Compliant Geo-distributed Query Processing

Beedkar, Kaustubh; Quiané-Ruiz, Jorge-Arnulfo; Markl, Volker

doi:10.1145/3448016.3453687

Cited by 8 publications

(2 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Policy language and compliance. Several policy languages can be used to restrict access to data and execution of queries [31,51,52,73,81,81]. IronSafe presents a new declarative policy language that allows users to describe data access and execution policies.…”

Section: Related Workmentioning

confidence: 99%

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

Unnibhavi

Cerdeira

Barbalace

et al. 2022

Proceedings of the 2022 International Conference on Management of Data

View full text Add to dashboard Cite

Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments.In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardwareassisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3× than a host-only secure system, while providing strong security and policy-compliance properties. CCS Concepts• Security and privacy → Trusted computing; Database and storage security.

show abstract

Section: Related Workmentioning

confidence: 99%

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

Unnibhavi

Cerdeira

Barbalace

et al. 2022

Proceedings of the 2022 International Conference on Management of Data

View full text Add to dashboard Cite

show abstract

“…However, such studies require vertex migration to perform graph partitioning, which introduces large inter-DC data movement and may violate privacy regulations when used in geo-distributed environments. A few graph execution models have been proposed specifically for geo-distributed DCs [5,36,48,71]. For example, Monarch [36] proposed to use sampling technique and incremental to reduce the data exchanged across geodistributed DCs.…”

Section: Related Work 71 Geo-distributed Graph Processingmentioning

confidence: 99%

PGPregel

Zhou

Qiu

Lambert

et al. 2022

Proceedings of the 13th Symposium on Cloud Computing

View full text Add to dashboard Cite

HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

show abstract