1. Private and Scalable Execution of SQL Aggregates on a Secure Decentralized Architecture
- Author
-
Benjamin Nguyen, Quoc-Cuong To, Philippe Pucheral, Parallélisme, Réseaux, Systèmes, Modélisation (PRISM), Centre National de la Recherche Scientifique (CNRS)-Université de Versailles Saint-Quentin-en-Yvelines (UVSQ), Secured and Mobile Information Systems (SMIS), Centre National de la Recherche Scientifique (CNRS)-Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)-Centre National de la Recherche Scientifique (CNRS)-Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)-Inria Saclay - Ile de France, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Sécurité des Données et des Systèmes (SDS), Laboratoire d'Informatique Fondamentale d'Orléans (LIFO), Université d'Orléans (UO)-Institut National des Sciences Appliquées - Centre Val de Loire (INSA CVL), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université d'Orléans (UO)-Institut National des Sciences Appliquées - Centre Val de Loire (INSA CVL), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA), ANR-11-INSE-0005 KISS, ANR-11-IDEX-0003-02 IDEX Paris-Saclay, INRIA Project Lab CAPPRIS, ANR-11-INSE-0005,KISS,Koffre-fort d'Informations personnelles Sûr et Sécurisé(2011), ANR: CAPPRIS,INRIA Project Lab CAPPRIS, ANR-11-IDEX-0003,IPS,Idex Paris-Saclay(2011), Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)-Centre National de la Recherche Scientifique (CNRS), and Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)-Centre National de la Recherche Scientifique (CNRS)-Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)-Centre National de la Recherche Scientifique (CNRS)-Inria Saclay - Ile de France
- Subjects
SQL ,privacy-preserving database protocols ,[INFO.INFO-DB]Computer Science [cs]/Databases [cs.DB] ,Computer science ,Distributed computing ,Scale (chemistry) ,SQL execution ,Control (management) ,020206 networking & telecommunications ,02 engineering and technology ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] ,Information sensitivity ,020204 information systems ,Server ,Scalability ,0202 electrical engineering, electronic engineering, information engineering ,Architecture ,Personally identifiable information ,computer ,Information Systems ,computer.programming_language - Abstract
Current applications, from complex sensor systems (e.g., quantified self) to online e-markets, acquire vast quantities of personal information that usually end up on central servers where they are exposed to prying eyes. Conversely, decentralized architectures that help individuals keep full control of their data complexify global treatments and queries, impeding the development of innovative services. This article aims precisely at reconciling individual's privacy on one side and global benefits for the community and business perspectives on the other. It promotes the idea of pushing the security to secure hardware devices controlling the data at the place of their acquisition. Thanks to these tangible physical elements of trust, secure distributed querying protocols can reestablish the capacity to perform global computations, such as Structured Query Language (SQL) aggregates, without revealing any sensitive information to central servers. This article studies how to secure the execution of such queries in the presence of honest-but-curious and malicious attackers. It also discusses how the resulting querying protocols can be integrated in a concrete decentralized architecture. Cost models and experiments on SQL/Asymmetric Architecture (AA), our distributed prototype running on real tamper-resistant hardware, demonstrate that this approach can scale to nationwide applications.
- Published
- 2016