ABSTRACT
Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments. In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardware-assisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3x than a host-only secure system, while providing strong security and policy-compliance properties.
Supplemental Material
Available for Download
- 175 zettabytes by 2025. https://www.forbes.com/sites/tomcoughlin/2018/11/27/175-zettabytes-by-2025/.Google Scholar
- The 2020 data attack surface report. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/wp-content/uploads/2020/12/ArcserveDataReport2020.pdf.Google Scholar
- Amazon aurora. https://aws.amazon.com/rds/aurora/.Google Scholar
- Amd secure encrypted virtualization (sev). https://developer.amd.com/sev/.Google Scholar
- Aqua (advanced query accelerator) for amazon redshift. https://aws.amazon.com/redshift/features/aqua/.Google Scholar
- Arm Confidential Compute Architecture. https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture.Google Scholar
- Data of 533 million facebook users being sold via telegram bot: Report. https://www.business-standard.com/article/technology/data-of-533-million-facebook-users-being-sold-via-telegram-bot-report-121012600279_1.html.Google Scholar
- Hacker pretends to be evan spiegel to steal snapchat employee data. https://www.forbes.com/sites/thomasbrewster/2016/02/29/snapchat-data-leak/.Google Scholar
- Intelligent query processing in sql databases. https://docs.microsoft.com/en-us/sql/relational-databases/performance/intelligent-query-processing?view=sql-server-ver15.Google Scholar
- I. F. Adams, J. Keys, and M. P. Mesnier. Respecting the block interface - computational storage using virtual objects. In Proceedings of the 11th USENIX Conference on Hot Topics in Storage and File Systems (FAST), 2019.Google ScholarDigital Library
- R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Hippocratic databases. In Proceedings of the 28th International Conference on Very Large Data Bases (VLDB), 2002.Google ScholarDigital Library
- A. Ahmad, K. Kim, M. I. Sarfaraz, and B. Lee. Obliviate: A data oblivious filesystem for intel sgx. In 27th Annual Network and Distributed System Security Symposium (NDSS), 2018.Google ScholarCross Ref
- Y. Ahmad, O. Kennedy, C. Koch, and M. Nikolic. Dbtoaster: Higher-order delta processing for dynamic, frequently fresh views. CoRR, 2012.Google ScholarDigital Library
- Alibaba Cloud's Next-Generation Security Makes Gartner's Report. https://www.alibabacloud.com/blog/alibaba-clouds-next-generation-security-makes-gartners-report_595367.Google Scholar
- S3 select and glacier select -- retrieving subsets of objects. https://aws.amazon.com/blogs/aws/s3-glacier-select/.Google Scholar
- I. Anati, S. Gueron, S. Johnson, and V. Scarlata. Innovative technology for cpu based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy (HASP), 2013.Google Scholar
- arm cca. https://developer.arm.com/architectures/architecture-security-features/confidential-computing.Google Scholar
- ARM. Computational Storage. https://www.arm.com/solutions/storage/computational-storage, 2020.Google Scholar
- Trusted firmware a (tf-a). https://www.trustedfirmware.org/projects/tf-a/.Google Scholar
- Arm. building a secure system using trustzone technology. http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf.Google Scholar
- M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. Above the clouds: A berkeley view of cloud computing. Technical Report UCB/EECS-2009--28, EECS Department, University of California, Berkeley, Feb 2009.Google Scholar
- S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe, M. L. Stillwell, and et al. Scone: Secure linux containers with intel sgx. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2016.Google Scholar
- A. M. Azab, P. Ning, J. Shah, Q. Chen, R. Bhutkar, G. Ganesh, J. Ma, and W. Shen. Hypervision across worlds: Real-time kernel protection from the arm trustzone secure world. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2014.Google ScholarDigital Library
- Microsoft azure. https://azure.microsoft.com/en-us/.Google Scholar
- Azure confidential computing. https://azure.microsoft.com/en-us/solutions/confidential-compute/.Google Scholar
