cerdeira

Centro ALGORITMI, Universidade do Minho, Minho, Portugal

Centro ALGORITMI, Universidade do Minho, Minho, Portugal
View Profile

,
Antonio Barbalace

The University of Edinburgh, Edinburgh, United Kingdom

The University of Edinburgh, Edinburgh, United Kingdom
View Profile

,
Nuno Santos

INESC-ID / Instituto Superior Técnico, Universidade de Lisboa, Lisbon, Portugal

INESC-ID / Instituto Superior Técnico, Universidade de Lisboa, Lisbon, Portugal
View Profile

,
Pramod Bhatotia

Technical University of Munich, Munich, Germany

Technical University of Munich, Munich, Germany
View Profile

SIGMOD '22: Proceedings of the 2022 International Conference on Management of DataJune 2022Pages 1462–1477https://doi.org/10.1145/3514221.3517913

Published:11 June 2022Publication History

SIGMOD '22: Proceedings of the 2022 International Conference on Management of Data

Pages 1462–1477

ABSTRACT

Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments. In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardware-assisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3x than a host-only secure system, while providing strong security and policy-compliance properties.

Supplemental Material

Available for Download

pdf

Read me (57.6 KB)

zip

Source Code (8.7 MB)

References

175 zettabytes by 2025. https://www.forbes.com/sites/tomcoughlin/2018/11/27/175-zettabytes-by-2025/.Google Scholar
The 2020 data attack surface report. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/wp-content/uploads/2020/12/ArcserveDataReport2020.pdf.Google Scholar
Amazon aurora. https://aws.amazon.com/rds/aurora/.Google Scholar
Amd secure encrypted virtualization (sev). https://developer.amd.com/sev/.Google Scholar
Aqua (advanced query accelerator) for amazon redshift. https://aws.amazon.com/redshift/features/aqua/.Google Scholar
Arm Confidential Compute Architecture. https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture.Google Scholar
Data of 533 million facebook users being sold via telegram bot: Report. https://www.business-standard.com/article/technology/data-of-533-million-facebook-users-being-sold-via-telegram-bot-report-121012600279_1.html.Google Scholar
Hacker pretends to be evan spiegel to steal snapchat employee data. https://www.forbes.com/sites/thomasbrewster/2016/02/29/snapchat-data-leak/.Google Scholar
Intelligent query processing in sql databases. https://docs.microsoft.com/en-us/sql/relational-databases/performance/intelligent-query-processing?view=sql-server-ver15.Google Scholar
I. F. Adams, J. Keys, and M. P. Mesnier. Respecting the block interface - computational storage using virtual objects. In Proceedings of the 11th USENIX Conference on Hot Topics in Storage and File Systems (FAST), 2019.Google ScholarDigital Library
R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Hippocratic databases. In Proceedings of the 28th International Conference on Very Large Data Bases (VLDB), 2002.Google ScholarDigital Library
A. Ahmad, K. Kim, M. I. Sarfaraz, and B. Lee. Obliviate: A data oblivious filesystem for intel sgx. In 27th Annual Network and Distributed System Security Symposium (NDSS), 2018.Google ScholarCross Ref
Y. Ahmad, O. Kennedy, C. Koch, and M. Nikolic. Dbtoaster: Higher-order delta processing for dynamic, frequently fresh views. CoRR, 2012.Google ScholarDigital Library
Alibaba Cloud's Next-Generation Security Makes Gartner's Report. https://www.alibabacloud.com/blog/alibaba-clouds-next-generation-security-makes-gartners-report_595367.Google Scholar
S3 select and glacier select -- retrieving subsets of objects. https://aws.amazon.com/blogs/aws/s3-glacier-select/.Google Scholar
I. Anati, S. Gueron, S. Johnson, and V. Scarlata. Innovative technology for cpu based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy (HASP), 2013.Google Scholar
arm cca. https://developer.arm.com/architectures/architecture-security-features/confidential-computing.Google Scholar
ARM. Computational Storage. https://www.arm.com/solutions/storage/computational-storage, 2020.Google Scholar
Trusted firmware a (tf-a). https://www.trustedfirmware.org/projects/tf-a/.Google Scholar
