Data leakage mitigation of user-defined functions on secure personal data management systems

Robin Carpentier, Iulian Sandu Popa, Nicolas Anciaux

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

Abstract

Personal Data Management Systems (PDMSs) arrive at a rapid pace providing individuals with appropriate tools to collect, manage and share their personal data. At the same time, the emergence of Trusted Execution Environments (TEEs) opens new perspectives in solving the critical and conflicting challenge of securing users' data while enabling a rich ecosystem of data-driven applications. In this paper, we propose a PDMS architecture leveraging TEEs as a basis for security. Unlike existing solutions, our architecture allows for data processing extensiveness through the integration of any user-defined functions, albeit untrusted by the data owner. In this context, we focus on aggregate computations of large sets of database objects and provide a first study to mitigate the very large potential data leakage. We introduce the necessary security building blocks and show that an upper bound on data leakage can be guaranteed to the PDMS user. We then propose practical evaluation strategies ensuring that the potential data leakage remains minimal with a reasonable performance overhead. Finally, we validate our proposal with an Intel SGX-based PDMS implementation on real data sets.

Original languageEnglish
Title of host publicationSSDBM '22
Subtitle of host publicationproceedings of the 34th International Conference on Scientific and Statistical Database Management
EditorsElaheh Pourabbas, Yongluan Zhou, Yuchen Li, Bin Yang
Place of PublicationNew York
PublisherAssociation for Computing Machinery
Number of pages12
ISBN (Electronic)9781450396677
DOIs
Publication statusPublished - 2022
Externally publishedYes
Event34th International Conference on Scientific and Statistical Database Management, SSDBM 2022 - Copenhagen, Denmark
Duration: 6 Jul 20228 Jul 2022

Conference

Conference34th International Conference on Scientific and Statistical Database Management, SSDBM 2022
Country/TerritoryDenmark
CityCopenhagen
Period6/07/228/07/22

Keywords

  • Personal Data Management Systems
  • User-defined functions
  • Untrusted Code
  • Information leakage
  • Trusted Execution Environment

Fingerprint

Dive into the research topics of 'Data leakage mitigation of user-defined functions on secure personal data management systems'. Together they form a unique fingerprint.

Cite this