- M. Bailleu, D. Giantsidi, V. Gavrielatos, D. L. Quoc, V. Nagarajan, and P. Bhatotia. Avocado: A secure In-Memory distributed storage system. In 2021 USENIX Annual Technical Conference (USENIX ATC), 2021.Google Scholar
- M. Bailleu, J. Thalheim, P. Bhatotia, C. Fetzer, M. Honda, and K. Vaswani. SPEICHER: Securing lsm-based key-value stores using shielded execution. In 17th USENIX Conference on File and Storage Technologies (FAST), 2019.Google ScholarDigital Library
- A. Barbalace, M. Decky, J. Picorel, and P. Bhatotia. BlockNDP: Block-storage Near Data Processing. In Proceedings of the 1st International Middleware Conference Industrial Track, 2020.Google ScholarDigital Library
- A. Barbalace, A. Iliopoulos, H. Rauchfuss, and G. Brasche. It's time to think about an operating system for near data processing architectures. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems (HotOS), 2017.Google ScholarDigital Library
- A. Baumann, M. Peinado, and G. Hunt. Shielding applications from an untrusted cloud with haven. In 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2014.Google ScholarDigital Library
- K. Beedkar, J.-A. Quiané-Ruiz, and V. Markl. Compliant geo-distributed query processing. In Proceedings of the 2021 International Conference on Management of Data (SIGMOD), 2021.Google ScholarDigital Library
- D. I. Bernard, S. G. Haryadi, J. F. Ariel, and H. Henry. Strongbox: Confidentiality, integrity, and performance using stream ciphers for full drive encryption. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2018.Google Scholar
- P. Bhatotia, R. Rodrigues, and A. Verma. Shredder: Gpu-accelerated incremental storage and computation. In Proceedings of the 10th USENIX Conference on File and Storage Technologies (FAST), 2012.Google ScholarDigital Library
- F. Brasser, D. Kim, C. Liebchen, V. Ganapathy, L. Iftode, and A.-R. Sadeghi. Regulating arm trustzone devices in restricted spaces. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys), 2016.Google ScholarDigital Library
- The 56 biggest data breaches. https://www.upguard.com/blog/biggest-data-breaches.Google Scholar
- J. V. Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In 27th USENIX Security Symposium (USENIX Security), 2018.Google Scholar
- W. Cao, Y. Liu, Z. Cheng, N. Zheng, W. Li, W. Wu, L. Ouyang, P. Wang, Y. Wang, R. Kuan, Z. Liu, F. Zhu, and T. Zhang. POLARDB meets computational storage: Efficiently support analytical workloads in cloud-native relational database. In 18th USENIX Conference on File and Storage Technologies (FAST), 2020.Google Scholar
- California consumer privacy act (ccpa). https://oag.ca.gov/privacy/ccpa.Google Scholar
- Why ceph on arm is a killer combination for enterprise storage? https://softiron.com/blog/why-ceph-on-arm-is-a-killer-combination-for-enterprise-storage/.Google Scholar
- Control Group v2. https://www.kernel.org/doc/Documentation/cgroup-v2.txt.Google Scholar
- S. Chaudhuri, T. Dutta, and S. Sudarshan. Fine grained authorization through predicated grants. In Proceedings of the 23rd International Conference on Data Engineering ICDE, 2007.Google ScholarCross Ref
- C. che Tsai, D. E. Porter, and M. Vij. Graphene-sgx: A practical library OS for unmodified applications on SGX. In USENIX Annual Technical Conference (USENIX ATC), 2017.Google Scholar
- Solidrun clearfog cx lx2k board. https://shop.solid-run.com/product-category/embedded-computers/nxp-family/clearfog-cx-lx2k/.Google Scholar
- IronSafe code. https://github.com/harshanavkis/ironsafe.Google Scholar
- N. Crooks, M. Burke, E. Cecchetti, S. Harel, R. Agarwal, and L. Alvisi. Obladi: Oblivious serializable transactions in the cloud. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18), pages 727--743, Carlsbad, CA, Oct. 2018. USENIX Association.Google Scholar
- J. Do, Y.-S. Kee, J. M. Patel, C. Park, K. Park, and D. J. DeWitt. Query processing on smart ssds: Opportunities and challenges. In Proceedings of the ACM SIGMOD International Conference on Management of Data, 2013.Google ScholarDigital Library
- J. Do, S. Sengupta, and S. Swanson. Programmable solid-state storage in future cloud datacenters. Communications of the ACM, 62(6):54--62, 2019.Google ScholarDigital Library
