1 research outputs found
Enjoy the Untrusted Cloud: A Secure, Scalable and Efficient SQL-like Query Framework for Outsourcing Data
While the security of the cloud remains a concern, a common practice is to
encrypt data before outsourcing them for utilization. One key challenging issue
is how to efficiently perform queries over the ciphertext. Conventional
crypto-based solutions, e.g. partially/fully homomorphic encryption and
searchable encryption, suffer from low performance, poor expressiveness and
weak compatibility. An alternative method that utilizes hardware-assisted
trusted execution environment, i.e., Intel SGX, has emerged recently. On one
hand, such work lacks of supporting scalable access control over multiple data
users. On the other hand, existing solutions are subjected to the key
revocation problem and knowledge extractor vulnerability. In this work, we
leverage the newly hardware-assisted methodology and propose a secure, scalable
and efficient SQL-like query framework named QShield. Building upon Intel SGX,
QShield can guarantee the confidentiality and integrity of sensitive data when
being processed on an untrusted cloud platform. Moreover, we present a novel
lightweight secret sharing method to enable multi-user access control in
QShield, while tackling the key revocation problem. Furthermore, with an
additional trust proof mechanism, QShield guarantees the correctness of queries
and significantly alleviates the possibility to build a knowledge extractor. We
implemented a prototype for QShield and show that QShield incurs minimum
performance cost