StealthDB: a Scalable Encrypted Database with Full SQL Query Support

Vinayagamurthy, Dhinakaran; Gribov, Alexey; Gorbunov, S.

doi:10.2478/popets-2019-0052

Cited by 49 publications

(19 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors of [38] propose StealthDB, an encrypted cloud database build using Intel SGX TEE. The database offers full SQL support and can run on any newer Intel CPU.…”

Section: Literature Review Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

Rannenberg¹,

Pape²,

Tronnier³

et al. 2021

View full text Add to dashboard Cite

The aim of this study was to identify and evaluate different de-identification techniques that may be used in several mobility-related use cases. To do so, four use cases have been defined in accordance with a project partner that focused on the legal aspects of this project, as well as with the VDA/FAT working group. Each use case aims to create different legal and technical issues with regards to the data and information that are to be gathered, used and transferred in the specific scenario. Use cases should therefore differ in the type and frequency of data that is gathered as well as the level of privacy and the speed of computation that is needed for the data. Upon identifying use cases, a systematic literature review has been performed to identify suitable de-identification techniques to provide data privacy. Additionally, external databases have been considered as data that is expected to be anonymous might be reidentified through the combination of existing data with such external data. For each case, requirements and possible attack scenarios were created to illustrate where exactly privacy-related issues could occur and how exactly such issues could impact data subjects, data processors or data controllers. Suitable de-identification techniques should be able to withstand these attack scenarios. Based on a series of additional criteria, de-identification techniques are then analyzed for each use case. Possible solutions are then discussed individually in chapters 6.1 - 6.2. It is evident that no one-size-fits-all approach to protect privacy in the mobility domain exists. While all techniques that are analyzed in detail in this report, e.g., homomorphic encryption, differential privacy, secure multiparty computation and federated learning, are able to successfully protect user privacy in certain instances, their overall effectiveness differs depending on the specifics of each use case.

show abstract

“…The authors of [38] propose StealthDB, an encrypted cloud database build using Intel SGX TEE. The database offers full SQL support and can run on any newer Intel CPU.…”

Section: Literature Review Resultsmentioning

confidence: 99%

“…Figure 16. StealthDB architecture by [38] The work of [39] defines differentially private Oblivious RAM, or ORAM, protocols. The created protocols are evaluated in a TEE and a server-client setting.…”

Section: Trusted Execution Environmentmentioning

confidence: 99%

Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

Rannenberg¹,

Pape²,

Tronnier³

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Other related work has investigated leveraging Trusted Execution Environments (e.g., Intel SGX) for storing or processing sensitive data, in an otherwise non fully trusted scenario or host [24,28,31]. These works are complementary to ours and the consideration of trusted execution environments for delegating part of the computation in our model can represent an interesting direction of investigation.…”

Section: Related Workmentioning

confidence: 93%

An authorization model for query execution in the cloud

et al. 2021

View full text Add to dashboard Cite

We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced accounting for the information content carried in the computation to ensure no information is improperly leaked and adjusting visibility of data on-the-fly. Assignment of operations to subjects takes into consideration the cost of operation execution as well as of the encryption/decryption operations needed to make the assignment authorized. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.

show abstract

“…Third, the corresponding query protocol should not reveal the exact access pattern [39] or query volume [54] information. Despite these constraints, our framework is generic enough to support a large number of existing encrypted databases such as [2,4,9,12,17,21,25,35,38,53,80,82]. Later, in Section 6, we provide a detailed discussion on the compatibility of existing encrypted database schemes with DP-Sync.…”

Section: P4-interoperable With Existing Encrypted Database Solutionsmentioning

confidence: 99%

DP-Sync: Hiding Update Patterns in Secure Outsourced Databases with Differential Privacy

Wang

Bater

Nayak

et al. 2021

Proceedings of the 2021 International Conference on Management of Data

View full text Add to dashboard Cite

In this paper, we consider privacy-preserving update strategies for secure outsourced growing databases. Such databases allow appendonly data updates on the outsourced data structure while analysis is ongoing. Despite a plethora of solutions to securely outsource database computation, existing techniques do not consider the information that can be leaked via update patterns. To address this problem, we design a novel secure outsourced database framework for growing data, DP-Sync, which interoperate with a large class of existing encrypted databases and supports efficient updates while providing differentially-private guarantees for any single update. We demonstrate DP-Sync's practical feasibility in terms of performance and accuracy with extensive empirical evaluations on real world datasets. CCS CONCEPTS• Security and privacy → Data anonymization and sanitization; Management and querying of encrypted data.

show abstract

StealthDB: a Scalable Encrypted Database with Full SQL Query Support

Cited by 49 publications

References 35 publications

Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

An authorization model for query execution in the cloud

DP-Sync: Hiding Update Patterns in Secure Outsourced Databases with Differential Privacy

Contact Info

Product

Resources

About