oblidb oblivious query processing for secure databases
play

ObliDB: Oblivious Query Processing for Secure Databases Saba - PowerPoint PPT Presentation

Apr 04, 2023 •114 likes •438 views

ObliDB: Oblivious Query Processing for Secure Databases Saba Eskandarian Matei Zaharia Stanford University Stanford University Private Data in the Cloud Compromised cloud can: Read data Read queries Alter data Hardware Enclaves A trusted

  1. ObliDB: Oblivious Query Processing for Secure Databases Saba Eskandarian Matei Zaharia Stanford University Stanford University

  2. Private Data in the Cloud Compromised cloud can: Read data Read queries Alter data

  3. Hardware Enclaves A trusted component in untrusted hardware ● Isolation through protected memory ● Authenticity through attestation Currently available through Azure and IBM cloud, among others Untrusted System Secure Channel Enclave -Data Malicious OS with Attestation/Communication -Secrets Client physical access to device still can’t see inside enclave

  4. Enclaves in the Cloud Enclave memory is limited, but data is big! Enclave

  5. Enclaves in the Cloud Enclave

  6. Enclaves in the Cloud Malicious attacker can observe access patterns to encrypted data! Enclave

  7. Enclaves in the Cloud Malicious attacker can observe access patterns to encrypted data! Enclave

  8. Enclaves in the Cloud Malicious attacker can observe access patterns to encrypted data! Enclave

  9. Enclaves in the Cloud Malicious attacker can observe access patterns to encrypted data! “A persistent passive attacker can Enclave extract even more information by observing an application’s access patterns … In our case study applications, this reveals users’ medical conditions, genomes, and contents of shopping carts”

  10. Naive SELECT is not oblivious! Input Table Output Table * * * * *

  11. Naive SELECT is not oblivious! Input Table Output Table * * * * *

  12. Naive SELECT is not oblivious! Input Table Output Table * * * * * *

  13. Naive SELECT is not oblivious! Input Table Output Table * * * * * *

  14. Naive SELECT is not oblivious! Input Table Output Table * * * * * *

  15. Naive SELECT is not oblivious! Input Table Output Table * * * * * * *

  16. Naive SELECT is not oblivious! Input Table Output Table * * * * * * * * * *

  17. Naive SELECT is not oblivious! Input Table Output Table * * * * * * * * * * Watching when we write to the output table reveals exactly which rows of the input table we select!

  18. Toward Obliviousness Prior work solves pieces of the obliviousness problem very well

  19. Toward Obliviousness Prior work solves pieces of the obliviousness problem very well Opaque provides obliviousness for analytic queries that scan entire tables, but no support for indexes

  20. Toward Obliviousness Prior work solves pieces of the obliviousness problem very well Opaque provides obliviousness for analytic queries that scan entire tables, but no support for indexes Oblix provides an oblivious index, but using an oblivious index to process a query obliviously is still non-trivial

  21. Toward Obliviousness Prior work solves pieces of the obliviousness problem very well Opaque provides obliviousness for analytic queries that scan entire tables, but no support for indexes Oblix provides an oblivious index, but using an oblivious index to process a query obliviously is still non-trivial This work: ObliDB, first system to provide obliviousness for general database read workloads over multiple access methods

  22. ObliDB Overview ● Tables stored encrypted in unprotected memory, enclave only holds metadata ● Two oblivious storage methods: flat tables and oblivious indexes ● Supports most SQL operations ● Various algorithms for each operation - can pick best option at runtime Server Enclave Metadata Oblivious Operators Untrusted RAM or Disk Optimizer Table 1 Table 2 Table 3 Indexed Flat Both Integrity Secure Channel ... Checks Client Protected Memory

  23. Security Guarantees ObliDB protects data and query parameters against an attacker with full control of the OS and VMM ● Detects any malicious attempt to tamper with data ● Leaks only query selectivity, table sizes (including intermediate tables), and query plan ● Optional padding mode available to hide table sizes and query selectivity ● Assumption: limited oblivious memory pool

  24. Oblivious Operators ● Selection ○ Small ○ Large ○ Continuous ○ Hash ● Grouping and Aggregation ● Joins ○ Oblivious hash join ○ Oblivious sort-merge join (from Opaque) ○ Zero oblivious memory sort-merge join