Arm. building a secure system using trustzone technology. http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf.Google Scholar
M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. Above the clouds: A berkeley view of cloud computing. Technical Report UCB/EECS-2009--28, EECS Department, University of California, Berkeley, Feb 2009.Google Scholar
S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe, M. L. Stillwell, and et al. Scone: Secure linux containers with intel sgx. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2016.Google Scholar
A. M. Azab, P. Ning, J. Shah, Q. Chen, R. Bhutkar, G. Ganesh, J. Ma, and W. Shen. Hypervision across worlds: Real-time kernel protection from the arm trustzone secure world. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2014.Google ScholarDigital Library
Microsoft azure. https://azure.microsoft.com/en-us/.Google Scholar
Azure confidential computing. https://azure.microsoft.com/en-us/solutions/confidential-compute/.Google Scholar
M. Bailleu, D. Giantsidi, V. Gavrielatos, D. L. Quoc, V. Nagarajan, and P. Bhatotia. Avocado: A secure In-Memory distributed storage system. In 2021 USENIX Annual Technical Conference (USENIX ATC), 2021.Google Scholar
M. Bailleu, J. Thalheim, P. Bhatotia, C. Fetzer, M. Honda, and K. Vaswani. SPEICHER: Securing lsm-based key-value stores using shielded execution. In 17th USENIX Conference on File and Storage Technologies (FAST), 2019.Google ScholarDigital Library
A. Barbalace, M. Decky, J. Picorel, and P. Bhatotia. BlockNDP: Block-storage Near Data Processing. In Proceedings of the 1st International Middleware Conference Industrial Track, 2020.Google ScholarDigital Library
A. Barbalace, A. Iliopoulos, H. Rauchfuss, and G. Brasche. It's time to think about an operating system for near data processing architectures. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems (HotOS), 2017.Google ScholarDigital Library
A. Baumann, M. Peinado, and G. Hunt. Shielding applications from an untrusted cloud with haven. In 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2014.Google ScholarDigital Library
K. Beedkar, J.-A. Quiané-Ruiz, and V. Markl. Compliant geo-distributed query processing. In Proceedings of the 2021 International Conference on Management of Data (SIGMOD), 2021.Google ScholarDigital Library
D. I. Bernard, S. G. Haryadi, J. F. Ariel, and H. Henry. Strongbox: Confidentiality, integrity, and performance using stream ciphers for full drive encryption. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2018.Google Scholar
P. Bhatotia, R. Rodrigues, and A. Verma. Shredder: Gpu-accelerated incremental storage and computation. In Proceedings of the 10th USENIX Conference on File and Storage Technologies (FAST), 2012.Google ScholarDigital Library
F. Brasser, D. Kim, C. Liebchen, V. Ganapathy, L. Iftode, and A.-R. Sadeghi. Regulating arm trustzone devices in restricted spaces. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys), 2016.Google ScholarDigital Library
The 56 biggest data breaches. https://www.upguard.com/blog/biggest-data-breaches.Google Scholar
J. V. Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In 27th USENIX Security Symposium (USENIX Security), 2018.Google Scholar
W. Cao, Y. Liu, Z. Cheng, N. Zheng, W. Li, W. Wu, L. Ouyang, P. Wang, Y. Wang, R. Kuan, Z. Liu, F. Zhu, and T. Zhang. POLARDB meets computational storage: Efficiently support analytical workloads in cloud-native relational database. In 18th USENIX Conference on File and Storage Technologies (FAST), 2020.Google Scholar
California consumer privacy act (ccpa). https://oag.ca.gov/privacy/ccpa.Google Scholar
Why ceph on arm is a killer combination for enterprise storage? https://softiron.com/blog/why-ceph-on-arm-is-a-killer-combination-for-enterprise-storage/.Google Scholar
Control Group v2. https://www.kernel.org/doc/Documentation/cgroup-v2.txt.Google Scholar
S. Chaudhuri, T. Dutta, and S. Sudarshan. Fine grained authorization through predicated grants. In Proceedings of the 23rd International Conference on Data Engineering ICDE, 2007.Google ScholarCross Ref
C. che Tsai, D. E. Porter, and M. Vij. Graphene-sgx: A practical library OS for unmodified applications on SGX. In USENIX Annual Technical Conference (USENIX ATC), 2017.Google Scholar
