research-article

Precursor: a fast, client-centric and trusted key-value store using RDMA and Intel SGX

Authors:

Shivananda Neumann,

Nico Weichbrodt,

Lennart Almstedt,

Mohammad Mahhouk,

Rüdiger KapitzaAuthors Info & Claims

Middleware '21: Proceedings of the 22nd International Middleware Conference

Pages 1 - 13

https://doi.org/10.1145/3464298.3476129

Published: 02 October 2021 Publication History

Abstract

As offered by the Intel Software Guard Extensions (SGX), trusted execution enables confidentiality and integrity for off-site deployed services. Thereby, securing key-value stores has received particular attention, as they are a building block for many complex applications to speed-up request processing. Initially, the developers' main design challenge has been to address the performance barriers of SGX. Besides, we identified the integration of a SGX-secured key-value store with recent network technologies, especially RDMA, as an essential emerging requirement. RDMA allows fast direct access to remote memory at high bandwidth. As SGX-protected memory cannot be directly accessed over the network, a fast exchange between the main and trusted memory must be enabled. More importantly, SGX-protected services can be expected to be CPU-bound as a result of the vast number of cryptographic operations required to transfer and store data securely.

In this paper, we present Precursor, a new key-value store design that utilizes trusted execution to offer confidentiality and integrity while relying on RDMA for low latency and high bandwidth communication. Precursor offloads cryptographic operations to the client-side to prevent a server-side CPU bottleneck and reduces data movement in and out of the trusted execution environment. Our evaluation shows that Precursor achieves up to 6--8.5 times higher throughput when compared against similar SGX-secured key-value store approaches.

References

[1]

[n.d.]. 10th Gen Intel Core Processor Families Datasheet. https://www.intel.com/content/dam/www/public/us/en/documents/datasheets/10th-gen-core-families-datasheet-vol-1-datasheet.pdf. Accessed: 2020-05-23.

[2]

[n.d.]. ConnectX SmartNIC ICs. https://www.mellanox.com/products/ethernet-adapter-ic/connectx-6-en-ic. Accessed: 2020-05-23.

[3]

[n.d.]. Intel Software Guard Extensions SDK for Linux. https://01.org/intel-softwareguard-extensions/downloads/intel-sgx-linux-2.3-release. Accessed: 2020-05-23.

[4]

ARM Ltd. 2019. <i>Introducing Arm TrustZone</i>. ARM Ltd. https://developer.arm.com/ip-products/security-ip/trustzone

[5]

Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative technology for CPU based attestation and sealing. In <i>Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy</i> <i>(HASP '13)</i>.

[6]

Arvind Arasu, Ken Eguro, Raghav Kaushik, Donald Kossmann, Pingfan Meng, Vineet Pandey, and Ravi Ramamurthy. 2017a. Concerto: A high concurrency key-value store with integrity. In <i>Proceedings of the 2017 ACM International Conference on Management of Data</i>. ACM, 251–266.

[7]

Arvind Arasu, Ken Eguro, Raghav Kaushik, Donald Kossmann, Pingfan Meng, Vineet Pandey, and Ravi Ramamurthy. 2017b. Concerto: A High Concurrency Key-Value Store with Integrity. In <i>Proceedings of the 2017 ACM International Conference on Management of Data</i> (Chicago, Illinois, USA) <i>(SIGMOD '17)</i>. ACM, New York, NY, USA, 251–266.

Digital Library

[8]

Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark L. Stillwell, David Goltzsche, David Eyers, Rüdiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In <i>12th USENIX Symposium on Operating Systems Design and Implementation (OSDI)</i>.

[9]

Maurice Bailleu, Jörg Thalheim, Pramod Bhatotia, Christof Fetzer, Michio Honda, and Kapil Vaswani. 2019. SPEICHER: Securing LSM-based Key-Value Stores using Shielded Execution. In <i>17th USENIX Conference on File and Storage Technologies (FAST 19)</i>. 173–190.

