ObliDC: An SGX-based oblivious distributed computing framework with formal proof
Data privacy is becoming one of the most critical concerns in cloud computing. Several proposals based on Intel SGX such as VC3 and M2R have been introduced in the literature to protect data privacy during job execution in the cloud. However, a comprehensive formal proof of their security guarantees...
Saved in:
Main Authors: | , , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2019
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/4512 https://ink.library.smu.edu.sg/context/sis_research/article/5515/viewcontent/p86_wu.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-5515 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-55152020-04-30T02:58:59Z ObliDC: An SGX-based oblivious distributed computing framework with formal proof WU, Pengfei SHEN, Qingni DENG, Robert H. LIU, Ximeng ZHANG, Yinghui WU, Zhonghai Data privacy is becoming one of the most critical concerns in cloud computing. Several proposals based on Intel SGX such as VC3 and M2R have been introduced in the literature to protect data privacy during job execution in the cloud. However, a comprehensive formal proof of their security guarantees is still lacking. In this paper, we propose ObliDC, a general UC-secure SGX-based oblivious distributed computing framework. First, we model the life-cycle of a distributed computing job as data-flow graphs. Under the assumption of malicious, adaptive adversaries in the cloud, we then formally define data privacy of a distributed computing job by introducing a notion named ODC-privacy, which encompasses both semantic security (to protect data confidentiality during computation and transmission) and oblivious traffic (to prevent data leakage from traffic analysis). ObliDC is composed of four two-party protocols -- job deployment, job initialization, job execution, and results return, which allow for modular construction of concrete privacy-preserving job protocols in different distributed computing frameworks. Finally, inspired by a formal abstraction for trusted processors proposed by R. Pass et al., we formally prove the security of ObliDC under the universal composability (UC) framework. 2019-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4512 info:doi/10.1145/3321705.3329822 https://ink.library.smu.edu.sg/context/sis_research/article/5515/viewcontent/p86_wu.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Distributed computing systems Formal proof Intel SGX Oblivious computation Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Distributed computing systems Formal proof Intel SGX Oblivious computation Information Security |
spellingShingle |
Distributed computing systems Formal proof Intel SGX Oblivious computation Information Security WU, Pengfei SHEN, Qingni DENG, Robert H. LIU, Ximeng ZHANG, Yinghui WU, Zhonghai ObliDC: An SGX-based oblivious distributed computing framework with formal proof |
description |
Data privacy is becoming one of the most critical concerns in cloud computing. Several proposals based on Intel SGX such as VC3 and M2R have been introduced in the literature to protect data privacy during job execution in the cloud. However, a comprehensive formal proof of their security guarantees is still lacking. In this paper, we propose ObliDC, a general UC-secure SGX-based oblivious distributed computing framework. First, we model the life-cycle of a distributed computing job as data-flow graphs. Under the assumption of malicious, adaptive adversaries in the cloud, we then formally define data privacy of a distributed computing job by introducing a notion named ODC-privacy, which encompasses both semantic security (to protect data confidentiality during computation and transmission) and oblivious traffic (to prevent data leakage from traffic analysis). ObliDC is composed of four two-party protocols -- job deployment, job initialization, job execution, and results return, which allow for modular construction of concrete privacy-preserving job protocols in different distributed computing frameworks. Finally, inspired by a formal abstraction for trusted processors proposed by R. Pass et al., we formally prove the security of ObliDC under the universal composability (UC) framework. |
format |
text |
author |
WU, Pengfei SHEN, Qingni DENG, Robert H. LIU, Ximeng ZHANG, Yinghui WU, Zhonghai |
author_facet |
WU, Pengfei SHEN, Qingni DENG, Robert H. LIU, Ximeng ZHANG, Yinghui WU, Zhonghai |
author_sort |
WU, Pengfei |
title |
ObliDC: An SGX-based oblivious distributed computing framework with formal proof |
title_short |
ObliDC: An SGX-based oblivious distributed computing framework with formal proof |
title_full |
ObliDC: An SGX-based oblivious distributed computing framework with formal proof |
title_fullStr |
ObliDC: An SGX-based oblivious distributed computing framework with formal proof |
title_full_unstemmed |
ObliDC: An SGX-based oblivious distributed computing framework with formal proof |
title_sort |
oblidc: an sgx-based oblivious distributed computing framework with formal proof |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2019 |
url |
https://ink.library.smu.edu.sg/sis_research/4512 https://ink.library.smu.edu.sg/context/sis_research/article/5515/viewcontent/p86_wu.pdf |
_version_ |
1770574879798591488 |