Solidrun clearfog cx lx2k board. https://shop.solid-run.com/product-category/embedded-computers/nxp-family/clearfog-cx-lx2k/.Google Scholar
IronSafe code. https://github.com/harshanavkis/ironsafe.Google Scholar
N. Crooks, M. Burke, E. Cecchetti, S. Harel, R. Agarwal, and L. Alvisi. Obladi: Oblivious serializable transactions in the cloud. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18), pages 727--743, Carlsbad, CA, Oct. 2018. USENIX Association.Google Scholar
J. Do, Y.-S. Kee, J. M. Patel, C. Park, K. Park, and D. J. DeWitt. Query processing on smart ssds: Opportunities and challenges. In Proceedings of the ACM SIGMOD International Conference on Management of Data, 2013.Google ScholarDigital Library
J. Do, S. Sengupta, and S. Swanson. Programmable solid-state storage in future cloud datacenters. Communications of the ACM, 62(6):54--62, 2019.Google ScholarDigital Library
E. Elnikety, A. Mehta, A. Vahldiek-Oberwagner, D. Garg, and P. Druschel. Thoth: Comprehensive policy compliance in data retrieval systems. In 25th USENIX Security Symposium (USENIX Security), 2016.Google Scholar
F. Emekci, D. Agrawal, A. Abbadi, and A. Gulbeden. Privacy preserving query processing using third parties. In 22nd International Conference on Data Engineering (ICDE), 2006.Google ScholarDigital Library
Introduction to emmc. https://www.slideshare.net/linaroorg/intro-to-emmc.Google Scholar
N. L. Farnan, A. J. Lee, P. K. Chrysanthis, and T. Yu. Don't reveal my intension: Protecting user privacy using declarative preferences during distributed query processing. In Proceedings of the 16th European Conference on Research in Computer Security (ESORICS), 2011.Google ScholarCross Ref
N. L. Farnan, A. J. Lee, P. K. Chrysanthis, and T. Yu. Paqo: A preference-aware query optimizer for postgresql. Proc. VLDB Endow., 2013.Google ScholarDigital Library
The cnil's restricted committee imposes a financial penalty of 50 million euros against google llc. https://www.cnil.fr/en/cnils-restricted-committee-imposes-financial-penalty-50-million-euros-against-google-llc.Google Scholar
D. Garg and F. Pfenning. A proof-carrying file system. In IEEE Symposium on Security and Privacy (S&P), 2010.Google ScholarDigital Library
Data deletion on google cloud platform. https://cloud.google.com/security/deletion/.Google Scholar
Google cloud. https://cloud.google.com/.Google Scholar
Introducing Google Cloud Confidential Computing with Confidential VMs. https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-confidential-computing-with-confidential-vms.Google Scholar
F. Gregor, W. Ozga, S. Vaucher, R. Pires, D. L. Quoc, S. Arnautov, A. Martin, V. Schiavoni, P. Felber, and C. Fetzer. Trust management as a service: Enabling trusted execution in the face of byzantine stakeholders. In International Conference on Dependable Systems and Networks, (DSN 2020), 2020.Google ScholarCross Ref
B. Gu, A. S. Yoon, D.-H. Bae, I. Jo, J. Lee, J. Yoon, J.-U. Kang, M. Kwon, C. Yoon, S. Cho, and et al. Biscuit: A framework for near-data processing of big data workloads. In Proceedings of the 43rd International Symposium on Computer Architecture (ISCA), 2016.Google ScholarDigital Library
B. Gu, A. S. Yoon, D.-H. Bae, I. Jo, J. Lee, J. Yoon, J.-U. Kang, M. Kwon, C. Yoon, S. Cho, J. Jeong, and D. Chang. Biscuit: A framework for near-data processing of big data workloads. In Proceedings of the 43rd International Symposium on Computer Architecture (ISCA, 2016.Google ScholarDigital Library
M. H"ahnel, W. Cui, and M. Peinado. High-resolution side channels for untrusted operating systems. In 2017 USENIX Annual Technical Conference (USENIX ATC), 2017.Google Scholar
A. Y. Halevy. Answering queries using views: A survey. The VLDB Journal, 2001.Google ScholarDigital Library
Taishan 200 server, 5290 storage model. https://e.huawei.com/uk/products/servers/taishan-server/taishan-5290.Google Scholar
Data-in-use protection on IBM Cloud using Intel SGX. https://www.ibm.com/cloud/blog/data-use-protection-ibm-cloud-using-intel-sgx.Google Scholar
Intel corporation. attestation service for intel software guardextensions (intel sgx): Api documentation. https://api.trustedservices.intel.com/documents/sgx-attestation-api-spec.pdf.Google Scholar