[10]

Andrew Baumann, Marcus Peinado, and Galen Hunt. 2015. Shielding applications from an untrusted cloud with haven. <i>ACM Transactions on Computer Systems (TOCS)</i> 33, 3 (2015), 8.

[11]

Marcus Brandenburger, Christian Cachin, Matthias Lorenz, and Rüdiger Kapitza. 2017. Rollback and forking detection for trusted execution environments using lightweight collective memory. In <i>2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)</i>. IEEE, 157–168.

[12]

Ferdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen, and Ahmad-Reza Sadeghi. 2019. DR. SGX: automated and adjustable side-channel protection for SGX using data location randomization. In <i>Proceedings of the 35th Annual Computer Security Applications Conference</i>. 788–800.

[13]

Stefan Brenner, Colin Wulf, Matthias Lorenz, Nico Weichbrodt, David Goltzsche, Christof Fetzer, Peter Pietzuch, and Rüdiger Kapitza. 2016. SecureKeeper: Confidential ZooKeeper using Intel SGX. In <i>Middleware'16: 17th International Middleware Conference Proceedings</i>. ACM. http://www.ibr.cs.tu-bs.de/users/brenner/papers/2016-middleware-brenner-securekeeper.pdf

[14]

Pedro Celis, Per-Ake Larson, and J Ian Munro. 1985. Robin hood hashing. In <i>26th Annual Symposium on Foundations of Computer Science (sfcs 1985)</i>. IEEE, 281–288.

[15]

Lixia Chen, Jian Li, Ruhui Ma, Haibing Guan, and Hans-Arno Jacobsen. 2019a. EnclaveCache: A Secure and Scalable Key-value Cache in Multi-tenant Clouds Using Intel SGX. In <i>Proceedings of the 20th International Middleware Conference</i> (Davis, CA, USA) <i>(Middleware '19)</i>. ACM, New York, NY, USA, 14–27.

Digital Library

[16]

Youmin Chen, Youyou Lu, and Jiwu Shu. 2019b. Scalable RDMA RPC on reliable connection with efficient resource sharing. In <i>Proceedings of the Fourteenth EuroSys Conference 2019</i>. 1–14.

[17]

Te-Shun Chou. 2013. Security threats on cloud computing vulnerabilities. <i>International Journal of Computer Science & Information Technology</i> 5, 3 (2013), 79.

[18]

Brian F. Cooper, Adam Silberstein, Erwin Tam, Raghu Ramakrishnan, and Russell Sears. 2010. Benchmarking Cloud Serving Systems with YCSB. In <i>Proc.on Cloud Computing (SoCC)</i>. ACM.

Digital Library

[19]

Intel Corp. 2020. <i>Confidential Computing Consortium</i>. https://www.intel.com/content/www/us/en/security/confidential-computing.html

[20]

David Kaplan, Jeremy Powell, Tom Woller. 2016. AMD Memory Encryption, White Paper.

[21]

Judicael B Djoko, Jack Lange, and Adam J Lee. 2019. Nexus: Practical and secure access control on untrusted storage platforms using client-side sgx. In <i>2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)</i>. IEEE, 401–413.

[22]

Aleksandar Dragojević, Dushyanth Narayanan, Miguel Castro, and Orion Hodson. 2014. FaRM: Fast remote memory. In <i>11th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 14)</i>. 401–414.

[23]

Bin Fan, David G Andersen, and Michael Kaminsky. 2013. Memc3: Compact and concurrent memcache with dumber caching and smarter hashing. In <i>10th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 13)</i>. 371–384.

[24]

Philip Werner Frey and Gustavo Alonso. 2009. Minimizing the hidden cost of RDMA. In <i>2009 29th IEEE International Conference on Distributed Computing Systems</i>. IEEE, 553–560.

[25]

Advanced Micro Devices Inc. [n.d.]. AMD Secure Encrypted Virtualization (SEV). https://developer.amd.com/sev/.

[26]

Intel. 2014. Intel Software Guard Extensions Programming Reference, Revision 2. https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf.

