At the IEEE Symposium on Security and Privacy in San Francisco, Calif., this week, researchers from Imperial College London and Microsoft presented an experimental database engine called EnclaveDB that aims to keep data and database queries secure even when the host system has been compromised.
As described in a research paper by Christian Priebe, a doctoral student at Imperial College London, and Microsoft researchers Kapil Vaswani and Manuel Costa, EnclaveDB "guarantees confidentiality, integrity, and freshness for data and queries" with the help of trusted hardware.
EnclaveDB follows the conventions of relational databases, which allow authorized users to create data tables and indexes and to query that information using Structured Query Language (SQL).
Microsoft researchers smash homomorphic encryption speed barrierREAD MORE
Security is where it diverges. While data is often encrypted at rest and in transit, it tends to be decrypted in memory during query processing. There are exceptions: Among others, CryptDB, Monomi and Seabed support query processing on encrypted data.
But the data boffins contend that there are drawbacks to existing approaches, specifically more limited queries and susceptibility to information leakage. Other techniques for making database interactions more secure have their own problems, they say. For instance, putting an entire database inside a trusted execution environment or secure enclave still does not protect against a malicious admin.
A foot in both camps
By design, EnclaveDB protects against attacks from outside and from within. To do so, it relies on having one foot in the secure enclave – it hosts queries and a transaction manager there. The other foot supports an untrusted database server that runs administrative tasks but does not provide access to sensitive data in the enclave.
"Unlike a conventional database, EnclaveDB compiles queries on sensitive data to native code using an ahead-of-time compiler on a trusted client machine," the paper explains. "Pre-compiled queries are signed, encrypted and deployed to an enclave on the untrusted database server."
By separating the query compilation from the execution, specific database engine components can be hosted in the trusted environment.
"EnclaveDB clients execute pre-compiled queries by establishing a secure channel with the enclave and sending requests with encrypted parameters," the paper explains. "The enclave authenticates requests, decrypts parameters, executes the pre-compiled query, encrypts query results, and sends the results back to the client."
EnclaveDB was designed with Intel Software Guard Extensions (SGX) in mind, but the design should be usable with alternative trusted hardware systems.
"The core technology itself is quite general purpose," said Kapil Vaswani, a researcher with the Systems and Networking group at Microsoft Research, in a phone interview with The Register. "You can use it as a replacement for any database where you have strong security requirements."
Vaswani suggested EnclaveDB would be well suited as a way to allow multiple parties to run queries on aggregated data without exposing the data to all those involved.
"Think about multiple banks that want to put their data into a database and run fraud detection on it," he said. "The entities want guarantees their data doesn't leak to the other entities."
It could be used in a similar manner for healthcare data, he said, describing a scenario in which multiple healthcare providers aggregate data for research purposes while guaranteeing the info remained under the control of the authorized handler.
The EnclaveDB prototype, built with Hekaton, SQL Server’s in-memory database engine, only requires a small trusted computing base (100x smaller than a conventional database server). And it performs well, the researchers claim, delivering up to 31,000 tps for TPC-C with low overheads.
"One of the benefits of trusted hardware is you get very good performance, unlike other solutions that help you achieve similar guarantees," he said. "You can get performance close to bare metal even though you have strong security guarantees."
Vaswani cautioned that EnclaveDB is still a research project, which means it will be a while before it becomes viable product, if it does at all. Were it to find a home on the Microsoft Azure platform, he said, the core pieces would probably be open sourced.
While the research team hasn't sought out any companies to test the tech, they're open to engaging with organizations that might want be interested, he said.
EnclaveDB was designed with Intel SGX in mind, but Vaswani believes the emergence of other trusted hardware systems would strengthen the project.
"In the long run, for something like this to succeed, we need more diverse trusted hardware implementations," he said. ®