Intel software guard extensions (intel sgx). https://software.intel.com/en-us/sgx.Google Scholar
Z. István, S. Ponnapalli, and V. Chidambaram. Software-defined data protection: Low overhead policy compliance at the storage layer is within reach! Proc. VLDB Endow., 2021.Google ScholarDigital Library
M. Jayashree, W. Melissa, and C. Vijay. Analyzing GDPR compliance through the lens of privacy policy. In Heterogeneous Data Management, Polystores, and Analytics for Healthcare - VLDB Workshops, Poly and DMAH, 2019.Google Scholar
I. Jo, D.-H. Bae, A. S. Yoon, J.-U. Kang, S. Cho, D. D. G. Lee, and J. Jeong. Yoursql: A high-performance database system leveraging in-storage computing. Proc. VLDB Endow., 9(12):924--935, Aug. 2016.Google ScholarDigital Library
T. Kim, J. Park, J. Woo, S. Jeon, and J. Huh. Shieldstore: Shielded in-memory key-value storage with sgx. In Proceedings of the Fourteenth EuroSys Conference 2019 (EuroSys), 2019.Google ScholarDigital Library
G. Koo, K. K. Matam, T. I, H. V. K. G. Narra, J. Li, H.-W. Tseng, S. Swanson, and M. Annavaram. Summarizer: Trading communication with computing near storage. In Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), 2017.Google ScholarDigital Library
I. Kotsogiannis, Y. Tao, X. He, M. Fanaeepour, A. Machanavajjhala, M. Hay, and G. Miklau. Privatesql: A differentially private sql query engine. Proc. VLDB Endow., 2019.Google ScholarDigital Library
R. Krahn, B. Trach, A. Vahldiek-Oberwagner, T. Knauth, P. Bhatotia, and C. Fetzer. Pesos: Policy enhanced secure object store. In Proceedings of the Thirteenth European Conference on Computer Systems (EuroSys), 2018.Google ScholarDigital Library
T. Kraska, M. Stonebraker, M. Brodie, S. Servan-Schreiber, and D. J. Weitzner. Datumdb: A data protection database proposal. In Poly'19 co-located at VLDB 2019, 2019.Google Scholar
T. Kraska, M. Stonebraker, M. L. Brodie, S. Servan-Schreiber, and D. J. Weitzner. Schengendb: A data protection database proposal. In V. Gadepally, T. G. Mattson, M. Stonebraker, F. Wang, G. Luo, Y. Laing, and A. Dubovitskaya, editors, Heterogeneous Data Management, Polystores, and Analytics for Healthcare - VLDB 2019 Workshops, Poly and DMAH, 2019.Google ScholarCross Ref
D. Le Quoc, F. Gregor, J. Singh, and C. Fetzer. Sgx-pyspark: Secure distributed data analytics. In The World Wide Web Conference (WWW), 2019.Google ScholarDigital Library
K. LeFevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, and D. DeWitt. Limiting disclosure in hippocratic databases. In Proceedings of the Thirtieth International Conference on Very Large Data Bases (VLDB), 2004.Google ScholarDigital Library
H. Li, M. Hao, S. Novakovic, V. Gogte, S. Govindan, D. Ports, I. Zhang, R. Bianchini, H. S. Gunawi, and A. Badam. Leapio: Efficient and portable virtual nvme storage on arm socs. In Proceedings on the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2020.Google ScholarDigital Library
X. Li, H. Hu, G. Bai, Y. Jia, Z. Liang, and P. Saxena. Droidvault: A trusted data vault for android devices. In 19th International Conference on Engineering of Complex Computer Systems (ICECCS), 2014.Google ScholarDigital Library
F. D. McSherry. Privacy integrated queries: An extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data (SIGMOD), 2009.Google ScholarDigital Library
A. Mehta, E. Elnikety, K. Harvey, D. Garg, and P. Druschel. Qapla: Policy compliance for database-backed systems. In 26th USENIX Security Symposium (USENIX Security), 2017.Google Scholar
C. Mihali, A. Hangan, G. Sebestyen, and Z. István. The case for adding privacy-related offloading to smart storage. In Proceedings of the 14th ACM International Conference on Systems and Storage (SYSTOR), 2021.Google ScholarDigital Library
P. Mishra, R. Poddar, J. Chen, A. Chiesa, and R. A. Popa. Oblix: An efficient oblivious search index. In IEEE Symposium on Security and Privacy (S&P), 2018.Google ScholarCross Ref
A. Motro. An access authorization model for relational databases based on algebraic manipulation of view definitions. In Proceedings of the Fifth International Conference on Data Engineering (ICDE), 1989.Google ScholarDigital Library