  25. Oblivious Operators ● Selection ○ Small ○ Large Oblivious optimizer ○ Continuous chooses best algorithm for ○ Hash each query at runtime ● Grouping and Aggregation ● Joins ○ Oblivious hash join ○ Oblivious sort-merge join (from Opaque) ○ Zero oblivious memory sort-merge join

  26. Oblivious Operators ● Selection ○ Small ○ Large Oblivious optimizer ○ Continuous chooses best algorithm for ○ Hash each query at runtime ● Grouping and Aggregation ● Joins ○ Oblivious hash join ○ Oblivious sort-merge join (from Opaque) ○ Zero oblivious memory sort-merge join

  27. Oblivious SELECT “Large” SELECT Algorithm: use when almost the whole table is selected Input Table Output Table * * Extra * * * * * * * * * * Extra Copy * * * *

  28. Oblivious SELECT “Large” SELECT Algorithm: use when almost the whole table is selected Input Table Output Table * Delete * X * * * * * Dummy write * * * * * X Copy * * * *

  29. Oblivious SELECT “Continuous” SELECT algorithm: use when a continuous range of rows is selected Dummy Input Table write Output Table * Real * write * * * * * *

  30. Oblivious SELECT “Continuous” SELECT algorithm: use when a continuous range of rows is selected Dummy Input Table write Output Table Real write * * * * * * * * * *

  31. ObliDB Performance highlights: - 1.1-19x faster than Opaque (on Big Data Benchmark queries) - Within 2.6x of Spark SQL (on Big Data Benchmark queries) See paper for system details, more oblivious operators, and full evaluation Paper: http://www.vldb.org/pvldb/vol13/p169-eskandarian.pdf Source Code: https://github.com/SabaEskandarian/ObliDB Questions/Contact: saba@cs.stanford.edu

Recommend

Perfectly S Secure O Oblivious A s Algorithms s in t the M Multi-Server S Setting T-H.

Perfectly S Secure O Oblivious A s Algorithms s in t the M Multi-Server S Setting T-H.

Perfectly S Secure O Oblivious A s Algorithms s in t the M Multi-Server S Setting T-H. Hubert Chan, Jonathan Katz, Ka Kartik Nay ayak, Antigoni Polychroniadou, Elaine Shi Defini De ning ng an n Obl Oblivious us RAM Example request

812 views • 33 slides
SecureDB A Secure Query Processing System in the Cloud Group Member: Haibin LIN, Eric

SecureDB A Secure Query Processing System in the Cloud Group Member: Haibin LIN, Eric

SecureDB A Secure Query Processing System in the Cloud Group Member: Haibin LIN, Eric Supervisor: Prof Benjamin Kao Department of Computer Science, University of Hong Kong Overview 1. The Problem 2. Related Work 3. Theoretical Background 4.

763 views • 47 slides
Chapter 3: Top-k Query Processing and Indexing 3.1 Top-k Algorithms 3.2 Approximate Top-k Query

Chapter 3: Top-k Query Processing and Indexing 3.1 Top-k Algorithms 3.2 Approximate Top-k Query

Chapter 3: Top-k Query Processing and Indexing 3.1 Top-k Algorithms 3.2 Approximate Top-k Query Processing 3.3 Index Access Scheduling 3.4 Index Organization and Advanced Query Types 3-1 IRDM WS 2005 3.1 Top-k Query Processing with Scoring

592 views • 36 slides
Searching Sequence databases 1: Searching Sequence databases 1: Blast Blast Query: Query:

Searching Sequence databases 1: Searching Sequence databases 1: Blast Blast Query: Query:

Searching Sequence databases 1: Searching Sequence databases 1: Blast Blast Query: Query: >gi|26339572|dbj|BAC33457.1| unnamed protein product [Mus musculus] MSSTKLEDSLSRRNWSSASELNETQEPFLNPTDYDDEEFLRYLWREYLHPKEYEWVLIAGYIIVFVV

278 views • 8 slides
Query Processing Relevance feedback; query expansion; Web Search 1 Overview Indexes Query

Query Processing Relevance feedback; query expansion; Web Search 1 Overview Indexes Query

