Session

Thursday, June 22, 2017 - 16:00 to 17:15
Secure Database Outsourcing to the Cloud: Side-Channels, Counter-Measures and Trusted Execution
Abstract: 
"Outsourcing data processing and storage to the cloud is a persistent trend in the last years. Cloud computing offers many advantages like flexibility in resource allocation, cost reduction and high availability. However, when sensitive information is handed to a third party, security questions are raised since the cloud provider and his employees are not fully trusted. Standard security mechanisms like transport encryption and regular audits alone can't solve the issue of insider attacks. Additional cryptographic techniques are required. In this paper we build upon an existing proxy for secure database outsourcing. We address potential side-channels and weaknesses which are later analysed and mitigated. Furthermore we take a look at Intel SGX and show how it can be applied to allow for secure execution in the secure database outsourcing case."
Matthias Gabel's picture
Matthias Gabel
Jeremias Mechler's picture
Jeremias Mechler
Karlsruhe Institute of Technology (DE)