Memory Efficient Data-Protection for Database Utilizing Secure/Unsecured Area of Intel SGX

Yoshimura, Masashi; Sasada, Taisho; Taenaka, Yuzo; Kadobayashi, Youki

Home // DBKDA 2023, The Fifteenth International Conference on Advances in Databases, Knowledge, and Data Applications // View article

Memory Efficient Data-Protection for Database Utilizing Secure/Unsecured Area of Intel SGX

Authors:
Masashi Yoshimura
Taisho Sasada
Yuzo Taenaka
Youki Kadobayashi

Keywords: Data Protection; RDBMS; Intel SGX; Trusted Execution Environment; Cloud Computing.

Abstract:
With the spread of cloud computing, database services have been provided on cloud platforms. As a Cloud Service Provider (CSP) has the highest privilege in the cloud platform, the CSP can get any data from the database even if a tenant admin secures all components, such as OS, database software, etc. as long as the database runs on the cloud. That is why CSP has become a new threat source in cloud-based databases. Trusted Execution Environment (TEE) is a key technology to protect memory, process, and storage against data theft by a CSP. It creates a secure area on the memory where the process outside the secure area cannot access, thereby preventing any access from CSP. However, since the secure area only has a limited amount of memory resources on a server, the rest memory resources keep vacant even when TEE exhaustively uses its allocated memory resources. In the case of the high-load database running on the secure area, almost all queries slow down due to being full of consumed memory despite most of the memory being free in the unsecured area. In this study, we design an efficient memory management mechanism for TEE-based secure database that effectively uses the resources of both the secure and unsecured areas; the proposed system handles only sensitive queries and data in the secure area while others in the unsecured area. Experimental results show that our system improves both resource utilization efficiency and execution speed compared to the system processing all data in the secure area.

Pages: 38 to 43

Copyright: Copyright (c) IARIA, 2023

Publication date: March 13, 2023

Published in: conference

ISSN: 2308-4332

ISBN: 978-1-68558-056-8

Location: Barcelona, Spain

Dates: from March 13, 2023 to March 17, 2023