Controlling secure processing of confidential data in untrusted devices
First Claim
1. A system comprising:
- a trusted device configured to implement a plurality of stack machines;
at least one hardware device processor; and
a computer-readable storage medium storing executable instructions that, when executed, cause the at least one hardware device processor to implement an untrusted module,wherein the untrusted module is configured to;
receive requests to perform one or more database processing operations on data that is stored in secure, encrypted form on the system;
initiate the one or more database processing operations by sending transaction work units from the untrusted module to the trusted device, the trusted device using the plurality of stack machines to execute the transaction work units;
queue additional transaction work units at the untrusted module while the plurality of stack machines of the trusted device are busy;
responsive to detecting that a particular stack machine becomes available, send a batch of additional transaction work units from the untrusted module to the trusted device;
obtain secure query results of processing the transaction work units and the additional transaction work units from the trusted device; and
provide the secure query results in response to the requests.
1 Assignment
0 Petitions
Accused Products
Abstract
A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.
7 Citations
20 Claims
-
1. A system comprising:
-
a trusted device configured to implement a plurality of stack machines; at least one hardware device processor; and a computer-readable storage medium storing executable instructions that, when executed, cause the at least one hardware device processor to implement an untrusted module, wherein the untrusted module is configured to; receive requests to perform one or more database processing operations on data that is stored in secure, encrypted form on the system; initiate the one or more database processing operations by sending transaction work units from the untrusted module to the trusted device, the trusted device using the plurality of stack machines to execute the transaction work units; queue additional transaction work units at the untrusted module while the plurality of stack machines of the trusted device are busy; responsive to detecting that a particular stack machine becomes available, send a batch of additional transaction work units from the untrusted module to the trusted device; obtain secure query results of processing the transaction work units and the additional transaction work units from the trusted device; and provide the secure query results in response to the requests. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
receiving requests to perform database processing operations, the requests being received by an untrusted module of a computing device; based at least on the requests, performing the database processing operations by sending transaction work units from the untrusted module to a trusted module having a plurality of stack machines; queuing additional transaction work units at the untrusted module while the plurality of stack machines of the trusted module are busy; responsive to detecting that a particular stack machine becomes available, sending a batch of additional transaction work units from the untrusted module to the trusted module; obtaining secure query results of processing the transaction work units and the additional transaction work units from the trusted module; and providing the secure query results in response to the requests. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system comprising:
-
at least one hardware device processor; and a computer-readable storage medium storing executable instructions that, when executed, cause the at least one hardware device processor to implement an untrusted module, wherein the untrusted module is configured to; receive requests to perform one or more database processing operations on data that is stored in secure, encrypted form by the system; initiate the one or more database processing operations by sending transaction work units from the untrusted module to a trusted module having a plurality of stack machines configured to execute the transaction work units; queue additional transaction work units at the untrusted module while the plurality of stack machines of the trusted module are busy; responsive to detecting that a particular stack machine becomes available, send a batch of additional transaction work units from the untrusted module to the trusted module; obtain secure query results of processing the transaction work units and the additional transaction work units from the trusted module; and provide the secure query results in response to the requests. - View Dependent Claims (19, 20)
-
Specification