N. Santos, R. Rodrigues, K. P. Gummadi, and S. Saroiu. Towards trusted cloud computing. In Proceedings of the 1st USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2009.Google ScholarDigital Library
A. Narayan and A. Haeberlen. Djoin: Differentially private join queries over distributed databases. In Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2012.Google Scholar
NGD Systems. https://www.ngdsystems.com/, 2020.Google Scholar
Eideticom. https://www.eideticom.com/. Last accessed: Jan 2020.Google Scholar
NVMe Specifications. https://nvmexpress.org/specifications/. Last accessed: Jan 2020.Google Scholar
O. Ohrimenko, F. Schuster, C. Fournet, A. Mehta, S. Nowozin, K. Vaswani, and M. Costa. Oblivious multi-party machine learning on trusted processors. In Proceedings of the 25th USENIX Conference on Security Symposium (USENIX Security), 2016.Google ScholarDigital Library
Secure storage. https://optee.readthedocs.io/en/latest/architecture/secure_storage.html.Google Scholar
Open portable trusted execution environment. https://www.op-tee.org/.Google Scholar
Oracle Exadata. https://www.oracle.com/engineered-systems/exadata/, 2020.Google Scholar
A. Papadimitriou, R. Bhagwan, N. Chandran, R. Ramjee, A. Haeberlen, H. Singh, A. Modi, and S. Badrinarayanan. Big data analytics over encrypted datasets with seabed. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2016.Google ScholarDigital Library
S. Pinto and N. Santos. Demystifying arm trustzone: A comprehensive survey. ACM Computing Surveys (CSUR), 2019.Google ScholarDigital Library
R. Poddar, T. Boelter, and R. A. Popa. Arx: An encrypted database using semantically secure encryption. Proc. VLDB Endow., 12(11):1664--1678, July 2019.Google ScholarDigital Library
R. Poddar, C. Lan, R. A. Popa, and S. Ratnasamy. Safebricks: Shielding network functions in the cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2018.Google Scholar
R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. Cryptdb: Protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles (SOSP), 2011.Google ScholarDigital Library
C. Priebe, K. Vaswani, and M. Costa. Enclavedb: A secure database using sgx. In IEEE Symposium on Security and Privacy (S&P), 2018.Google ScholarCross Ref
D. L. Quoc, F. Gregor, S. Arnautov, R. Kunkel, P. Bhatotia, and C. Fetzer. Securetf: A secure tensorflow framework. In Proceedings of the 21st International Middleware Conference (Middleware), 2020.Google ScholarDigital Library
G. D. P. Regulation. Regulation eu 2016/679 of the european parliament and of the council of 27 april 2016. Official Journal of the European Union. Available at: http://ec. europa. eu/justice/data-protection/reform/files/regulation_oj_en. pdf (accessed 20 September 2017), 2016.Google Scholar
RISC-V. Keystone Open-source Secure Hardware Enclave. https://keystone-enclave.org/.Google Scholar
S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy. Extending query rewriting techniques for fine-grained access control. In Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, 2004.Google ScholarDigital Library
N. Santos, K. P. Gummadi, and R. Rodrigues. Towards trusted cloud computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing (HotCloud), 2009.Google ScholarDigital Library
N. Santos, H. Raj, S. Saroiu, and A. Wolman. Using arm trustzone to build a trusted language runtime for mobile applications. In Proceedings of the 19th international conference on Architectural support for programming languages and operating systems (ASPLOS), 2014.Google ScholarDigital Library
N. Santos, R. Rodrigues, and B. Ford. Enhancing the os against security threats in system administration. In Proceedings of the 13th International Middleware Conference (Middleware), 2012.Google ScholarDigital Library
N. Santos, R. Rodrigues, K. P. Gummadi, and S. Saroiu. Policy-sealed data: A new abstraction for building trusted cloud services. In 21st USENIX Security Symposium (USENIX Security), 2012.Google Scholar
F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich. Vc3: Trustworthy data analytics in the cloud using sgx. In IEEE Symposium on Security and Privacy (S&P), 2015.Google ScholarDigital Library
