Secure Database Outsourcing to the Cloud: Side-Channels, Counter-Measures and Trusted Execution
| Autor: | Matthias Gabel, Jeremias Mechler |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
021110 strategic
defence & security studies Guard (information security) business.industry Computer science DATA processing & computer science 0211 other engineering and technologies Cryptography Cloud computing 02 engineering and technology Encryption Computer security computer.software_genre Outsourcing Information sensitivity 020204 information systems High availability 0202 electrical engineering electronic engineering information engineering Resource allocation (computer) ddc:004 business computer |
| Zdroj: | CBMS 2017 IEEE 30th International Symposium on Computer-Based Medical Systems (CBMS) |
| DOI: | 10.1109/cbms.2017.141 |
| Popis: | Outsourcing data processing and storage to the cloud is a persistent trend in the last years. Cloud computing offers many advantages like flexibility in resource allocation, cost reduction and high availability. However, when sensitive information is handed to a third party, security questions are raised since the cloud provider and his employees are not fully trusted. Standard security mechanisms like transport encryption and regular audits alone cannot solve the issue of insider attacks. Additional cryptographic techniques are required. In this paper, we build upon an existing proxy for secure database outsourcing. We address potential side-channels and weaknesses, which are later analyzed and mitigated. Furthermore, we take a look at trusted execution environments (TEEs) like Intel Software Guard Extensions (SGX) and show how they can be applied to allow for secure execution in the secure database outsourcing case. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|