Abstract
We introduce a new paradigm for outsourcing the durability property of a multi-client transactional database to an untrusted service provider. Specifically, we enable untrusted service providers to support transaction serialization, backup and recovery for clients, with full data confidentiality and correctness. Moreover, providers learn nothing about transactions (except their size and timing), thus achieving read and write access pattern privacy. We build a proof-of-concept implementation of this protocol for the MySQL database management system, achieving tens of transactions per second in a two-client scenario with full transaction privacy and guaranteed correctness. This shows the method is ready for production use, creating a novel class of secure database outsourcing models.
Original language | English (US) |
---|---|
State | Published - 2009 |
Event | 16th Symposium on Network and Distributed System Security, NDSS 2009 - San Diego, United States Duration: Feb 8 2009 → Feb 11 2009 |
Conference
Conference | 16th Symposium on Network and Distributed System Security, NDSS 2009 |
---|---|
Country/Territory | United States |
City | San Diego |
Period | 2/8/09 → 2/11/09 |
ASJC Scopus subject areas
- Computer Networks and Communications
- Control and Systems Engineering
- Safety, Risk, Reliability and Quality