Post-graduate theses
Search command : Author="Καραδήμας"
And Author="Ευάγγελος"
Current Record: 14 of 6695
|
Identifier |
000465352 |
Title |
Protecting LSM key-value stores using Secure Enclaves |
Alternative Title |
Προστασία LSM key-value store συστημάτων χρησιμοποιώντας Ασφαλή Περιβάλλοντα Εκτέλεσης |
Author
|
Ευδώρου, Γιάννος Δ.
|
Thesis advisor
|
Μπίλας, Άγγελος
|
Reviewer
|
Πρατικάκης, Πολύβιος
Βασιλειάδης, Γιώργος
|
Abstract |
Log-structured merge (LSM) key-value stores are widely used in various applica-
tions mainly due to their ability to handle writes efficiently. However, ensuring
the security and integrity of the stored data remains challenging, especially in
untrusted infrastructures (such as cloud environments). Hardware-based Trusted
Execution Environments (TEEs) are a practical solution that provides trust guar-
antees for code execution in third-party computing environments and protects even
against highly privileged adversaries. Previous work has implemented fully func-
tional, secure key-value stores in TEEs; however, they suffer from high memory
pressure which is a major limitation for TEE applications.
This thesis presents Fennec, a secure LSM-based key-value store designed to
protect data confidentiality and integrity using hardware-based TEEs. Fennec
leverages unique, per-level encryption keys and hash-based message authentica-
tion codes (HMACs) to safeguard data against various threats, including root-
privileged access, tampering, physical attacks, and replay attacks. The system
also employs a log protection mechanism to ensure data recoverability in the face
of failures while preventing rollback attacks. Our evaluation demonstrates that
Fennec achieves strong security guarantees with a slowdown of 6.6× when com-
pared to the unprotected key-value store while reducing the amount of memory
needed to store the history of encryption keys by up to 50× compared to previous
work.
|
Language |
English |
Subject |
Cryptography |
|
LSM trees |
|
Security |
|
Storage systems |
|
Trusted execution environments |
|
Ασφάλεια συστημάτων |
|
Κρυπτογραφία |
|
Συστήματα αποθήκευσης |
Issue date |
2024-07-26 |
Collection
|
School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
|
|
Type of Work--Post-graduate theses
|
Permanent Link |
https://elocus.lib.uoc.gr//dlib/a/4/f/metadata-dlib-1718178608-48887-24450.tkl
|
Views |
711 |