CONTROLLING SECURE PROCESSING OF CONFIDENTIAL DATA IN UNTRUSTED DEVICES

摘要

A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.

主权项

1. A system comprising:
at least one hardware device processor; and a computer-readable storage medium storing executable instructions that, when executed, cause one or more of the at least one hardware device processor to:
control a number of transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a database management system, the data being communicated for database transaction processing in the secure trusted device, the number of transmissions being controlled by:
receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, the index comprising secure, encrypted index values,decrypting, at the trusted device, the key and one or more of the encrypted index values, andinitiating a transmission, in response to the receiving, a pointer value that identifies a lookup position in the index for the key.