Query Processing Relevance feedback; query expansion; Web Search 1 Overview Indexes Query Indexi xing Ranki king Applica cation Results Documents User Information Query y Query analys ysis proce cess ssing Multimedia

740 views • 32 slides
Query Processing over Incomplete Autonomous Databases

Query Processing over Incomplete Autonomous Databases

Query Processing over Incomplete Autonomous Databases

918 views • 52 slides
Secure indexes and other oblivious search structures (Privaatne otsing: indeksid ning

Secure indexes and other oblivious search structures (Privaatne otsing: indeksid ning

Secure indexes and other oblivious search structures (Privaatne otsing: indeksid ning alternatiivid) Sven Laur swen@math.ut.ee Helsinki University of Technology Basic motivation Secure storage problem Client Alice does not have skills for

428 views • 16 slides
1 Recap: Taking Differences Distribution of Integer Values 0.1 idea: use efficient coding

1 Recap: Taking Differences Distribution of Integer Values 0.1 idea: use efficient coding

Recap: Search Engine Query Processing Recap: Search Engine Query Processing Parallel query processing: divide docs between Basically, to process a query we need to traverse the many machines, broadcast results to all inverted lists of the

434 views • 6 slides
Online Query Processing Exposure to online query processing algorithms and fundamentals A

Online Query Processing Exposure to online query processing algorithms and fundamentals A

Goals for Today Online Query Processing Exposure to online query processing algorithms and fundamentals A Tutorial Usage examples Basic sampling techniques and estimators Preferential data delivery Peter J. Haas Online

353 views • 10 slides
CS4224/CS5424 Lecture 9 Distributed Query Processing Query Processing Translates query into a

CS4224/CS5424 Lecture 9 Distributed Query Processing Query Processing Translates query into a

CS4224/CS5424 Lecture 9 Distributed Query Processing Query Processing Translates query into a query plan that minimizes some cost function Minimize total cost CPU cost, I/O cost, & communication cost Minimize response time

841 views • 52 slides
On optimal threshold defender structures of resharing-based oblivious shuffle protocols for

On optimal threshold defender structures of resharing-based oblivious shuffle protocols for

On optimal threshold defender structures of resharing-based oblivious shuffle protocols for secret-shared secure multi-party computations Jan Willemson Cybernetica Trve Theory Days October 7th-9th, 2011 Secret Shared Databases If we

710 views • 16 slides
SECURE QUERY PROCESSING in CLOUD NoSQL Mohammad Ahmadian ahmadian@knights.ucf.edu University of

SECURE QUERY PROCESSING in CLOUD NoSQL Mohammad Ahmadian ahmadian@knights.ucf.edu University of

SECURE QUERY PROCESSING in CLOUD NoSQL Mohammad Ahmadian ahmadian@knights.ucf.edu University of Central Florida April 9, 2017 Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 1 / 42 Goal Research goal is to find an answer to: Is it

725 views • 60 slides
1 Language processing Query Graph Model Two stages: compilation and Vertices execution

1 Language processing Query Graph Model Two stages: compilation and Vertices execution

Outline Extensible Query Processing in Motivation Starburst Solution: Extensible DBMS Language Processing Query Graph Model Presentation: Kati Query rewrite Discussion: Andrew Summary Motivation Starburst Project

281 views • 3 slides
Databases and SQL Databases for data storage and access The Structured Query Language Aaron

Databases and SQL Databases for data storage and access The Structured Query Language Aaron

3/4/13 CS108 Lecture 18: Databases and SQL Databases for data storage and access The Structured Query Language Aaron Stevens 4 March 2013 Computer Science What Youll Learn Today Computer Science How does Facebook generate unique pages

421 views • 17 slides
Generic Construction of UC-Secure Oblivious Transfer O. Blazy , C.Chevalier O. Blazy (Xlim)

Generic Construction of UC-Secure Oblivious Transfer O. Blazy , C.Chevalier O. Blazy (Xlim)

Generic Construction of UC-Secure Oblivious Transfer O. Blazy , C.Chevalier O. Blazy (Xlim) Generic OT 1 / 20 Global Framework 1 Cryptographic Tools 2 1-out-of- t Oblivious Transfer 3 Instantiation 4 Conclusion 5 O. Blazy (Xlim)

