4 research outputs found
On the Difficulty of Securing Web Applications using CryptDB
CryptDB has been proposed as a practical and secure
middleware to protect databases deployed on semi-honest
cloud servers. While CryptDB provides sufficient protection
under Threat-1, here we demonstrate that when CryptDB is
deployed to secure the cloud hosted database of a realistic web
application, an attacker to database or a Malicious Database
Administrator (mDBA) can easily steal information, and even
escalate his privilege to become the administrator of the
web application. Our attacks, fall under a restricted form
of Threat-2 where we only assume that the attackers or the
mDBA tampers with the CryptDB protected database and is
opens an ordinary user account through the web application.
Our attacks, are carried out assuming perfectly secure proxy
and application servers. Therefore, the attacks work without
recovering the master key residing on the proxy server. At
the root of the attack lies the lack of any integrity checks
for the data in the CryptDB database. We propose a number
of practical countermeasures to mitigate attacks targeting the
integrity of the CryptDB database. We also demonstrate that
the data integrity is not sufficient to protect the databases,
when query integrity and frequency attacks are considered
Dodrant-Homomorphic Encryption for Cloud Databases using Table Lookup
Users of large commercial databases increasingly want to outsource their database operations to a cloud service providers, but guaranteeing the privacy of data in an outsourced database has become the major obstacle to this move. Encrypting all data solves the privacy issue, but makes many operations on the data impossible in the cloud, unless the service provider has the capacity to decrypt data temporarily. Homomorphic encryption would solve this issue, but despite great and on-going progress, it is still far from being operationally feasible. In 2015, we presented what we now call dodrant-homomorphic encryption, a method that encrypts numeric values deterministically using the additively homomorphic Paillier encryption and uses table lookup in order to implement multiplications. We discuss here the security implications of determinism and discuss options to avoid these pitfalls
SafeSpark: a secure data analytics platform using cryptographic techniques and trusted hardware
Dissertação de mestrado em Informatics EngineeringNowadays, most companies resort to data analytics frameworks to extract value from the
increasing amounts of digital information. These systems give substantial competitive ad vantages to companies since they allow to support situations such as possible marketing
decisions or predict user behaviors.
Therefore, organizations tend to leverage the cloud to store and perform analytics over
the data. Database services in the cloud present significant advantages as a high level
of efficiency and flexibility, and the reduction of costs inherent to the maintenance and
management of private infrastructures. The problem is that these services are often a target
for malicious attacks, which means that sensitive and private personal information can be
compromised.
The current secure analytical processing solutions use a limited set of cryptographic
techniques or technologies, which makes it impossible to explore different trade-offs of
performance, security, and functionality requirements for different applications. Moreover,
these systems also do not explore the combination of multiple cryptographic techniques
and trusted hardware to protect sensitive data.
The work presented here addresses this challenge, by using cryptographic schemes and
the Intel SGX technology to protect confidential information, ensuring a practical solution
which can be adapted to applications with different requirements. In detail, this dissertation
begins by exposing a baseline study about cryptographic schemes and the Intel SGX tech nology, followed by the state-of-the-art revision about secure data analytics frameworks.
A new solution based on the Apache Spark framework, called SafeSpark, is proposed. It
provides a modular and extensible architecture and prototype, which allows protecting in formation and processing analytical queries over encrypted data, using three cryptographic
schemes and the SGX technology. We validated the prototype with an experimental evalu ation, where we analyze the performance costs of the solution and also its resource usage.
For this purpose, we use the TPC-DS benchmark to evaluate the proposed solution, and
the results show that it is possible to perform analytical processing on protected data with
a performance impact between 1.13x and 4.1x.Atualmente, um grande número de empresas recorre a ferramentas de análise de dados para extrair valor da quantidade crescente de informações digitais que são geradas. Estes sistemas apresentam consideráveis vantagens competitivas para as empresas, uma vez que permitem suportar situações como melhores decisões de marketing, ou até mesmo prever o comportamento dos seus clientes. Neste sentido, estas organizações tendem a recorrer a serviços de bases de dados na nuvem para armazenar e processar informação, uma vez que estas apresentam vantagens significativas como alto nível de eficiência e flexibilidade, bem como a redução de custos inerentes a manter e gerir uma infraestrutura privada. No entanto, estes serviços são frequentemente alvo de ataques maliciosos, o que leva a que informações pessoais privadas possam estar comprometidas. As soluções atuais de processamento analítico seguro utilizam um conjunto limitado de técnicas criptográficas ou tecnologias, o que impossibilita o balanceamento de diferentes compromissos entre performance, segurança e funcionalidade para diferentes aplicações. Ainda, estes sistemas não permitem explorar a simultânea utilização de técnicas criptográficas e de hardware confiável para proteger informação sensível. O trabalho apresentado nesta dissertação tem como objetivo responder a este desafio, utilizando esquemas criptográficos e a tecnologia Intel SGX para proteger informação confidencial, garantindo unia solução prática que pode ser adaptada a aplicações com diferentes requisitos. Em detalhe, este documento começa por expor um estudo de base sobre esquemas criptográficos e sobre a tecnologia SGX, seguido de uma revisão do estado de arte atual sobre ferramentas de processamento analítico seguro. Uma nova solução baseada na plataforma Apache Spark, chamada SafeSpark, é proposta. Esta providencia uma arquitetura modular e extensível, bem como um protótipo, que possibilita proteger informação e executar interrogações analíticas sobre dados cifrados, utilizando três esquemas criptográficos e a tecnologia Intel SGX. O protótipo foi validado com uma avaliação experimental, onde analisamos a penalização de desempenho da solução, bem como a sua utilização de recursos computacionais. Com este propósito, foi utilizada a plataforma de avaliação TPC-DS para avaliar a solução proposta, e os resultados mostram que é possível executar processamento analítico sobre dados protegidos, apresentando um impacto no desempenho entre 1.13x e 4.1x.This work was partially funded by FCT - Fundação para a Ciência e a Tecnologia, I.P., (Portuguese Foundation for Science and Technology) within project UID/EEA/50014/2019