S. Shastri, M. Wasserman, and V. Chidambaram. Gdpr anti-patterns. Commun. ACM, 2021.Google ScholarDigital Library
R. Shay, U. Blumenthal, V. Gadepally, A. Hamlin, J. D. Mitchell, and R. K. Cunningham. Don't even ask: Database access control through query control. SIGMOD Rec., 2019.Google ScholarDigital Library
A. Singh and K. Chatterjee. Cloud security issues and challenges: A survey. Journal of Network and Computer Applications, 79:88--115, 2017.Google ScholarDigital Library
Samsung. https://www.nimbix.net/wp-content/uploads/2019/07/SmartSSD_Product_Brief_Digital.pdf. Last accessed: Jan 2020.Google Scholar
SQLite. https://www.sqlite.org/.Google Scholar
SQLCipher. https://www.zetetic.net/sqlcipher/.Google Scholar
S. Supreeth, W. Melissa, and C. Vijay. GDPR anti-patterns: How design and operation of modern cloud-scale systems conflict with GDPR. CoRR, 2019.Google Scholar
S. Supreeth, W. Melissa, and C. Vijay. The seven sins of personal-data processing systems under GDPR. In 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2019.Google Scholar
S. Supreeth, B. Vinay, W. Melissa, K. Arun, and C. Vijay. Understanding and benchmarking the impact of GDPR on database systems. Proceedings of the VLDB Endowment, 2020.Google Scholar
Introduction to Trusted Execution Environments. https://globalplatform.org/wp-content/uploads/2018/05/Introduction-to-Trusted-Execution-Environment-15May2018.pdf.Google Scholar
J. Thalheim, H. Unnibhavi, C. Priebe, P. Bhatotia, and P. Pietzuch. Rkt-io: A direct i/o stack for shielded execution. In Proceedings of the Sixteenth European Conference on Computer Systems (EuroSys), 2021.Google ScholarDigital Library
TPC-H. http://www.tpc.org/tpch/.Google Scholar
B. Trach, R. Faqeh, O. Oleksenko, W. Ozga, P. Bhatotia, and C. Fetzer. T-lease: A trusted lease primitive for distributed systems. In Proceedings of the 11th ACM Symposium on Cloud Computing (SoCC), 2020.Google ScholarDigital Library
B. Trach, A. Krohmer, F. Gregor, S. Arnautov, P. Bhatotia, and C. Fetzer. Shieldbox: Secure middleboxes using shielded execution. In Proceedings of the Symposium on SDN Research (SOSR), 2018.Google ScholarDigital Library
B. Trach, O. Oleksenko, F. Gregor, P. Bhatotia, and C. Fetzer. Clemmys: Towards secure remote execution in faas. In Proceedings of the 12th ACM International Conference on Systems and Storage (SYSTOR), 2019.Google ScholarDigital Library
S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich. Processing analytical queries over encrypted data. Proceedings of the VLDB Endowment, 2013.Google ScholarDigital Library
A. Vahldiek-Oberwagner, E. Elnikety, A. Mehta, D. Garg, P. Druschel, R. Rodrigues, J. Gehrke, and A. Post. Guardat: Enforcing data policies at the storage layer. In Proceedings of the Tenth European Conference on Computer Systems (EuroSys), 2015.Google ScholarDigital Library
N. Volgushev, M. Schwarzkopf, B. Getchell, M. Varia, A. Lapets, and A. Bestavros. Conclave: Secure multi-party computation on big data. In Proceedings of the Fourteenth EuroSys Conference (EuroSys), 2019.Google ScholarDigital Library
S. Volos, K. Vaswani, and R. Bruno. Graviton: Trusted execution environments on gpus. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI ), 2018.Google Scholar
Y. Xu, W. Cui, and M. Peinado. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In IEEE Symposium on Security and Privacy (S&P), 2015.Google ScholarDigital Library
M. H. Yun and L. Zhong. Ginseng: Keeping secrets in registers when you distrust the operating system. In 26th Annual Network and Distributed System Security Symposium (NDSS), 2019.Google ScholarCross Ref
W. Zheng, A. Dave, J. G. Beekman, R. A. Popa, J. E. Gonzalez, and I. Stoica. Opaque: An oblivious and encrypted distributed analytics platform. In Proceedings of the 14th USENIX Conference on Networked Systems Design and Implementation (NSDI), 2017.Google Scholar
J. Zhu, R. Hou, X. Wang, W. Wang, J. Cao, B. Zhao, Z. Wang, Y. Zhang, J. Ying, L. Zhang, et al. Enabling rack-scale confidential computing using heterogeneous trusted execution environment. In IEEE Symposium on Security and Privacy (S&P), 2020.Google ScholarCross Ref

