Traditionally, as soon as
confidentiality becomes a concern, data are encrypted before outsourcing to a
service provider. Any software-based cryptographic constructs then deployed,
for server-side query processing on the encrypted data, inherently limit query
expressiveness. Here, we introduce Trusted DB, an outsourced database prototype
that allows clients to execute SQL queries with privacy and under regulatory
compliance constraints by leveraging server-hosted, tamper-proof trusted
hardware in critical query processing stages, thereby removing any limitations
on the type of supported queries. Despite the cost overhead and performance
limitations of trusted hardware, we show that the costs per query are orders of
magnitude lower than any (existing or) potential future software-only
mechanisms. Trusted DB is built and runs on actual hardware, and its
performance and costs are evaluated here.
No comments:
Post a Comment