Download Document

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts

Operational transformation wikipedia , lookup

Expense and cost recovery system (ECRS) wikipedia , lookup

Information privacy law wikipedia , lookup

Business intelligence wikipedia , lookup

Asynchronous I/O wikipedia , lookup

Database wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Clusterpoint wikipedia , lookup

SAP IQ wikipedia , lookup

Versant Object Database wikipedia , lookup

Database model wikipedia , lookup

Relational model wikipedia , lookup

Transcript 
CryptDB: Processing Queries on
an Encrypted Database
Raluca Ada Popa
Catherine M.S. Redfield
Nickolai Zeldovich
Hari Balakrishman
Presented By: Jeremy Winters
Agenda
•
•
•
•
•
•
•
•
Need
Threat Model
Implementation
Types of Encryption and Onions
Query Processing
Experimental Evaluation
Performance Evaluation
Summary
Need
“…in a recent attack on the Sony
Playstation Network, attackers
apparently gained access to about
77 million personal user profiles,
some of which included credit card
information.”
Threat Model
CryptDB
Passive Attacks
– Compromised hardware
– System Administrators
– Cloud solutions
Implementation
Implementation
• 3 Components
•
•
•
Application
Proxy
DBMS
Encryption Types
Encryption Types
Random (RND)
– Maximum security
Deterministic (DET)
– Plaintext results in consistent ciphertext
Order-Preserving Encryption (OPE)
– 100 < 200
|
4ex5d < 7gfa3
Encryption Types
Homomorphic Encryption (HOM)
– Math functions (ex. Addition)
Join (JOIN and OPE-JOIN)
– Equality Joins
Word Search (SEARCH)
– LIKE
Goal
‘Our goal is to use the most secure
encryption schemes that enable
running the requested queries.’
Onions
Data Sensitivity
Use in Queries
Query Processing
Query Processing Steps
1. Application issues query, intercepted by
proxy and rewritten.
2. If necessary, adjust column encryption
level.
3. Proxy sends encrypted query to DBMS for
execution.
4. Encrypted result returned, proxy decrypts,
returns to application.
Query Processing
Experimental Evaluation
Experimental Evaluation
Performance Evaluation
Performance Evaluation
•
.60ms (~ 26%)
performance
degradation in
queries issued per
second.
•
•
•
24% mysql-proxy
23% encryption /
decryption
53% parsing and
processing queries
Summary
CryptDB
CryptDB utilizes several encryption
technologies to take steps to secure data
within your client/server applications from
passive attacks.
More secure that encryption provided by
DBMS. DBMS decrypts data to perform
queries.
Supports most relational queries – not all.
Further research is being done here.
Questions?
Related documents
Introduction to Database Queries.
Introduction to Database Queries.
Chapter 12 - Key Terms
Chapter 12 - Key Terms
name - MIT
name - MIT
ACCESS Chapter 4 Tables and Queries
ACCESS Chapter 4 Tables and Queries
The Gaian Database: a Dynamic Distributed Federated Database
The Gaian Database: a Dynamic Distributed Federated Database
Pr sentation PowerPoint
Pr sentation PowerPoint
a common digital Europe
a common digital Europe
Database Security
Database Security
Microsoft Search Labs - Berkeley Database Group
Microsoft Search Labs - Berkeley Database Group
Text 13 Database Management Systems
Text 13 Database Management Systems
CSCI 3140 Module 3 – Logical Database
CSCI 3140 Module 3 – Logical Database
BitLocker Drive Encryption Self
BitLocker Drive Encryption Self
All Definitions for
All Definitions for
Shouting from the Rooftops: Improving Email
Shouting from the Rooftops: Improving Email
Network Security: It`s Time to Take It Seriously
Network Security: It`s Time to Take It Seriously
Relational Semantic Hiding Databases (RSHDB)
Relational Semantic Hiding Databases (RSHDB)
Here are the PowerPoint slides with links - Auto
Here are the PowerPoint slides with links - Auto
CryptDB__ Protecting Confidentiality with
CryptDB__ Protecting Confidentiality with
PowerPoint ****
PowerPoint ****
Slides
Slides
Research Statement
Research Statement
Application Design and Development
Application Design and Development