Index Terms

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures
1. Security and privacy
  1. Database and storage security
  2. Systems security
    1. Operating systems security
      1. Trusted computing

Recommendations

A logical specification and analysis for SELinux MLS policy
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies

The SELinux mandatory access control (MAC) policy has recently added a multi-level security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of this policy makes it ...
Read More
A logical specification and analysis for SELinux MLS policy

The SELinux mandatory access control (MAC) policy has recently added a multilevel security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of the SELinux MLS model makes ...
Read More
Heterogeneous Isolated Execution for Commodity GPUs
ASPLOS '19: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems

Traditional CPUs and cloud systems based on them have embraced the hardware-based trusted execution environments to securely isolate computation from malicious OS or hardware attacks. However, GPUs and their cloud deployments have yet to include such ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SIGMOD '22: Proceedings of the 2022 International Conference on Management of Data
June 2022
2597 pages
ISBN:9781450392495
DOI:10.1145/3514221
General Chair:
Zachary Ives
University of Pennsylvania (USA)
,
Program Chairs:
Angela Bonifati
Lyon 1 University (France)
,
Amr El Abbadi
University of California, Santa Barbara (USA)
Copyright © 2022 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 11 June 2022
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Badges
- Artifacts Available / v1.1
- Artifacts Evaluated & Reusable / v1.1
Author Tags
computational storage
heterogeneous confidential computing
policy compliance
trusted execution
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate785of4,003submissions,20%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 348
  Total Downloads
- Downloads (Last 12 months)129
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.