How to build a trusted database system on untrusted storage Export

@inproceedings{citeulike:5104772, abstract = {Some emerging applications require programs to maintain sensitive state on untrusted hosts. This paper presents the architecture and implementation of a trusted database system, TDB, which leverages a small amount of trusted storage to protect a scalable amount of untrusted storage. The database is encrypted and validated against a collision-resistant hash kept in trusted storage, so untrusted programs cannot read the database or modify it undetectably. TDB integrates encryption and hashing with a low-level data model, which protects data and metadata uniformly, unlike systems built on top of a conventional database system. The implementation exploits synergies between hashing and log-structured storage. Preliminary performance results show that TDB outperforms an off-the-shelf embedded database system, thus supporting the suitability of the TDB architecture.}, address = {Berkeley, CA, USA}, author = {Maheshwari, Umesh and Vingralek, Radek and Shapiro, William}, booktitle = {OSDI'00: Proceedings of the 4th conference on Symposium on Operating System Design \& Implementation}, citeulike-article-id = {5104772}, citeulike-linkout-0 = {http://portal.acm.org/citation.cfm?id=1251239}, keywords = {dight-storage, dight-trust}, location = {San Diego, California}, pages = {10}, posted-at = {2009-08-18 11:08:27}, priority = {2}, publisher = {USENIX Association}, title = {How to build a trusted database system on untrusted storage}, url = {http://portal.acm.org/citation.cfm?id=1251239}, year = {2000} }

TY - CONF ID - citeulike:5104772 L3 - citeulike-article-id:5104772 N2 - Some emerging applications require programs to maintain sensitive state on untrusted hosts. This paper presents the architecture and implementation of a trusted database system, TDB, which leverages a small amount of trusted storage to protect a scalable amount of untrusted storage. The database is encrypted and validated against a collision-resistant hash kept in trusted storage, so untrusted programs cannot read the database or modify it undetectably. TDB integrates encryption and hashing with a low-level data model, which protects data and metadata uniformly, unlike systems built on top of a conventional database system. The implementation exploits synergies between hashing and log-structured storage. Preliminary performance results show that TDB outperforms an off-the-shelf embedded database system, thus supporting the suitability of the TDB architecture. CY - San Diego, California AD - Berkeley, CA, USA EP - 10 TI - How to build a trusted database system on untrusted storage PB - USENIX Association T2 - OSDI'00: Proceedings of the 4th conference on Symposium on Operating System Design \& Implementation SP - 10 KW - dight-storage KW - dight-trust AU - Maheshwari, Umesh AU - Vingralek, Radek AU - Shapiro, William PY - 2000/// UR - http://portal.acm.org/citation.cfm?id=1251239 ER -