SafeRegions: Performance Evaluation of Multi-party Protocols on HBase
On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's information to a large number of third-party entities. These entities enforce several security measures to avoid unauthorized accesses bu...
Saved in:
| Published in | 2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW) pp. 31 - 36 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.09.2016
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's information to a large number of third-party entities. These entities enforce several security measures to avoid unauthorized accesses but data is still stored on common database systems that are designed without data privacy concerns in mind. As a result, data is vulnerable against anyone with direct access to the database, which may be external attackers, malicious insiders, spies or even subpoenas. Building strong data privacy mechanisms on top of common database systems is possible but has a significant impact on the system's resources, computational capabilities and performance. Notably, the amount of useful computation that may be done over strongly encrypted data is close to none, which defeats the purpose of offloading computation to third-party services. In this paper, we propose to shift the need to trust in the honesty and security of service providers to simply trust that they will not collude. This is reasonable as cloud providers, being competitors, do not share data among themselves. We focus on NoSQL databases and present SafeRegions, a novel prototype of a distributed and secure NoSQL database that is built on top of HBase and that guarantees strong data privacy while still providing most of HBase's query capabilities. Safe Regions relies on secret sharing and multi-party computation techniques to provide a NoSQL database built on top of multiple, non-colluding service providers that appear as a single one to the user. Strikingly, service providers, individually, cannot disclose any of the user's data but, together, are able to offer data storage and processing capabilities. Additionally, we evaluate SafeRegions exposing performance trade-offs imposed by security mechanisms and provide useful insights for future research on performance optimization. |
|---|---|
| AbstractList | On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's information to a large number of third-party entities. These entities enforce several security measures to avoid unauthorized accesses but data is still stored on common database systems that are designed without data privacy concerns in mind. As a result, data is vulnerable against anyone with direct access to the database, which may be external attackers, malicious insiders, spies or even subpoenas. Building strong data privacy mechanisms on top of common database systems is possible but has a significant impact on the system's resources, computational capabilities and performance. Notably, the amount of useful computation that may be done over strongly encrypted data is close to none, which defeats the purpose of offloading computation to third-party services. In this paper, we propose to shift the need to trust in the honesty and security of service providers to simply trust that they will not collude. This is reasonable as cloud providers, being competitors, do not share data among themselves. We focus on NoSQL databases and present SafeRegions, a novel prototype of a distributed and secure NoSQL database that is built on top of HBase and that guarantees strong data privacy while still providing most of HBase's query capabilities. Safe Regions relies on secret sharing and multi-party computation techniques to provide a NoSQL database built on top of multiple, non-colluding service providers that appear as a single one to the user. Strikingly, service providers, individually, cannot disclose any of the user's data but, together, are able to offer data storage and processing capabilities. Additionally, we evaluate SafeRegions exposing performance trade-offs imposed by security mechanisms and provide useful insights for future research on performance optimization. On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's information to a large number of third-party entities. These entities enforce several security measures to avoid unauthorized accesses but data is still stored on common database systems that are designed without data privacy concerns in mind. As a result, data is vulnerable against anyone with direct access to the database, which may be external attackers, malicious insiders, spies or even subpoenas. Building strong data privacy mechanisms on top of common database systems is possible but has a significant impact on the system's resources, computational capabilities and performance. Notably, the amount of useful computation that may be done over strongly encrypted data is close to none, which defeats the purpose of offloading computation to third-party services. In this paper, we propose to shift the need to trust in the honesty and security of service providers to simply trust that they will not collude. This is reasonable as cloud providers, being competitors, do not share data among themselves. We focus on NoSQL databases and present SafeRegions, a novel prototype of a distributed and secure NoSQL database that is built on top of HBase and that guarantees strong data privacy while still providing most of HBase's query capabilities. SafeRegions relies on secret sharing and multiparty computation techniques to provide a NoSQL database built on top of multiple, non-colluding service providers that appear as a single one to the user. Strikingly, service providers, individually, cannot disclose any of the user's data but, together, are able to offer data storage and processing capabilities. Additionally, we evaluate SafeRegions exposing performance trade-offs imposed by security mechanisms and provide useful insights for future research on performance optimization. |
