CryptDB: A Practical Encrypted Relational DBMS Raluca Ada Popa, Nickolai Zeldovich, and Hari Balakrishnan MIT CSAIL New England Database Summit 2011.

Slides:

Advertisements

Similar presentations

DB glossary (focus on typical SQL RDBMS, not XQuery or SPARQL)

Advertisements

Monomi: Practical Analytical Query Processing over Encrypted Data

Querying Encrypted Data using Fully Homomorphic Encryption Murali Mani, UMFlint Talk given at CIDR, Jan 7,

Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide

CryptDB: Protecting Confidentiality with Encrypted Query Processing by Raluca Ada Popa Catherine M. S. Redfield Nickolai Zeldovich Hari Balakrishnan MIT.

Implementing Reflective Access Control in SQL Lars E. Olson 1, Carl A. Gunter 1, William R. Cook 2, and Marianne Winslett 1 1 University of Illinois at.

Sam Madden With a cast of many….

Results of the survey and relational dbs Fall 2011.

CryptDB: Protecting Confidentiality with Encrypted Query Processing

CryptDB: Confidentiality for Database Applications with Encrypted Query Processing Raluca Ada Popa, Catherine Redfield, Nickolai Zeldovich, and Hari Balakrishnan.

Overview and Roadmap for Microsoft SQL Server Security

Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

 Relational Cloud: A Database-as-a-Service for the Cloud Carlo Curino, Evan Jones, Raluca Ada Popa, Nirmesh Malaviya, Eugene Wu, Sam Madden, Hari Balakrishnan,

Database Features Lecture 2. Desirable features in an information system Integrity Referential integrity Data independence Controlled redundancy Security.

Chapter 4 Relational Databases and Enterprise Systems

Database Application Security Models

Database System Concepts and Architecture Lecture # 3 22 June 2012 National University of Computer and Emerging Sciences.

Lecture 11 Main Memory Databases Midterm Review. Time breakdown for Shore DBMS Source: “OLTP Under the Looking Glass”, SIGMOD 2008 Systematically removed.

Introduction. 

Secure Database System. Introduction Database-as-a-Service is gaining popularity – Amazon Relational Database Service (RDS) – Microsoft SQL Azure DB Service.

Practical Database Design and Tuning. Outline  Practical Database Design and Tuning Physical Database Design in Relational Databases An Overview of Database.

Mohammad Ahmadian COP-6087 University of Central Florida.

Database Laboratory TaeHoon Kim. /25 Work Progress(Range Query) 2.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Web Services Week 8 Aims: –Using web services as front ends to databases Objectives: –Review of relational databases –Connecting to and querying databases.

Physical Database Design & Performance. Optimizing for Query Performance For DBs with high retrieval traffic as compared to maintenance traffic, optimizing.

SEC835 Practical aspects of security implementation Part 1.

Computer Security: Principles and Practice

Wai Kit Wong 1, Ben Kao 2, David W. Cheung 2, Rongbin Li 2, Siu Ming Yiu 2 1 Hang Seng Management College, Hong Kong 2 University of Hong Kong.

CYBORG Domain Independent Distributed Database Retrieval System Alok Khemka Kapil Assudani Kedar Fondekar Rahul Nabar.

Wai Kit Wong, Ben Kao, David W. Cheung, Rongbin Li, Siu Ming Yiu.

Module 11: Programming Across Multiple Servers. Overview Introducing Distributed Queries Setting Up a Linked Server Environment Working with Linked Servers.

CPS120: Introduction to Computer Science Lecture 19 Introduction to SQL.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 5 – Database Security.

Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine.

Research Case in Cloud Computing IST 501 Fall 2014 Dongwon Lee, Ph.D.

Executing SQL over Encrypted Data in Database-Service-Provider Model Hakan Hacigumus University of California, Irvine Bala Iyer IBM Silicon Valley Lab.

Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,

Chapter No 4 Query optimization and Data Integrity & Security.

1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.

Protection of outsourced data MARIA ANGEL MARQUEZ ANDRADE.

Secure Query Processing in an Untrusted (Cloud) Environment.

Indexes and Views Unit 7.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

CryptDB: Protecting Confidentiality with Encrypted Query Processing

Query Optimization CMPE 226 Database Systems By, Arjun Gangisetty

Learningcomputer.com SQL Server 2008 –Views, Functions and Stored Procedures.

Secure Data Outsourcing

Chapter 3: Relational Databases

Working with MySQL A290/A590, Fall /07/2014.

Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud.

Relational Database Systems Bartosz Zagorowicz. Flat Databases  Originally databases were flat.  All information was stored in a long text file, called.

7 1 Database Systems: Design, Implementation, & Management, 7 th Edition, Rob & Coronel 7.6 Advanced Select Queries SQL provides useful functions that.

Database Systems, 8 th Edition SQL Performance Tuning Evaluated from client perspective –Most current relational DBMSs perform automatic query optimization.

uses of DB systems DB environment DB structure Codd’s rules current common RDBMs implementations.

SQL SATURDAY #444 – Kansas City, MO. A LOOK AT ALWAYS ENCRYPTED SQL SATURDAY #444 – KANSAS CITY, MO DAVE WALDEN PRINCIPAL SOLUTIONS ARCHITECT DB BEST.