- E. Elnikety, A. Mehta, A. Vahldiek-Oberwagner, D. Garg, and P. Druschel. Thoth: Comprehensive policy compliance in data retrieval systems. In 25th USENIX Security Symposium (USENIX Security), 2016.Google Scholar
- F. Emekci, D. Agrawal, A. Abbadi, and A. Gulbeden. Privacy preserving query processing using third parties. In 22nd International Conference on Data Engineering (ICDE), 2006.Google ScholarDigital Library
- Introduction to emmc. https://www.slideshare.net/linaroorg/intro-to-emmc.Google Scholar
- N. L. Farnan, A. J. Lee, P. K. Chrysanthis, and T. Yu. Don't reveal my intension: Protecting user privacy using declarative preferences during distributed query processing. In Proceedings of the 16th European Conference on Research in Computer Security (ESORICS), 2011.Google ScholarCross Ref
- N. L. Farnan, A. J. Lee, P. K. Chrysanthis, and T. Yu. Paqo: A preference-aware query optimizer for postgresql. Proc. VLDB Endow., 2013.Google ScholarDigital Library
- The cnil's restricted committee imposes a financial penalty of 50 million euros against google llc. https://www.cnil.fr/en/cnils-restricted-committee-imposes-financial-penalty-50-million-euros-against-google-llc.Google Scholar
- D. Garg and F. Pfenning. A proof-carrying file system. In IEEE Symposium on Security and Privacy (S&P), 2010.Google ScholarDigital Library
- Data deletion on google cloud platform. https://cloud.google.com/security/deletion/.Google Scholar
- Google cloud. https://cloud.google.com/.Google Scholar
- Introducing Google Cloud Confidential Computing with Confidential VMs. https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-confidential-computing-with-confidential-vms.Google Scholar
- F. Gregor, W. Ozga, S. Vaucher, R. Pires, D. L. Quoc, S. Arnautov, A. Martin, V. Schiavoni, P. Felber, and C. Fetzer. Trust management as a service: Enabling trusted execution in the face of byzantine stakeholders. In International Conference on Dependable Systems and Networks, (DSN 2020), 2020.Google ScholarCross Ref
- B. Gu, A. S. Yoon, D.-H. Bae, I. Jo, J. Lee, J. Yoon, J.-U. Kang, M. Kwon, C. Yoon, S. Cho, and et al. Biscuit: A framework for near-data processing of big data workloads. In Proceedings of the 43rd International Symposium on Computer Architecture (ISCA), 2016.Google ScholarDigital Library
- B. Gu, A. S. Yoon, D.-H. Bae, I. Jo, J. Lee, J. Yoon, J.-U. Kang, M. Kwon, C. Yoon, S. Cho, J. Jeong, and D. Chang. Biscuit: A framework for near-data processing of big data workloads. In Proceedings of the 43rd International Symposium on Computer Architecture (ISCA, 2016.Google ScholarDigital Library
- M. H"ahnel, W. Cui, and M. Peinado. High-resolution side channels for untrusted operating systems. In 2017 USENIX Annual Technical Conference (USENIX ATC), 2017.Google Scholar
- A. Y. Halevy. Answering queries using views: A survey. The VLDB Journal, 2001.Google ScholarDigital Library
- Taishan 200 server, 5290 storage model. https://e.huawei.com/uk/products/servers/taishan-server/taishan-5290.Google Scholar
- Data-in-use protection on IBM Cloud using Intel SGX. https://www.ibm.com/cloud/blog/data-use-protection-ibm-cloud-using-intel-sgx.Google Scholar
- Intel corporation. attestation service for intel software guardextensions (intel sgx): Api documentation. https://api.trustedservices.intel.com/documents/sgx-attestation-api-spec.pdf.Google Scholar
- Intel software guard extensions (intel sgx). https://software.intel.com/en-us/sgx.Google Scholar
- Z. István, S. Ponnapalli, and V. Chidambaram. Software-defined data protection: Low overhead policy compliance at the storage layer is within reach! Proc. VLDB Endow., 2021.Google ScholarDigital Library
- M. Jayashree, W. Melissa, and C. Vijay. Analyzing GDPR compliance through the lens of privacy policy. In Heterogeneous Data Management, Polystores, and Analytics for Healthcare - VLDB Workshops, Poly and DMAH, 2019.Google Scholar
- I. Jo, D.-H. Bae, A. S. Yoon, J.-U. Kang, S. Cho, D. D. G. Lee, and J. Jeong. Yoursql: A high-performance database system leveraging in-storage computing. Proc. VLDB Endow., 9(12):924--935, Aug. 2016.Google ScholarDigital Library
- T. Kim, J. Park, J. Woo, S. Jeon, and J. Huh. Shieldstore: Shielded in-memory key-value storage with sgx. In Proceedings of the Fourteenth EuroSys Conference 2019 (EuroSys), 2019.Google ScholarDigital Library
