Show simple item record

dc.contributor.advisorNickolai Zeldovich
dc.contributor.authorPopa, Raluca Adaen_US
dc.contributor.authorZeldovich, Nickolaien_US
dc.contributor.authorBalakrishnan, Harien_US
dc.contributor.otherParallel and Distributed Operating Systemsen
dc.date.accessioned2011-02-01T20:15:04Z
dc.date.available2011-02-01T20:15:04Z
dc.date.issued2011-01-26
dc.identifier.urihttp://hdl.handle.net/1721.1/60876
dc.description.abstractCryptDB is a DBMS that provides provable and practical privacy in the face of a compromised database server or curious database administrators. CryptDB works by executing SQL queries over encrypted data. At its core are three novel ideas: an SQL-aware encryption strategy that maps SQL operations to encryption schemes, adjustable query-based encryption which allows CryptDB to adjust the encryption level of each data item based on user queries, and onion encryption to efficiently change data encryption levels. CryptDB only empowers the server to execute queries that the users requested, and achieves maximum privacy given the mix of queries issued by the users. The database server fully evaluates queries on encrypted data and sends the result back to the client for final decryption; client machines do not perform any query processing and client-side applications run unchanged. Our evaluation shows that CryptDB has modest overhead: on the TPC-C benchmark on Postgres, CryptDB reduces throughput by 27% compared to regular Postgres. Importantly, CryptDB does not change the innards of existing DBMSs: we realized the implementation of CryptDB using client-side query rewriting/encrypting, user-defined functions, and server-side tables for public key information. As such, CryptDB is portable; porting CryptDB to MySQL required changing 86 lines of code, mostly at the connectivity layer.en_US
dc.format.extent13 p.en_US
dc.relation.ispartofseriesMIT-CSAIL-TR-2011-005
dc.rightsCreative Commons Attribution-NonCommercial-NoDerivs 3.0 Unporteden
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/
dc.subjectconfidentialityen_US
dc.subjectprivacyen_US
dc.subjectcloud computingen_US
dc.subjectoutsourced databasesen_US
dc.subjectqueries over encrypted dataen_US
dc.titleCryptDB: A Practical Encrypted Relational DBMSen_US


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record