[27]

Jithin Jose, Hari Subramoni, Miao Luo, Minjia Zhang, Jian Huang, Md Wasi-ur Rahman, Nusrat S Islam, Xiangyong Ouyang, Hao Wang, Sayantan Sur, et al. 2011. Memcached design on high performance rdma capable interconnects. In <i>2011 International Conference on Parallel Processing</i>. IEEE, 743–752.

[28]

Anuj Kalia, Michael Kaminsky, and David G. Andersen. 2014a. Using RDMA Efficiently for Key-value Services. In <i>Proceedings of the 2014 ACM Conference on SIGCOMM</i> (Chicago, Illinois, USA) <i>(SIGCOMM '14)</i>. ACM, New York, NY, USA, 295–306.

Digital Library

[29]

Anuj Kalia, Michael Kaminsky, and David G Andersen. 2014b. Using RDMA efficiently for key-value services. In <i>ACM SIGCOMM Computer Communication Review</i>, Vol. 44. ACM, 295–306.

[30]

Anuj Kalia, Michael Kaminsky, and David G Andersen. 2016. Design Guidelines for High Performance {RDMA} Systems. In <i>2016 {USENIX} Annual Technical Conference ({USENIX}{ATC} 16)</i>. 437–450.

[31]

Taehoon Kim, Joongun Park, Jaewook Woo, Seungheun Jeon, and Jaehyuk Huh. 2019. ShieldStore: Shielded In-memory Key-value Storage with SGX. In <i>Proceedings of the Fourteenth EuroSys Conference 2019</i>. ACM, 14.

[32]

Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring Fine-grained Control Flow Inside {SGX} Enclaves with Branch Shadowing. In <i>26th {USENIX} Security Symposium ({USENIX} Security 17)</i>. 557–574.

[33]

Patrick MacArthur and Robert D Russell. 2012. A performance study to guide RDMA programming decisions. In <i>2012 IEEE 14th International Conference on High Performance Computing and Communication & 2012 IEEE 9th International Conference on Embedded Software and Systems</i>. IEEE, 778–785.

[34]

Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R Savagaonkar. 2013. Innovative Instructions and Software Model for Isolated Execution. In <i>Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP)</i>.

[35]

Mellanox. [n.d.]. <i>Perftest Package</i>. https://community.mellanox.com/s/article/perftest-package

[36]

Christopher Mitchell, Yifeng Geng, and Jinyang Li. 2013a. Using One-Sided RDMA Reads to Build a Fast, CPU-Efficient Key-Value Store. In <i>Presented as part of the 2013 USENIX Annual Technical Conference (USENIX ATC 13)</i>. USENIX, San Jose, CA, 103–114. https://www.usenix.org/conference/atc13/technical-sessions/presentation/mitchell

[37]

Christopher Mitchell, Yifeng Geng, and Jinyang Li. 2013b. Using One-Sided {RDMA} Reads to Build a Fast, CPU-Efficient Key-Value Store. In <i>Presented as part of the 2013 {USENIX} Annual Technical Conference ({USENIX}{ATC} 13)</i>. 103–114.

[38]

NVIDIA. 2020. <i>NVIDIA MELLANOX CONNECTX-6 DX ETHERNET SMARTNIC</i>. https://www.mellanox.com/files/doc-2020/pb-connectx-6-dx-en-card.pdf

[39]

Oleksii Oleksenko, Bohdan Trach, Robert Krahn, Mark Silberstein, and Christof Fetzer. 2018. Varys: Protecting {SGX} Enclaves from Practical Side-Channel Attacks. In <i>2018 {USENIX} Annual Technical Conference ({USENIX}{ATC} 18)</i>. 227–240.

[40]

Meni Orenbach, Pavel Lifshits, Marina Minkin, and Mark Silberstein. 2017a. Eleos: ExitLess OS services for SGX enclaves. In <i>Proceedings of the Twelfth European Conference on Computer Systems</i>. ACM, 238–253.