- G. Koo, K. K. Matam, T. I, H. V. K. G. Narra, J. Li, H.-W. Tseng, S. Swanson, and M. Annavaram. Summarizer: Trading communication with computing near storage. In Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), 2017.Google ScholarDigital Library
- I. Kotsogiannis, Y. Tao, X. He, M. Fanaeepour, A. Machanavajjhala, M. Hay, and G. Miklau. Privatesql: A differentially private sql query engine. Proc. VLDB Endow., 2019.Google ScholarDigital Library
- R. Krahn, B. Trach, A. Vahldiek-Oberwagner, T. Knauth, P. Bhatotia, and C. Fetzer. Pesos: Policy enhanced secure object store. In Proceedings of the Thirteenth European Conference on Computer Systems (EuroSys), 2018.Google ScholarDigital Library
- T. Kraska, M. Stonebraker, M. Brodie, S. Servan-Schreiber, and D. J. Weitzner. Datumdb: A data protection database proposal. In Poly'19 co-located at VLDB 2019, 2019.Google Scholar
- T. Kraska, M. Stonebraker, M. L. Brodie, S. Servan-Schreiber, and D. J. Weitzner. Schengendb: A data protection database proposal. In V. Gadepally, T. G. Mattson, M. Stonebraker, F. Wang, G. Luo, Y. Laing, and A. Dubovitskaya, editors, Heterogeneous Data Management, Polystores, and Analytics for Healthcare - VLDB 2019 Workshops, Poly and DMAH, 2019.Google ScholarCross Ref
- D. Le Quoc, F. Gregor, J. Singh, and C. Fetzer. Sgx-pyspark: Secure distributed data analytics. In The World Wide Web Conference (WWW), 2019.Google ScholarDigital Library
- K. LeFevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, and D. DeWitt. Limiting disclosure in hippocratic databases. In Proceedings of the Thirtieth International Conference on Very Large Data Bases (VLDB), 2004.Google ScholarDigital Library
- H. Li, M. Hao, S. Novakovic, V. Gogte, S. Govindan, D. Ports, I. Zhang, R. Bianchini, H. S. Gunawi, and A. Badam. Leapio: Efficient and portable virtual nvme storage on arm socs. In Proceedings on the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2020.Google ScholarDigital Library
- X. Li, H. Hu, G. Bai, Y. Jia, Z. Liang, and P. Saxena. Droidvault: A trusted data vault for android devices. In 19th International Conference on Engineering of Complex Computer Systems (ICECCS), 2014.Google ScholarDigital Library
- F. D. McSherry. Privacy integrated queries: An extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data (SIGMOD), 2009.Google ScholarDigital Library
- A. Mehta, E. Elnikety, K. Harvey, D. Garg, and P. Druschel. Qapla: Policy compliance for database-backed systems. In 26th USENIX Security Symposium (USENIX Security), 2017.Google Scholar
- C. Mihali, A. Hangan, G. Sebestyen, and Z. István. The case for adding privacy-related offloading to smart storage. In Proceedings of the 14th ACM International Conference on Systems and Storage (SYSTOR), 2021.Google ScholarDigital Library
- P. Mishra, R. Poddar, J. Chen, A. Chiesa, and R. A. Popa. Oblix: An efficient oblivious search index. In IEEE Symposium on Security and Privacy (S&P), 2018.Google ScholarCross Ref
- A. Motro. An access authorization model for relational databases based on algebraic manipulation of view definitions. In Proceedings of the Fifth International Conference on Data Engineering (ICDE), 1989.Google ScholarDigital Library
- N. Santos, R. Rodrigues, K. P. Gummadi, and S. Saroiu. Towards trusted cloud computing. In Proceedings of the 1st USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2009.Google ScholarDigital Library
- A. Narayan and A. Haeberlen. Djoin: Differentially private join queries over distributed databases. In Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2012.Google Scholar
- NGD Systems. https://www.ngdsystems.com/, 2020.Google Scholar
- Eideticom. https://www.eideticom.com/. Last accessed: Jan 2020.Google Scholar
- NVMe Specifications. https://nvmexpress.org/specifications/. Last accessed: Jan 2020.Google Scholar
- O. Ohrimenko, F. Schuster, C. Fournet, A. Mehta, S. Nowozin, K. Vaswani, and M. Costa. Oblivious multi-party machine learning on trusted processors. In Proceedings of the 25th USENIX Conference on Security Symposium (USENIX Security), 2016.Google ScholarDigital Library
