TEE-based General-purpose Computational Backend for Secure Delegated Data Processing-Reference-Cited by-同舟云学术

TEE-based General-purpose Computational Backend for Secure Delegated Data Processing

Published:2023-12-08 Issue:4 Volume:1 Page:1-28
ISSN:2836-6573
Container-title:Proceedings of the ACM on Management of Data
language:en
Short-container-title:Proc. ACM Manag. Data

Author:

Sha Mo¹^ORCID,Li Jialin²^ORCID,Wang Sheng¹^ORCID,Li Feifei³^ORCID,Tan Kian-Lee²^ORCID

Affiliation:

1. Alibaba Group, Singapore, Singapore

2. National University of Singapore, Singapore, Singapore

3. Alibaba Group, Hangzhou, China

Abstract

The increasing prevalence of data breaches necessitates robust data protection measures in computational tasks. Secure computation outsourcing (SCO) presents a viable solution by safeguarding the confidentiality of inputs and outputs in data processing without disclosure. Nonetheless, this approach assumes the existence of a trustworthy coordinator to orchestrate and oversee the process, typically implying that data owners must fulfill this role themselves. In this paper, we consider secure delegated data processing (SDDP), an expanded data processing scenario wherein data owners simply delegate their data to SDDP providers for subsequent value mining or other downstream applications, eliminating the necessary involvement of data owners or trusted entities to dive into data processing deeply. However, general-purpose SDDP poses significant challenges in permitting the discretionary execution of computational tasks by SDDP providers on sensitive data while ensuring confidentiality. Existing approaches are insufficient to support SDDP in either efficiency or universality. To tackle this issue, we propose TGCB, a TEE-based General-purpose Computational Backend, designed to endow general-purpose computation with SDDP capabilities from an engineering perspective, powered by TEE-based code integrity and data confidentiality. Central to TGCB is the Encryption Programming Language (EPL) that defines computational tasks in SDDP. Specifically, SDDP providers can express arbitrary computable functions as EPL scripts, processed by TGCB's interfaces, securely interpreted and executed in TEE, ensuring data confidentiality throughout the process. As a universal computational backend, TGCB extensively bolsters data security in existing general-purpose computational tasks, allowing data owners to leverage SDDP without privacy concerns.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3626757

Reference104 articles.

1. Panagiotis Antonopoulos , Arvind Arasu , Kunal D. Singh , Ken Eguro , Nitish Gupta , Rajat Jain , Raghav Kaushik , Hanuma Kodavalla , Donald Kossmann , Nikolas Ogg , Ravi Ramamurthy , Jakub Szymaszek , Jeffrey Trimmer , Kapil Vaswani , Ramarathnam Venkatesan , and Mike Zwilling . 2020 . Azure SQL Database Always Encrypted. In SIGMOD Conference. ACM, 1511--1525 . Panagiotis Antonopoulos, Arvind Arasu, Kunal D. Singh, Ken Eguro, Nitish Gupta, Rajat Jain, Raghav Kaushik, Hanuma Kodavalla, Donald Kossmann, Nikolas Ogg, Ravi Ramamurthy, Jakub Szymaszek, Jeffrey Trimmer, Kapil Vaswani, Ramarathnam Venkatesan, and Mike Zwilling. 2020. Azure SQL Database Always Encrypted. In SIGMOD Conference. ACM, 1511--1525.

2. Arvind Arasu , Ken Eguro , Manas Joglekar , Raghav Kaushik , Donald Kossmann , and Ravi Ramamurthy . 2015. Transaction processing on confidential data using cipherbase . In ICDE. IEEE Computer Society , 435--446. Arvind Arasu, Ken Eguro, Manas Joglekar, Raghav Kaushik, Donald Kossmann, and Ravi Ramamurthy. 2015. Transaction processing on confidential data using cipherbase. In ICDE. IEEE Computer Society, 435--446.

3. Spark SQL

4. Sergei Arnautov , Bohdan Trach , Franz Gregor , Thomas Knauth , André Martin , Christian Priebe , Joshua Lind , Divya Muthukumaran , Dan O'Keeffe , Mark Stillwell , David Goltzsche , David M. Eyers , Rü diger Kapitza , Peter R. Pietzuch, and Christof Fetzer. 2016 . SCONE : Secure Linux Containers with Intel SGX. In OSDI. USENIX Association , 689--703. Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, André Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark Stillwell, David Goltzsche, David M. Eyers, Rü diger Kapitza, Peter R. Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In OSDI. USENIX Association, 689--703.

5. Mikhail J. Atallah and Keith B . Frikken . 2010 . Securely outsourcing linear algebra computations. In AsiaCCS. ACM , 48--59. Mikhail J. Atallah and Keith B. Frikken. 2010. Securely outsourcing linear algebra computations. In AsiaCCS. ACM, 48--59.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory Architectures;Proceedings of the ACM on Management of Data;2024-05-29