Digital Library

[41]

Meni Orenbach, Pavel Lifshits, Marina Minkin, and Mark Silberstein. 2017b. Eleos: ExitLess OS Services for SGX Enclaves. In <i>Proceedings of the Twelfth European Conference on Computer Systems</i> (Belgrade, Serbia) <i>(EuroSys '17)</i>. ACM, New York, NY, USA, 238–253.

Digital Library

[42]

Siani Pearson and Azzedine Benameur. 2010. Privacy, security and trust issues arising from cloud computing. In <i>2010 IEEE Second International Conference on Cloud Computing Technology and Science</i>. IEEE, 693–702.

[43]

Pinkerton and Deleganes. 2007. <i>Direct Data Placement Protocol (DDP) / Remote Direct Memory Access Protocol (RDMAP) Security</i>. https://tools.ietf.org/html/rfc5042

[44]

Marius Poke and Torsten Hoefler. 2015. Dare: High-performance state machine replication on rdma networks. In <i>Proceedings of the 24th International Symposium on High-Performance Parallel and Distributed Computing</i>. 107–118.

[45]

Raluca A Popa, Catherine MS Redfield, Nickolai Zeldovich, and Hari Balakrishnan. 2012. CryptDB: Processing queries on an encrypted database. <i>Commun. ACM</i> 55, 9 (2012), 103–111.

[46]

Christian Priebe et al. 2019. SGX-LKL. https://github.com/lsds/sgx-lkl.

[47]

Christian Priebe, Kapil Vaswani, and Manuel Costa. 2018. Enclavedb: A secure database using sgx. In <i>2018 IEEE Symposium on Security and Privacy (SP)</i>. IEEE, 264–278.

[48]

Benjamin Rothenberger, Konstantin Taranov, Adrian Perrig, and Torsten Hoefler. [n.d.]. ReDMArk: Bypassing RDMA Security Mechanisms. ([n. d.]).

[49]

Vasily Sartakov, Nico Weichbrodt, Sebastian Krieter, Thomas Leich, and Rüdiger Kapitza. 2018. STANlite–a database engine for secure data processing at rack-scale level. In <i>Cloud Engineering (IC2E), 2018 IEEE International Conference on</i>. IEEE, 23–33. https://www.ibr.cs.tu-bs.de/users/sartakov/papers/sartakov18stanlite.pdf

[50]

F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich. 2015. VC3: Trustworthy Data Analytics in the Cloud Using SGX. In <i>2015 IEEE Symposium on Security and Privacy</i>. 38–54. 2375-1207

Digital Library

[51]

Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. 2019. ZombieLoad: Cross-privilege-boundary data sampling. <i>arXiv preprint arXiv:1905.05726</i> (2019).

[52]

Jaebaek Seo, Byoungyoung Lee, Seong Min Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim. 2017. SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. In <i>NDSS</i>.

[53]

Ming-Wei Shih, Sangho Lee, Taesoo Kim, and Marcus Peinado. 2017. T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs. In <i>NDSS</i>.

[54]

Anna Kornfeld Simpson, Adriana Szekeres, Jacob Nelson, and Irene Zhang. 2020. Securing {RDMA} for High-Performance Datacenter Storage Systems. In <i>12th {USENIX} Workshop on Hot Topics in Cloud Computing (HotCloud 20)</i>.

[55]

Rohit Sinha and Mihai Christodorescu. [n.d.]. VeritasDB: High Throughput Key-Value Store with Integrity using SGX. ([n. d.]).

[56]

Patrick Stuedi, Animesh Trivedi, Jonas Pfefferle, Radu Stoica, Bernard Metzler, Nikolas Ioannou, and Ioannis Koltsidas. 2017. Crail: A High-Performance I/O Architecture for Distributed Data Processing. <i>IEEE Data Eng. Bull.</i> 40, 1 (2017), 38–49.

[57]

Maomeng Su, Mingxing Zhang, Kang Chen, Zhenyu Guo, and Yongwei Wu. 2017. Rfp: When rpc is faster than server-bypass with rdma. In <i>Proceedings of the Twelfth European Conference on Computer Systems</i>. 1–15.