- Secure storage. https://optee.readthedocs.io/en/latest/architecture/secure_storage.html.Google Scholar
- Open portable trusted execution environment. https://www.op-tee.org/.Google Scholar
- Oracle Exadata. https://www.oracle.com/engineered-systems/exadata/, 2020.Google Scholar
- A. Papadimitriou, R. Bhagwan, N. Chandran, R. Ramjee, A. Haeberlen, H. Singh, A. Modi, and S. Badrinarayanan. Big data analytics over encrypted datasets with seabed. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2016.Google ScholarDigital Library
- S. Pinto and N. Santos. Demystifying arm trustzone: A comprehensive survey. ACM Computing Surveys (CSUR), 2019.Google ScholarDigital Library
- R. Poddar, T. Boelter, and R. A. Popa. Arx: An encrypted database using semantically secure encryption. Proc. VLDB Endow., 12(11):1664--1678, July 2019.Google ScholarDigital Library
- R. Poddar, C. Lan, R. A. Popa, and S. Ratnasamy. Safebricks: Shielding network functions in the cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2018.Google Scholar
- R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. Cryptdb: Protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles (SOSP), 2011.Google ScholarDigital Library
- C. Priebe, K. Vaswani, and M. Costa. Enclavedb: A secure database using sgx. In IEEE Symposium on Security and Privacy (S&P), 2018.Google ScholarCross Ref
- D. L. Quoc, F. Gregor, S. Arnautov, R. Kunkel, P. Bhatotia, and C. Fetzer. Securetf: A secure tensorflow framework. In Proceedings of the 21st International Middleware Conference (Middleware), 2020.Google ScholarDigital Library
- G. D. P. Regulation. Regulation eu 2016/679 of the european parliament and of the council of 27 april 2016. Official Journal of the European Union. Available at: http://ec. europa. eu/justice/data-protection/reform/files/regulation_oj_en. pdf (accessed 20 September 2017), 2016.Google Scholar
- RISC-V. Keystone Open-source Secure Hardware Enclave. https://keystone-enclave.org/.Google Scholar
- S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy. Extending query rewriting techniques for fine-grained access control. In Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, 2004.Google ScholarDigital Library
- N. Santos, K. P. Gummadi, and R. Rodrigues. Towards trusted cloud computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing (HotCloud), 2009.Google ScholarDigital Library
- N. Santos, H. Raj, S. Saroiu, and A. Wolman. Using arm trustzone to build a trusted language runtime for mobile applications. In Proceedings of the 19th international conference on Architectural support for programming languages and operating systems (ASPLOS), 2014.Google ScholarDigital Library
- N. Santos, R. Rodrigues, and B. Ford. Enhancing the os against security threats in system administration. In Proceedings of the 13th International Middleware Conference (Middleware), 2012.Google ScholarDigital Library
- N. Santos, R. Rodrigues, K. P. Gummadi, and S. Saroiu. Policy-sealed data: A new abstraction for building trusted cloud services. In 21st USENIX Security Symposium (USENIX Security), 2012.Google Scholar
- F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich. Vc3: Trustworthy data analytics in the cloud using sgx. In IEEE Symposium on Security and Privacy (S&P), 2015.Google ScholarDigital Library
- S. Shastri, M. Wasserman, and V. Chidambaram. Gdpr anti-patterns. Commun. ACM, 2021.Google ScholarDigital Library
- R. Shay, U. Blumenthal, V. Gadepally, A. Hamlin, J. D. Mitchell, and R. K. Cunningham. Don't even ask: Database access control through query control. SIGMOD Rec., 2019.Google ScholarDigital Library
- A. Singh and K. Chatterjee. Cloud security issues and challenges: A survey. Journal of Network and Computer Applications, 79:88--115, 2017.Google ScholarDigital Library
- Samsung. https://www.nimbix.net/wp-content/uploads/2019/07/SmartSSD_Product_Brief_Digital.pdf. Last accessed: Jan 2020.Google Scholar
- SQLite. https://www.sqlite.org/.Google Scholar
- SQLCipher. https://www.zetetic.net/sqlcipher/.Google Scholar
- S. Supreeth, W. Melissa, and C. Vijay. GDPR anti-patterns: How design and operation of modern cloud-scale systems conflict with GDPR. CoRR, 2019.Google Scholar
