Research On SGX-based Security Database In Cloud Environment

Posted on:2020-04-14

Degree:Master

Type:Thesis

Country:China

Candidate:G Lin

Full Text:PDF

GTID:2518306518962979

Subject:Computer Science and Technology

Abstract/Summary:

PDF Full Text Request

The computing resource sharing model of cloud computing brings convenience and introduces cloud computing security issues.Cloud computing service providers have become the administrators of cloud computing user data,and user data has hidden dangers of privacy leakage.This paper focuses on the security of the database management system in the cloud environment.The concept of trusted computing can solve the problem of untrustworthiness of cloud service providers,and use a secure hardware environment to execute applications in an isolated environment.The research in this paper is based on Intel SGX technology,which provides hardware-level memory isolation and remote attestation.This article studies how to use SGX technology to implement a secure cloud database application.First understand the work related to SGX-based virtual containers.Although the use of containers can reduce the cost of migrating applications to the SGX environment,it cannot be widely used.Because the native database cannot be migrated to the SGX container,an encrypted database solution was adopted.Compared with other encrypted database solutions,this article is mainly based on the scalability of the database system,combined with the use of SGX security features to provide key protection,using a more powerful AES encryption algorithm,can make full use of the Intel CPU encryption engine to improve performance,and Optimized for the performance problems brought by SGX,there is a significant performance improvement.Finally,the optimized scheme is implemented,and the system design and related configuration are described in detail.Experiments show that on the basis of using SGX technology,the system can run,and the database management system can keep a small overhead when performing the extension of SGX implementation.It is concluded that using SGX to protect the database management system requires development from source code,and direct porting using virtual container technology is not feasible,so adding extensions to the database management system is a relatively practical solution.

Keywords/Search Tags:

Intel SGX, Cloud Computing, Cloud Security, Encrypted DBMS, Trusted Computing

PDF Full Text Request

Related items

1	A Trusted Hardware Based Approach To Protecting Data Confidentiality In Cloud
2	Research On Key Issues In Cloud Computing Security Based On Trusted Computing
3	Research On Key Technologies Of Building Trusted Virtual Private Datacenter For Cloud Computing
4	The Research On Some Theories And Key Technologies Of Hybrid Cloud Computing Security
5	Research Of Trusted Cloud Architecture And The Key Technologies
6	Anonymously Multiple Keyword Ranking Search Over Encrypted Data In Cloud Computing
7	Research On The Key Technology Of Trust Root Based On Cloud Platform
8	Anonymously Keyword Search Over Encrypted Data In Cloud Computing
9	Research And Achieve On The Key Technology Of Trusted Support Mechanism In The Cloud Computing
10	Research On Key Security Technologies Of Trusted Cloud Service And Terminal