Digital Library

[58]

Hongliang Tian, Qiong Zhang, Shoumeng Yan, Alex Rudnitsky, Liron Shacham, Ron Yariv, and Noam Milshten. 2018. Switchless Calls Made Practical in Intel SGX. In <i>Proceedings of the 3rd Workshop on System Software for Trusted Execution</i> (Toronto, Canada) <i>(SysTEX '18)</i>. ACM, New York, NY, USA, 22–27.

Digital Library

[59]

Chia-Che Tsai, Donald E Porter, and Mona Vij. 2017. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In <i>2017 USENIX Annual Technical Conference (USENIX ATC '17)</i>.

[60]

Shin-Yeh Tsai, Mathias Payer, and Yiying Zhang. 2019. Pythia: remote oracles for the masses. In <i>28th {USENIX} Security Symposium ({USENIX} Security 19)</i>. 693–710.

[61]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the intel {SGX} kingdom with transient out-of-order execution. In <i>27th {USENIX} Security Symposium ({USENIX} Security 18)</i>. 991–1008.

[62]

Xingda Wei, Zhiyuan Dong, Rong Chen, and Haibo Chen. 2018. Deconstructing RDMA-enabled Distributed Transactions: Hybrid is Better!. In <i>13th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 18)</i>. 233–251.

[63]

Nico Weichbrodt, Pierre-Louis Aublin, and Rüdiger Kapitza. 2018a. Sgx-perf: A Performance Analysis Tool for Intel SGX Enclaves. In <i>Proceedings of the 19th International Middleware Conference</i> (Rennes, France) <i>(Middleware '18)</i>. ACM, New York, NY, USA, 201–213.

Digital Library

[64]

Nico Weichbrodt, Pierre-Louis Aublin, and Rüdiger Kapitza. 2018b. sgx-perf: A Performance Analysis Tool for Intel SGX Enclaves. In <i>Proceedings of the 19th International Middleware Conference</i>. ACM, 201–213.

[65]

Nico Weichbrodt, Anil Kurmus, Peter Pietzuch, and Rüdiger Kapitza. 2016. AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves <i>(ESORICS)</i>.

[66]

Ofir Weisse, Valeria Bertacco, and Todd Austin. 2017. Regaining Lost Cycles with HotCalls: A Fast Interface for SGX Secure Enclaves. <i>SIGARCH Comput. Archit. News</i> 45, 2 (June 2017), 81–93. 0163-5964

Digital Library

[67]

Juncheng Yang, Yao Yue, and KV Rashmi. 2020. A large scale analysis of hundreds of in-memory cache clusters at Twitter. In <i>14th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 20)</i>. 191–208.

[68]

Xingliang Yuan, Yu Guo, Xinyu Wang, Cong Wang, Baochun Li, and Xiaohua Jia. 2017. Enckv: An encrypted key-value store with rich queries. In <i>Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security</i>. ACM, 423–435.

Digital Library

Cited By

Han CKim TLee WShin Y(2024)S-ZAC: Hardening Access Control of Service Mesh Using Intel SGX for Zero Trust in CloudElectronics10.3390/electronics1316321313:16(3213)Online publication date: 14-Aug-2024
https://doi.org/10.3390/electronics13163213
Sha MCai YWang SPhan LLi FTan K(2024)Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory ArchitecturesProceedings of the ACM on Management of Data10.1145/36549582:3(1-29)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654958
Qiao PZhang ZLi YYuan YWang SWang GYu J(2024)AStore: Uniformed Adaptive Learned Index and Cache for RDMA-Enabled Key-Value StoreIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2024.335510036:7(2877-2894)Online publication date: Jul-2024
https://doi.org/10.1109/TKDE.2024.3355100
Show More Cited By

Index Terms

Precursor: a fast, client-centric and trusted key-value store using RDMA and Intel SGX
1. Security and privacy
  1. Software and application security
  2. Systems security

Recommendations

ShieldStore: Shielded In-memory Key-value Storage with SGX
EuroSys '19: Proceedings of the Fourteenth EuroSys Conference 2019