- S. Supreeth, W. Melissa, and C. Vijay. The seven sins of personal-data processing systems under GDPR. In 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2019.Google Scholar
- S. Supreeth, B. Vinay, W. Melissa, K. Arun, and C. Vijay. Understanding and benchmarking the impact of GDPR on database systems. Proceedings of the VLDB Endowment, 2020.Google Scholar
- Introduction to Trusted Execution Environments. https://globalplatform.org/wp-content/uploads/2018/05/Introduction-to-Trusted-Execution-Environment-15May2018.pdf.Google Scholar
- J. Thalheim, H. Unnibhavi, C. Priebe, P. Bhatotia, and P. Pietzuch. Rkt-io: A direct i/o stack for shielded execution. In Proceedings of the Sixteenth European Conference on Computer Systems (EuroSys), 2021.Google ScholarDigital Library
- TPC-H. http://www.tpc.org/tpch/.Google Scholar
- B. Trach, R. Faqeh, O. Oleksenko, W. Ozga, P. Bhatotia, and C. Fetzer. T-lease: A trusted lease primitive for distributed systems. In Proceedings of the 11th ACM Symposium on Cloud Computing (SoCC), 2020.Google ScholarDigital Library
- B. Trach, A. Krohmer, F. Gregor, S. Arnautov, P. Bhatotia, and C. Fetzer. Shieldbox: Secure middleboxes using shielded execution. In Proceedings of the Symposium on SDN Research (SOSR), 2018.Google ScholarDigital Library
- B. Trach, O. Oleksenko, F. Gregor, P. Bhatotia, and C. Fetzer. Clemmys: Towards secure remote execution in faas. In Proceedings of the 12th ACM International Conference on Systems and Storage (SYSTOR), 2019.Google ScholarDigital Library
- S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich. Processing analytical queries over encrypted data. Proceedings of the VLDB Endowment, 2013.Google ScholarDigital Library
- A. Vahldiek-Oberwagner, E. Elnikety, A. Mehta, D. Garg, P. Druschel, R. Rodrigues, J. Gehrke, and A. Post. Guardat: Enforcing data policies at the storage layer. In Proceedings of the Tenth European Conference on Computer Systems (EuroSys), 2015.Google ScholarDigital Library
- N. Volgushev, M. Schwarzkopf, B. Getchell, M. Varia, A. Lapets, and A. Bestavros. Conclave: Secure multi-party computation on big data. In Proceedings of the Fourteenth EuroSys Conference (EuroSys), 2019.Google ScholarDigital Library
- S. Volos, K. Vaswani, and R. Bruno. Graviton: Trusted execution environments on gpus. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI ), 2018.Google Scholar
- Y. Xu, W. Cui, and M. Peinado. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In IEEE Symposium on Security and Privacy (S&P), 2015.Google ScholarDigital Library
- M. H. Yun and L. Zhong. Ginseng: Keeping secrets in registers when you distrust the operating system. In 26th Annual Network and Distributed System Security Symposium (NDSS), 2019.Google ScholarCross Ref
- W. Zheng, A. Dave, J. G. Beekman, R. A. Popa, J. E. Gonzalez, and I. Stoica. Opaque: An oblivious and encrypted distributed analytics platform. In Proceedings of the 14th USENIX Conference on Networked Systems Design and Implementation (NSDI), 2017.Google Scholar
- J. Zhu, R. Hou, X. Wang, W. Wang, J. Cao, B. Zhao, Z. Wang, Y. Zhang, J. Ying, L. Zhang, et al. Enabling rack-scale confidential computing using heterogeneous trusted execution environment. In IEEE Symposium on Security and Privacy (S&P), 2020.Google ScholarCross Ref
Index Terms
- Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures
Recommendations
A logical specification and analysis for SELinux MLS policy
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologiesThe SELinux mandatory access control (MAC) policy has recently added a multi-level security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of this policy makes it ...
A logical specification and analysis for SELinux MLS policy
The SELinux mandatory access control (MAC) policy has recently added a multilevel security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of the SELinux MLS model makes ...
Heterogeneous Isolated Execution for Commodity GPUs
ASPLOS '19: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating SystemsTraditional CPUs and cloud systems based on them have embraced the hardware-based trusted execution environments to securely isolate computation from malicious OS or hardware attacks. However, GPUs and their cloud deployments have yet to include such ...
Comments