skip to main content
research-article

Efficient Bi-objective SQL Optimization for Enclaved Cloud Databases with Differentially Private Padding

Published: 26 June 2023 Publication History

Abstract

Hardware-enabled enclaves have been applied to efficiently enforce data security and privacy protection in cloud database services. Such enclaved systems, however, are reported to suffer from I/O-size (also referred to as communication-volume)-based side-channel attacks. Albeit differentially private padding has been exploited to defend against these attacks as a principle method, it introduces a challenging bi-objective parametric query optimization (BPQO) problem and current solutions are still not satisfactory. Concretely, the goal in BPQO is to find a Pareto-optimal plan that makes a tradeoff between query performance and privacy loss; existing solutions are subjected to poor computational efficiency and high cloud resource waste. In this article, we propose a two-phase optimization algorithm called TPOA to solve the BPQO problem. TPOA incorporates two novel ideas: divide-and-conquer to separately handle parameters according to their types in optimization for dimensionality reduction; on-demand-optimization to progressively build a set of necessary Pareto-optimal plans instead of seeking a complete set for saving resources. Besides, we introduce an acceleration mechanism in TPOA to improve its efficiency, which prunes the non-optimal candidate plans in advance. We theoretically prove the correctness of TPOA, numerically analyze its complexity, and formally give an end-to-end privacy analysis. Through a comprehensive evaluation on its efficiency by running baseline algorithms over synthetic and test-bed benchmarks, we can conclude that TPOA outperforms all benchmarked methods with an overall efficiency improvement of roughly two orders of magnitude; moreover, the acceleration mechanism speeds up TPOA by 10-200×.