852 views • 45 slides
SQL Structured Query Language (SQL) CS 235: The language of databases Based on

SQL Structured Query Language (SQL) CS 235: The language of databases Based on

SQL Structured Query Language (SQL) CS 235: The language of databases Based on relational algebra Introduction to Databases extended algebra operations other extensions. Svetlozar Nestorov Lecture Notes #9 SQL Queries

316 views • 4 slides
Somewhat Non-Committing Encryption and Efficient Adaptively Secure Oblivious Transfer Hong-Sheng

Somewhat Non-Committing Encryption and Efficient Adaptively Secure Oblivious Transfer Hong-Sheng

Somewhat Non-Committing Encryption and Efficient Adaptively Secure Oblivious Transfer Hong-Sheng Zhou University of Connecticut Joint work with Juan Garay (AT&T) and Daniel Wichs (NYU) CRYPTO 2009 Outline Background New Approach

789 views • 36 slides
Exact Query Reformulation with First-order Ontologies and Databases Nhung Ngo Free University of

Exact Query Reformulation with First-order Ontologies and Databases Nhung Ngo Free University of

Exact Query Reformulation with First-order Ontologies and Databases Nhung Ngo Free University of Bolzano A joint work with Enrico Franconi and Volga Kernet Nov 13, 2013 Motivation DBox Query Determinacy Exact Safe-range Query Reformulation

1.31k views • 99 slides
Scalable Uncertainty Management 05 Query Evaluation in Probabilistic Databases Rainer Gemulla

Scalable Uncertainty Management 05 Query Evaluation in Probabilistic Databases Rainer Gemulla

Scalable Uncertainty Management 05 Query Evaluation in Probabilistic Databases Rainer Gemulla Jun 1, 2012 Overview In this lecture Primer: relational calculus Understand complexity of query evaluation How to determine whether a query is

1.54k views • 119 slides
A Practical Oblivious Map Data Structure with Secure Deletion and History Independence Daniel S.

A Practical Oblivious Map Data Structure with Secure Deletion and History Independence Daniel S.

Intro vORAM HIRB Results A Practical Oblivious Map Data Structure with Secure Deletion and History Independence Daniel S. Roche Adam J. Aviv Seung Geol Choi Computer Science Department United States Naval Academy Annapolis, Maryland, USA

395 views • 37 slides
V.3 Query Processing 1. Term-at-a-Time 2. Document-at-a-Time 3. WAND 4. Quit & Continue 5.

V.3 Query Processing 1. Term-at-a-Time 2. Document-at-a-Time 3. WAND 4. Quit & Continue 5.

V.3 Query Processing 1. Term-at-a-Time 2. Document-at-a-Time 3. WAND 4. Quit & Continue 5. Buckleys Algorithm 6. Fagins Threshold Algorithms 7. Query Processing with Importance Scores 8. Query Processing with Champion

2.02k views • 79 slides
Datomic A modern database Databases Perks Declarative Query Language (e.g. SQL) Indexes

Datomic A modern database Databases Perks Declarative Query Language (e.g. SQL) Indexes

Datomic A modern database Databases Perks Declarative Query Language (e.g. SQL) Indexes Transactions (ACI) Durability (D) What are the Problems? Query as Strings Query Power "over there" Update in Place

757 views • 21 slides
Efficient query processing Efficient scoring, distributed query processing Web Search 1 Ranking

Efficient query processing Efficient scoring, distributed query processing Web Search 1 Ranking

Efficient query processing Efficient scoring, distributed query processing Web Search 1 Ranking functions In general, document scoring functions are of the form The BM25 function, is one of the best performing: The term frequency is

648 views • 31 slides
S Security in Outsourced i i O d Databases Databases (Query Answer Assurance) (Q y ) 1

S Security in Outsourced i i O d Databases Databases (Query Answer Assurance) (Q y ) 1

S Security in Outsourced i i O d Databases Databases (Query Answer Assurance) (Q y ) 1 Traditional Client-Server Arch Traditional Client Server Arch. DB Client Query Results Results Owner Client queries are satisfied by a

624 views • 59 slides

More recommend