Secure database-as-a-service with Cipherbase

  • Authors:

  • Arvind Arasu;Spyros Blanas;Ken Eguro;Manas Joglekar;Raghav Kaushik;Donald Kossmann;Ravi Ramamurthy;Prasang Upadhyaya;Ramarathnam Venkatesan

  • Affiliations:

  • Microsoft Research, Redmond, WA, USA;University of Wisconsin, Madison, WI, USA;Microsoft Research, Redmond, WA, USA;Stanford University, Stanford, CA, USA;Microsoft, Redmond, WA, USA;ETH, Zurich, Switzerland;Microsoft, Redmond, WA, USA;University of Washington, Seattle, WA, USA;Microsoft, Redmond, WA, USA

  • Venue:
  • Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
  • Year:
  • 2013

Quantified Score

Hi-index 0.00

Visualization

Abstract

Data confidentiality is one of the main concerns for users of public cloud services. The key problem is protecting sensitive data from being accessed by cloud administrators who have root privileges and can remotely inspect the memory and disk contents of the cloud servers. While encryption is the basic mechanism that can leveraged to provide data confidentiality, providing an efficient database-as-a-service that can run on encrypted data raises several interesting challenges. In this demonstration we outline the functionality of Cipherbase --- a full fledged SQL database system that supports the full generality of a database system while providing high data confidentiality. Cipherbase has a novel architecture that tightly integrates custom-designed trusted hardware for performing operations on encrypted data securely such that an administrator cannot get access to any plaintext corresponding to sensitive data.