Why and How to Build a Trusted Database System on Untrusted Storage

Radek Vingralek
InterTrust STAR Lab



Some emerging applications are required to store sensitive state in untrusted storage. For example, Digital Rights Management Systems need to maintain metering information on clients, where it might be tampered with. I will present the architecture and design of an embedded trusted database system, TDB, which leverages a small amount of trusted storage to protect a scalable amount of untrusted storage. TDB protects the secrecy of its data by encrypting it with a key stored in trusted storage. Similarly, it protects the integrity of the database by validating it against a one-way hash stored in the trusted storage. The hash is efficiently computed using a hash tree, which is integrated with the log-structured storage organization of TDB. I will show that TDB, even with the extra security overhead, outperforms BerkeleyDB, a widely used embedded database system.

Joint work with U. Maheshwari and W. Shapiro