Paper Info
Title
STANlite – A Database Engine for Secure Data Processing at Rack-Scale Level
Abstract
Intel's novel Software Guard eXtensions (SGX) enable secure and trusted execution of services, thereby paving the way to outsource sensitive data processing to external data centers. While SGX promises trusted execution close to native speed, frequent I/O operations and memory usage beyond a hardware-dependent threshold of currently 92 MiB result in substantial performance degradation. For memory-intensive workloads such as key-value stores and databases these penalties can be prohibitively high. We present STANlite - an in-memory database engine for SGX-enabled secure data processing in rack-scale environments. STANlite performs efficient user-level paging, whenever a database workload requires more space than the performance-friendly in-memory state size. Furthermore, STANlite smartly combines the properties of Remote Direct Memory Access (RDMA) and SGX to reduce the overhead of network-based I/O operations. While SGX usually provides confidentiality and integrity at the same time, STANlite enables a purely integrity preserving data management mode for additional performance. Finally, STANlite features a small trusted computing base and is memory-efficient, as it extends SQLite, a database for embedded use. We evaluated STANlite in terms of query response time. It outperforms a vanilla SGX-based SQLite version by 1.79x for microbenchmarks and 2.44x for TPC-C.
Year
DOI
Venue
2018
10.1109/IC2E.2018.00024
2018 IEEE International Conference on Cloud Engineering (IC2E)
Keywords
Field
DocType
Memory encryption,database,SGX
Data processing,Computer science,Response time,Database engine,Software,Remote direct memory access,Paging,Trusted computing base,Data management,Operating system
Conference
ISBN
Citations 
PageRank 
978-1-5386-5009-7
2
0.37
References 
Authors
14
5
Name
Order
Citations
PageRank
Vasily A. Sartakov1122.66
Nico Weichbrodt2754.57
Sebastian Krieter38513.81
Thomas Leich492558.39
Rüdiger Kapitza573359.72