| Author | Vilaca, Ricardo Pontes, Rogerio Maia, Francisco Paulo, Joao |
| Author_xml | – sequence: 1 givenname: Rogerio surname: Pontes fullname: Pontes, Rogerio – sequence: 2 givenname: Francisco surname: Maia fullname: Maia, Francisco – sequence: 3 givenname: Joao surname: Paulo fullname: Paulo, Joao – sequence: 4 givenname: Ricardo surname: Vilaca fullname: Vilaca, Ricardo |
| BookMark | eNpdkMFKw0AURUdUUGuXrtzMD6TOm-lM8txprVaoWFrFZXhpXiSSZspMWujfG6grV5fDPdzFvRJnrW9ZiBtQIwCFd6vl0-prpBW4EbgTMcQ0A6tQWW1Rn_7jCzGM8UcppbVDbeFSTFdU8ZK_a9_Ge7ngUPmwoXbNcrqnZkddX0hfybdd09XJlkJ3kIvgO7_2TZR9N3ukyNfivKIm8vAvB-LzefoxmSXz95fXycM8qbXBLmEclwUQYmVViYV2PKaCTVohQ5r1AKRtaXSWQkpsCK3BkiFLUbG2BZmBkMfdsCba5oH3dewo5pBpnTunwfbK7VGpmTnfhnpD4ZCnTqn-BvMLwEBYQA |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL RCLKO |
| DOI | 10.1109/SRDSW.2016.16 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Xplore IEEE Proceedings Order Plans (POP All) 1998-Present RCAAP open access repository |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Xplore url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| DissertationSchool | Universidade do Minho |
| EISBN | 9781509052592 1509052593 |
| EndPage | 36 |
| ExternalDocumentID | 1822_66215 7600150 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IL 6IN AAJGR ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK IEGSK OCL RIB RIC RIE RIL RCLKO |
| ID | FETCH-LOGICAL-i239t-e94db1a99f50d9b26e4abe37f9e178e4a1a25d328717ae3a9539de18790e25ba3 |
| IEDL.DBID | RIE |
| ISBN | 9781509052592 1509052593 |
| IngestDate | Fri Nov 08 15:47:50 EST 2024 Thu Jun 29 18:37:58 EDT 2023 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i239t-e94db1a99f50d9b26e4abe37f9e178e4a1a25d328717ae3a9539de18790e25ba3 |
| OpenAccessLink | http://hdl.handle.net/1822/66215 |
| PageCount | 6 |
| ParticipantIDs | rcaap_revistas_1822_66215 ieee_primary_7600150 |
| PublicationCentury | 2000 |
| PublicationDate | 2016-Sept. 2016 |
| PublicationDateYYYYMMDD | 2016-09-01 2016-01-01 |
| PublicationDate_xml | – month: 09 year: 2016 text: 2016-Sept. |
| PublicationDecade | 2010 |
| PublicationTitle | 2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW) |
| PublicationTitleAbbrev | SRDSW |
| PublicationYear | 2016 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0002269251 |
| Score | 2.0466375 |
| Snippet | On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's... |
| SourceID | rcaap ieee |
| SourceType | Publisher |
| StartPage | 31 |
| SubjectTerms | Coprocessors Cryptography Data privacy Distributed databases HBase Multi party computation Protocols Science & Technology Secure databases |
| Title | SafeRegions: Performance Evaluation of Multi-party Protocols on HBase |
| URI | https://ieeexplore.ieee.org/document/7600150 http://hdl.handle.net/1822/66215 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1NT8IwGG6QkydUMOJXevBoB1s_tnpUMcQEQ0Ait6Vd3yXGhBEYB_31th0MYzx427J0W962eT_6PO-D0I0N2riighHDKCWMcU50zBRJmOuflTGRhI47PHoRwxl7nvN5A93WXBgA8OAzCNylP8s3RbZxpbKeO0TyCfpBLGXF1arrKTaMkNZX79to9qaTx-mbA2-JwKmZe_EUG4KuMqWWP3zIUwuNdl-voCMfwabUQfb1qzHjf3_vCHX2bD08rv3QMWrA4gS1dnINeLt722gwVTlMwAGQ13d4vGcM4EHd8hsXOfacXLK0a-rTvbcs7FpZY_tseG9dXgfNngavD0OyVVEg7xGVJQHJjA6VlDnvG6kjAUxpoHEuIYwTexOqiBvqMqdYAVWSU2nAiZD3IeJa0VPUXBQLOENYSApUR3EmYmCcuhJiXyojjEkgsXlkF7WdVdJl1Sgj3Rqki7re6KkDLtuYd53apCZKhbDhxvnfQy7QoZu4Csx1iZrlagNX1vuX-tpP-zex361n |
| link.rule.ids | 310,311,783,787,792,793,799,4057,4058,27937,55086 |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LT8JAEN4QPegJFYz47MGjW6D7aNejCqkKhPCI3Jrd7jQxJpRAOeivd7eFYowHb22aPjI7zXwz-30zCN0a0MYk4RRrSgimlDGsfCpxQG3_rJjyoG21w_0BD6f0ZcZmFXRXamEAICefgWsP8718ncZrWypr2k2kPEHfN7g64IVaq6yoGCAhTLTeNdJsjkdP4zdL3-KunWeej08xIHQZS7n4EUW6VdTfvr8gj3y460y58dev1oz__cAjVN_p9ZxhGYmOUQXmJ6i6HdjgbP7fGuqMZQIjsBTk1b0z3GkGnE7Z9NtJEydX5eKF8apP-9wsNd6ycsy18MEEvTqadjuTxxBv5ijgd4-IDIOgWrWlEAlraaE8DlQqIH4ioO0H5qQtPaaJzZ18CUQKRoQGO4a8BR5TkpyivXk6hzPkcEGAKM-PuQ-UEVtEbAmpudYBBCaTbKCatUq0KFplRBuDNFAjN3pkqcsG9a4ik9Z4EecGcJz_fcsNOggn_V7Uex68XqBDu4gFtesS7WXLNVwZLJCp69wFvgHwxrCy |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2016+IEEE+35th+Symposium+on+Reliable+Distributed+Systems+Workshops+%28SRDSW%29&rft.atitle=SafeRegions%3A+Performance+Evaluation+of+Multi-party+Protocols+on+HBase&rft.au=Pontes%2C+Rogerio&rft.au=Maia%2C+Francisco&rft.au=Paulo%2C+Joao&rft.au=Vilaca%2C+Ricardo&rft.date=2016-09-01&rft.pub=IEEE&rft.spage=31&rft.epage=36&rft_id=info:doi/10.1109%2FSRDSW.2016.16&rft.externalDocID=7600150 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9781509052592/lc.gif&client=summon&freeimage=true |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9781509052592/mc.gif&client=summon&freeimage=true |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9781509052592/sc.gif&client=summon&freeimage=true |