Inout Secure DB: Maximizing Security for Data INside and OUTside the Database

Luiz Gomes-Jr, Isabella Mika Taninaka, Marcelo Rosa, Keiko Fonseca, Daniel Enrique Lucani Rötter

Publikation: Bidrag til tidsskrift/Konferencebidrag i tidsskrift /Bidrag til avisTidsskriftartikelForskningpeer review


As cloud services are becoming an alternative for internal IT infrastructures in many organizations, guarantees of data privacy become a priority. This article presents a secure database system that takes privacy as a design principle. The proposed system offers improved privacy guarantees for data in primary and secondary memory as well as for data that is served to users as results of SQL queries. Data in working memory is protected using Intel’s SGX platform for trusted execution, while data in secondary memory uses network coding for secure storage. SGX provides hardware-based processing privacy offering protection for a wide range of sophisticated attacks. Network coding provides inter and intra-cloud privacy for stored data (by means of a storage provided by Chocolate Cloud). For privacy of data served to the outside world, we propose a flexible role-based access control mechanism that anonymizes data at query-time. We have implemented a modular, multi-service architecture that is well suited to the advantages and limitations of the SGX platform. We present the architecture of the system, its components and performance evaluation.
TidsskriftJournal of Data and Information Science
Sider (fra-til)3-15
StatusUdgivet - jun. 2019
Udgivet eksterntJa


Dyk ned i forskningsemnerne om 'Inout Secure DB: Maximizing Security for Data INside and OUTside the Database'. Sammen danner de et unikt fingeraftryk.