1 Cloud Computing, CS Data in the Cloud: Data-as- a-Service for the Cloud.

Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.

SQL Server 2016 Security Features Marek Chmel Microsoft MVP: Data Platform Microsoft MCT: Regional Lead MCSE: Data Platform Certified Ethical Hacker.

Data in the Cloud: Data-as-a-Service for the Cloud

Database and Cloud Security

Application Security Lecture 27 Aditya Akella.

Query-by-Example (QBE)

Using cryptography in databases and web applications

Security Enhancements in SQL Server 2016

بررسی معماری های امن پایگاه داده از جنبه رمزنگاری

OurSQL = MySQL + Blockchain

CS 5412/Lecture 17 Leave No Trace Behind

SQL Server 2016 Security Features

Presentation transcript:

CryptDB: A Practical Encrypted Relational DBMS Raluca Ada Popa, Nickolai Zeldovich, and Hari Balakrishnan MIT CSAIL New England Database Summit 2011

 Hackers  Curious DB administrators  Physical attacks  Both on public clouds and private data centers  Regulatory laws

Perform SQL query processing on encrypted data Approach Client frontend Database server user queries  Trusted  Stores schema, master key  No query execution  Stores the database and processes SQL queries  Not trusted to keep data private 1. Support standard SQL queries on encrypted data 2. Process queries completely at the DB server 3. No change to existing DBMS

? Example ranknamesalary emp SELECT * FROM emp WHERE salary = 100 x5a8c34 x934bc1 x5a8c34 x84a21c x5a8c34 ≥ x638e5 4 x922eb4 x1eab8 1 SELECT * FROM table1 WHERE col1 = x5a8c34 ≥ Frontend ? x5a8c34 x638e5 4 x922eb4 x638e5 4 x4be219 x95c623 x2ea887 x17cea7 x638e54

1.SQL-aware encryption strategy – Different encryption schemes provide different functionality 2.Adjustable query-based encryption – Adapt encryption of data based on user queries Two techniques

1. SQL-aware encryption Privacy e.g., =, !=, GROUP BY, IN, COUNT, DISTINCT Highest SchemeOperationDetails RNDNone AES in UFE HOM+, * AES in CTR DETequality e.g., Paillier SEARCH joinnew JOIN ILIKE Song et al.’00 OPEorder Boldyreva et al. ’09 e.g., >, <, ORDER BY, SORT, MAX, MIN first practical implementation

Any value JOIN SEARCH DET RND Any value OPE-JOIN OPE RND int value HOM  Each column has the same key in a given layer of an onion Onion 1Onion 2Onion 3 Onions of encryptions

2. Adjustable query-based encryption  Start out the database with the most secure encryption scheme  Adjust encryption dynamically  Strip off levels of the onions: frontend gives key to server using a UDF

Example SELECT * FROM emp WHERE salary = UPDATE table1 SET col3onion1 = DecryptRND(key, col3onion1) Any value JOIN SEARCH DET RND SELECT * FROM table1 WHERE col3onion1 = x 5a8c34 DET emp: ranknamesalary

JOIN needs new crypto  Challenge: do not know which columns will be joined Col2Col1 Client Frontend Join key Col1-Col2  Data items not revealed, cannot join without join key =-

Further components  Inserts, updates, deletes, nested queries  Indexes  Transactions, auto-increments  Optimizations to speed up performance  Not supported: A.a + A.b > B.c

Security converges…  … to maximum privacy for query mix  Onion levels stripped only when new operations needed Steady State: no decryptions at server Practical: typical SQL processing on enlarged tuples

aggregation on salary nothing no filter on a column nothing order predicate on name order Privacy Guarantees emp: ranknamesalary If query has equality predicate on name repeats Never reveal plaintext Server cannot compute unrequested queries requiring new relationships  Formal privacy definition and proof  Implications:

Privacy (cont’d)  DB owner can specify minimum security level for some fields CREATE TABLE emp (SSN text ≥ DET, name text, …)

Implementation Frontend Unmodified DBMS CryptDB PK tables CryptDB UDFs ( user-defined functions) Server Query Results Encrypted Query Encrypted Results SQL Interface  No change to the DBMS  Should work on most SQL DBMS

Portability  Ported CryptDB from Postgres to MySQL with 86 lines of code  No change to MySQL  Code changed was to connect to server, UDF declarations

Low overhead on TPC-C Throughput loss 27% Supports all queries in TPC-C without change

Microbenchmarks from TPC-C

Adjustable encryption  Steady state of columns for TPC-C: 71% of columns remain encrypted with RND Importance of adjustable query-based encryption to privacy  In practice, we expect most sensitive fields to remain at RND or DET (e.g., credit cards)

 Theoretical approaches [Gennaro et al., ’10] – Inefficient  Search on encrypted data (e.g., [Chang, Mitzenmacher ‘05], [Evdokimov, Guenther ’07]) – Restricted set of queries, inefficient  Systems proposals (e.g., [Hacigumus et al., ’02]) – Lower degree of security, rewrite the DBMS, client-side processing Related work

Conclusions  CryptDB is the first practical DBMS for running most standard queries on encrypted data – Runs queries completely at server – Provides provable privacy guarantees – Modest overhead – Does not change the DBMS or client applications Thanks!