The shielded computation of hardware-based trusted execution environments such as Intel Software Guard Extensions (SGX) can provide secure cloud computing on remote systems under untrusted privileged system software. However, hardware overheads for ...
Using RDMA efficiently for key-value services
SIGCOMM'14

This paper describes the design and implementation of HERD, a key-value system designed to make the best use of an RDMA network. Unlike prior RDMA-based key-value systems, HERD focuses its design on reducing network round trips while using efficient ...
RDMP-KV: Designing remote direct memory persistence based key-value stores with PMEM
SC '20: Proceedings of the International Conference for High Performance Computing, Networking, Storage and Analysis

Byte-addressable persistent memory (PMEM) can be directly manipulated by Remote Direct Memory Access (RDMA) capable networks. However, existing studies to combine RDMA and PMEM can not deliver the desired performance due to their PMEM-oblivious ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

Middleware '21: Proceedings of the 22nd International Middleware Conference

December 2021

398 pages

ISBN:9781450385343

DOI:10.1145/3464298

General Chairs:
Kaiwen Zhang
ÉTS, Canada
,
Abdelouahed Gherbi
ÉTS, Canada
,
Program Chairs:
Nalini Venkatasubramanian
UC Irvine
,
Luís Veiga
IST (U.Lisboa) & INESC-ID, Portugal

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACM: Association for Computing Machinery

In-Cooperation

USENIX Assoc: USENIX Assoc
IFIP

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 October 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Deutsche Forschungsgemeinschaft

Conference

Middleware '21

Sponsor:

ACM

Middleware '21: 22nd International Middleware Conference

December 6 - 10, 2021

Québec city, Canada

Acceptance Rates

Overall Acceptance Rate 203 of 948 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
551
Total Downloads

Downloads (Last 12 months)90
Downloads (Last 6 weeks)7

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Han CKim TLee WShin Y(2024)S-ZAC: Hardening Access Control of Service Mesh Using Intel SGX for Zero Trust in CloudElectronics10.3390/electronics1316321313:16(3213)Online publication date: 14-Aug-2024
https://doi.org/10.3390/electronics13163213
Sha MCai YWang SPhan LLi FTan K(2024)Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory ArchitecturesProceedings of the ACM on Management of Data10.1145/36549582:3(1-29)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654958
Qiao PZhang ZLi YYuan YWang SWang GYu J(2024)AStore: Uniformed Adaptive Learned Index and Cache for RDMA-Enabled Key-Value StoreIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2024.335510036:7(2877-2894)Online publication date: Jul-2024
https://doi.org/10.1109/TKDE.2024.3355100
Ait Messaoud ABen Mokhtar SSimonet-Boulogne A(2024)Tee-based key-value stores: a surveyThe VLDB Journal10.1007/s00778-024-00877-634:1Online publication date: 18-Dec-2024
https://doi.org/10.1007/s00778-024-00877-6
Howard HAlder FAshton EChamayou AClebsch SCosta MDelignat-Lavaud AFournet CJeffery AKerner MKounelis FKuppe MMaffre JRussinovich MWintersteiger C(2023)Confidential Consortium Framework: Secure Multiparty Applications with Confidentiality, Integrity, and High AvailabilityProceedings of the VLDB Endowment10.14778/3626292.362630417:2(225-240)Online publication date: 1-Oct-2023
https://dl.acm.org/doi/10.14778/3626292.3626304
Stavrakakis DGiantsidi DBailleu MSändig PIssa SBhatotia P(2023)Anchor: A Library for Building Secure Persistent Memory SystemsProceedings of the ACM on Management of Data10.1145/36267181:4(1-31)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3626718
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Shen CFan L(2023)Pldb: Protecting LSM-based Key-Value Store using Trusted Execution Environment2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00111(762-771)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00111
Kim TPark HLee SShin SHur JShin Y(2023)DevIOus: Device-Driven Side-Channel Attacks on the IOMMU2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179283(2288-2305)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179283

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents