RESCU-SQL: Oblivious Querying for the Zero Trust Cloud

IF 2.6 3区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Proceedings of the Vldb Endowment Pub Date : 2023-08-01 DOI:10.14778/3611540.3611627

Xiling Li, Gefei Tan, Xiao Wang, Jennie Rogers, Soamar Homsi

{"title":"RESCU-SQL: Oblivious Querying for the Zero Trust Cloud","authors":"Xiling Li, Gefei Tan, Xiao Wang, Jennie Rogers, Soamar Homsi","doi":"10.14778/3611540.3611627","DOIUrl":null,"url":null,"abstract":"Cloud service providers offer robust infrastructure for rent to organizations of all kinds. High stakes applications, such as the ones in defense and healthcare, are turning to the public cloud for a cost-effective, geographically distributed, always available solution to their hosting needs. Many such users are unwilling or unable to delegate their data to this third-party infrastructure. In this demonstration, we introduce RESCU-SQL, a zero-trust platform for resilient and secure SQL querying outsourced to one or more cloud service providers. RESCU-SQL users can query their DBMS using cloud infrastructure alone without revealing their private records to anyone. It does so by executing the query over secure multiparty computation. We call this system zero trust because it can tolerate any number of malicious servers provided one of them remains honest. Our demo will offer an interactive dashboard with which attendees can observe the performance of RESCU-SQL deployed on several in-cloud nodes for the TPC-H benchmark. Attendees can select a computing party and inject messages from it to explore how quickly it detects and reacts to a malicious party. This is the first SQL system to support all-but-one maliciously secure querying over a semi-honest coordinator for efficiency.","PeriodicalId":54220,"journal":{"name":"Proceedings of the Vldb Endowment","volume":"88 1","pages":"0"},"PeriodicalIF":2.6000,"publicationDate":"2023-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Vldb Endowment","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14778/3611540.3611627","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Cloud service providers offer robust infrastructure for rent to organizations of all kinds. High stakes applications, such as the ones in defense and healthcare, are turning to the public cloud for a cost-effective, geographically distributed, always available solution to their hosting needs. Many such users are unwilling or unable to delegate their data to this third-party infrastructure. In this demonstration, we introduce RESCU-SQL, a zero-trust platform for resilient and secure SQL querying outsourced to one or more cloud service providers. RESCU-SQL users can query their DBMS using cloud infrastructure alone without revealing their private records to anyone. It does so by executing the query over secure multiparty computation. We call this system zero trust because it can tolerate any number of malicious servers provided one of them remains honest. Our demo will offer an interactive dashboard with which attendees can observe the performance of RESCU-SQL deployed on several in-cloud nodes for the TPC-H benchmark. Attendees can select a computing party and inject messages from it to explore how quickly it detects and reacts to a malicious party. This is the first SQL system to support all-but-one maliciously secure querying over a semi-honest coordinator for efficiency.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

sql:零信任云的遗忘查询

云服务提供商提供强大的基础设施，供各种组织租用。高风险应用程序(例如国防和医疗保健领域的应用程序)正在转向公共云，以获得经济高效、地理分布且始终可用的解决方案来满足其托管需求。许多这样的用户不愿意或不能将他们的数据委托给第三方基础设施。在本演示中，我们将介绍rescue -SQL，这是一个零信任平台，用于将弹性和安全的SQL查询外包给一个或多个云服务提供商。rescue - sql用户可以单独使用云基础设施查询他们的DBMS，而不会向任何人泄露他们的私人记录。它通过在安全多方计算上执行查询来实现这一点。我们称这个系统为零信任，因为它可以容忍任何数量的恶意服务器，只要其中一个保持诚实。我们的演示将提供一个交互式仪表板，与会者可以通过它观察部署在几个云内节点上的rescue - sql的性能，以进行TPC-H基准测试。与会者可以选择一个计算方并从中注入消息，以探索它检测和响应恶意方的速度有多快。这是第一个通过一个半诚实的协调器来支持除一个以外的所有恶意安全查询的SQL系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the Vldb Endowment Computer Science-General Computer Science

CiteScore

7.70

自引率

0.00%

发文量

期刊介绍： The Proceedings of the VLDB (PVLDB) welcomes original research papers on a broad range of research topics related to all aspects of data management, where systems issues play a significant role, such as data management system technology and information management infrastructures, including their very large scale of experimentation, novel architectures, and demanding applications as well as their underpinning theory. The scope of a submission for PVLDB is also described by the subject areas given below. Moreover, the scope of PVLDB is restricted to scientific areas that are covered by the combined expertise on the submission’s topic of the journal’s editorial board. Finally, the submission’s contributions should build on work already published in data management outlets, e.g., PVLDB, VLDBJ, ACM SIGMOD, IEEE ICDE, EDBT, ACM TODS, IEEE TKDE, and go beyond a syntactic citation.