References

[1]
Joshua Allen, Bolin Ding, Janardhan Kulkarni, Harsha Nori, Olga Ohrimenko, and Sergey Yekhanin. 2019. An algorithmic framework for differentially private data analysis on trusted processors. Adv. Neural Inf. Process. Syst. 32 (2019), 13635–13646.
[2]
Sumeet Bajaj and Radu Sion. 2014. TrustedDB: A trusted hardware-based database with privacy and data confidentiality. IEEE Trans. Knowl. Data Eng. 26, 3 (Mar.2014), 752–765. DOI:
[3]
Johes Bater, Xi He, William Ehrich, Ashwin Machanavajjhala, and Jennie Rogers. 2018. Shrinkwrap: Efficient SQL query processing in differentially private data federations. VLDB Endow. 12, 3 (Nov.2018), 307–320. DOI:
[4]
Andrea Bittau, Úlfar Erlingsson, Petros Maniatis, Ilya Mironov, Ananth Raghunathan, David Lie, Mitch Rudominer, Ushasree Kode, Julien Tinnes, and Bernhard Seefeld. 2017. Prochlo: Strong privacy for analytics in the crowd. In Proceedings of the 26th Symposium on Operating Systems Principles (SOSP’17). Association for Computing Machinery, New York, NY, 441–459. DOI:
[5]
Jeremiah Blocki, Avrim Blum, Anupam Datta, and Or Sheffet. 2013. Differentially private data analysis of social networks via restricted sensitivity. In Proceedings of the 4th Conference on Innovations in Theoretical Computer Science (ITCS’13). Association for Computing Machinery, New York, NY, 87–96. DOI:
[6]
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18). USENIX Association, 991–1008. Retrieved from https://www.usenix.org/conference/usenixsecurity18/presentation/bulck.
[7]
Yaxing Chen, Wenhai Sun, Ning Zhang, Qinghua Zheng, Wenjing Lou, and Y. Thomas Hou. 2018. A secure remote monitoring framework supporting efficient fine-grained access control and data processing in IoT. In Security and Privacy in Communication Networks. Springer International Publishing, Cham, 3–21.
[8]
Yaxing Chen, Wenhai Sun, Ning Zhang, Qinghua Zheng, Wenjing Lou, and Y. Thomas Hou. 2018. Towards efficient fine-grained access control and trustworthy data processing for remote monitoring services in IoT. IEEE Trans. Inf. Forens. Secur. 14, 7 (2018), 1830–1842. DOI:
[9]
Y. Chen, Q. Zheng, Z. Yan, and D. Liu. 2020. QShield: Protecting outsourced cloud data queries with multi-user access control based on SGX. IEEE Trans. Parallel Distrib. Syst. 32, 2 (2020), 1–1.
[10]
Carlo Curino, Evan Jones, Raluca Popa, Nirmesh Malviya, Eugene Wu, Samuel Madden, Hari Balakrishnan, and Nickolai Zeldovich. 2011. Relational cloud: A database-as-a-service for the cloud. In Proceedings of the 5th Biennial Conference on Innovative Data Systems Research (CIDR’11). 235–240.
[11]
W. Ding, Z. Yan, and R. H. Deng. 2020. Privacy-preserving data processing with flexible access control. IEEE Trans. Depend. Secure Comput. 17, 2 (Mar.2020), 363–376. DOI:
[12]
W. Ding, Z. Yan, X. Qian, and R. H. Deng. 2019. Computing maximum and minimum with privacy preservation and flexible access control. In Proceedings of the IEEE Global Communications Conference (GLOBECOM). 1–7. DOI:
[13]
Cynthia Dwork and Aaron Roth. 2014. The algorithmic foundations of differential privacy. Foundations and Treads in Theoretical Computer Science 9, 3–4 (Aug.2014), 211–407. DOI:
[14]
Saba Eskandarian and M. Zaharia. 2017. An oblivious general-purpose SQL database for the cloud. ArXiv abs/1710. 00458 (2017).
[15]
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. 2006. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the ACM Conference on Computer and Communications Security (ACMCCS’06). 89–98.
[16]
Hakan Hacigümüs, Balakrishna Iyer, Chen Li, and Sharad Mehrotra. 2002. Executing SQL over encrypted data in the database-service-provider model. In Proceedings of the ACM SIGMOD International Conference on Management of Data. 216–227. DOI:
[17]
Arvind Hulgeri and S. Sudarshan. 2002. Parametric query optimization for linear and piecewise linear cost functions. In VLDB’02: Proceedings of the 28th International Conference on Very Large Databases, Philip A. Bernstein, Yannis E. Ioannidis, Raghu Ramakrishnan, and Dimitris Papadias (Eds.). Morgan Kaufmann, San Francisco, 167–178. DOI:
[18]
Yannis E. Ioannidis. 1996. Query optimization. ACM Comput. Surv. 28, 1 (Mar.1996), 121–123. DOI:
[19]
Noah Johnson, Joseph P. Near, and Dawn Song. 2018. Towards practical differential privacy for SQL queries. Proc. VLDB Endow. 11, 5 (Jan.2018), 526–539. DOI:
[20]
Georgios Kellaris, George Kollios, Kobbi Nissim, and Adam O’Neill. 2017. Accessing Data while Preserving Privacy. (2017). arxiv:cs.CR/1706.01552.
[21]
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre attacks: Exploiting speculative execution. In Proceedings of the 40th IEEE Symposium on Security and Privacy (S&P’19).
[22]
Ios Kotsogiannis, Yuchao Tao, Xi He, Maryam Fanaeepour, Ashwin Machanavajjhala, Michael Hay, and Gerome Miklau. 2019. PrivateSQL: A differentially private SQL query engine. Proceedings of the VLDB Endowment 12, 11 (July2019), 1371–1384. DOI:
[23]
Mehmet Kuzu, Mohammad Saiful Islam, and Murat Kantarcioglu. 2014. Efficient privacy-aware search over encrypted databases. In Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY’14). Association for Computing Machinery, New York, NY, 249–256. DOI:
[24]
Sangho Lee, Mingwei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2016. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. CoRR abs/1611.06952 (2016).
[25]
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading kernel memory from user space. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18).
[26]
Sahar Mazloom and S. Dov Gordon. 2018. Secure computation with differentially private access patterns. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’18). Association for Computing Machinery, New York, NY, 490–507. DOI:
[27]
Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R. Savagaonkar. 2013. Innovative instructions and software model for isolated execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP’13). Association for Computing Machinery, New York, NY. DOI:
[28]
Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R. Savagaonkar. 2013. Innovative instructions and software model for isolated execution. HASP@ ISCA 10, 1 (2013).
[29]
Frank D. McSherry. 2009. Privacy integrated queries: An extensible platform for privacy-preserving data analysis. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD’09). Association for Computing Machinery, New York, NY, 19–30. DOI:
[30]
Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. 2007. Smooth sensitivity and sampling in private data analysis. In Proceedings of the 39th Annual ACM Symposium on Theory of Computing (STOC’07). Association for Computing Machinery, New York, NY, 75–84. DOI:
[31]
Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik. 2020. APEX: A verified architecture for proofs of execution on remote devices under full software compromise. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20). USENIX Association, 771–788. Retrieved from https://www.usenix.org/conference/usenixsecurity20/presentation/nunes.
[32]
Olga Ohrimenko, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Markulf Kohlweiss, and Divya Sharma. 2015. Observing and preventing leakage in MapReduce. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). Association for Computing Machinery, New York, NY, 1570–1581. DOI:
[33]
Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan. 2011. CryptDB: Protecting confidentiality with encrypted query processing. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP’11). ACM, New York, NY, 85–100. DOI:
[34]
Christian Priebe, Kapil Vaswani, and Manuel Costa. 2018. EnclaveDB: A secure database using SGX. In Proceedings of the IEEE Symposium on Security and Privacy (SP’18). 264–278.
[35]
Davide Proserpio, Sharon Goldberg, and Frank McSherry. 2014. Calibrating data to sensitivity in private data analysis: A platform for differentially-private analysis of weighted datasets. Proc. VLDB Endow. 7, 8 (Apr.2014), 637–648. DOI:
[36]
Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing digital side-channels through obfuscated execution. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC’15). USENIX Association, Berkeley, CA, 431–446. Retrieved from http://dl.acm.org/citation.cfm?id=2831143.2831171.
[37]
Ming-Wei Shih, Sangho Lee, Taesoo Kim, and Marcus Peinado. 2017. T-SGX: Eradicating controlled-channel attacks against enclave programs. In Proceedings of the Network and Distributed System Security Symposium. DOI:
[38]
Michael Steinbrunn, Guido Moerkotte, and Alfons Kemper. 1997. Heuristic and randomized optimization for the join ordering problem. VLDB J. 6, 3 (1997), 191–208. DOI:
[39]
Julia Stoyanovich, Kenneth A. Ross, Jun Rao, Wei Fan, Volker Markl, and Guy Lohman. 2008. ReoptSMART: A learning query plan cache. Columbia University Computer Science Technical Reports, CUCS-023-08. DOI:
[40]
Yuanyuan Tian, En Liang Xu, Wei Zhao, Mir Hamid Pirahesh, Sui Jun Tong, Wen Sun, Thomas Kolanko, Md. Shahidul Haque Apu, and Huijuan Peng. 2020. IBM Db2 graph: Supporting synergistic and retrofittable graph queries inside IBM Db2. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD’20). Association for Computing Machinery, New York, NY, 345–359. DOI:
[41]
Immanuel Trummer and Christoph Koch. 2014. Multi-objective parametric query optimization. Proc. VLDB Endow. 8, 3 (Nov.2014), 221–232. DOI:
[42]
Immanuel Trummer and Christoph Koch. 2015. An incremental anytime algorithm for multi-objective query optimization. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD’15). Association for Computing Machinery, New York, NY, 1941–1953. DOI:
[43]
Ping Wang, Tian Shi, and Chandan K. Reddy. 2020. Text-to-SQL generation for question answering on electronic medical records. In Proceedings of the Web Conference (WWW’20). Association for Computing Machinery, New York, NY, 350–361. DOI:
[44]
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, Xiaofeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A. Gunter. 2017. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’17). ACM, New York, NY, 2421–2434. DOI:
[45]
Nico Weichbrodt, Anil Kurmus, Peter Pietzuch, and R. Kapitza. 2016. AsyncShock: Exploiting synchronisation bugs in intel SGX enclaves. In Proceedings of the European Symposium on Research in Computer Security. 440–457. DOI:
[46]
Min Xu, Antonis Papadimitriou, Ariel Feldman, and Andreas Haeberlen. 2018. Using differential privacy to efficiently mitigate side channels in distributed analytics. In Proceedings of the 11th European Workshop on Systems Security (EuroSec’18). Association for Computing Machinery, New York, NY. DOI:
[47]
Y. Xu, W. Cui, and M. Peinado. 2015. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In Proceedings of the IEEE Symposium on Security and Privacy. 640–656.
[48]
Ning Zhang, Jin Li, Wenjing Lou, and Y. Thomas Hou. 2018. PrivacyGuard: Enforcing private data usage with blockchain and attested execution. In Data Privacy Management, Cryptocurrencies and Blockchain Technology, Joaquin Garcia-Alfaro, Jordi Herrera-Joancomartí, Giovanni Livraga, and Ruben Rios (Eds.). Springer International Publishing, Cham, 345–353.
[49]
Wenting Zheng, Ankur Dave, Jethro G. Beekman, Raluca Ada Popa, Joseph E. Gonzalez, and Ion Stoica. 2017. Opaque: An oblivious and encrypted distributed analytics platform. In Proceedings of the 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI’17). USENIX Association, 283–298. Retrieved from https://www.usenix.org/conference/nsdi17/technical-sessions/presentation/zheng.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Database Systems
ACM Transactions on Database Systems  Volume 48, Issue 2
June 2023
102 pages
ISSN:0362-5915
EISSN:1557-4644
DOI:10.1145/3597019
Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 June 2023
Online AM: 11 May 2023
Accepted: 08 May 2023
Revised: 20 April 2023
Received: 14 April 2021
Published in TODS Volume 48, Issue 2

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Enclaved database
  2. SGX
  3. SQL queries
  4. differential privacy
  5. bi-objective parametric query optimization
  6. tradeoff between performance and privacy loss

Qualifiers

  • Research-article

Funding Sources

  • National Key Research and Development Program of China
  • National Natural Science Foundation of China
  • The Fundamental Research Funds for the Central Universitities
  • Academy of Finland

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 434
    Total Downloads
  • Downloads (Last 12 months)175
  • Downloads (Last 6 weeks)26
Reflects downloads up to 14 Feb 2025

Other Metrics

Citations

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Full Text

View this article in Full Text.

Full Text

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media