Skip to Main content Skip to Navigation

Privacy-Preserving Query Execution using Tamper Resistant Hardware. Design and Performance Considerations

Cuong Quoc To 1, 2
2 SMIS - Secured and Mobile Information Systems
PRISM - Parallélisme, Réseaux, Systèmes, Modélisation, UVSQ - Université de Versailles Saint-Quentin-en-Yvelines, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR8144
Abstract : Current applications, from complex sensor systems (e.g. quantified self) to online e- markets acquire vast quantities of personal information which usually end-up on central servers. This massive amount of personal data, the new oil, represents an unprecedented potential for applications and business. However, centralizing and processing all one‟s data in a single server, where they are exposed to prying eyes, poses a major problem with regards to privacy concern. Conversely, decentralized architectures helping individuals keep full control of their data, but they complexify global treatments and queries, impeding the development of innovative services. In this thesis, we aim at reconciling individual's privacy on one side and global benefits for the community and business perspectives on the other side. It promotes the idea of pushing the security to secure hardware devices controlling the data at the place of their acquisition. Thanks to these tangible physical elements of trust, secure distributed querying protocols can reestablish the capacity to perform global computations, such as SQL aggregates, without revealing any sensitive information to central servers. This thesis studies the subset of SQL queries without external joins and shows how to secure their execution in the presence of honest-but-curious attackers. It also discusses how the resulting querying protocols can be integrated in a concrete decentralized architecture. Cost models and experiments on SQL/AA, our distributed prototype running on real tamper-resistant hardware, demonstrate that this approach can scale to nationwide applications.
Complete list of metadatas

Cited literature [53 references]  Display  Hide  Download
Contributor : Luc Bouganim <>
Submitted on : Monday, January 11, 2016 - 12:37:12 PM
Last modification on : Friday, January 10, 2020 - 3:42:21 PM
Document(s) archivé(s) le : Tuesday, April 12, 2016 - 11:16:25 AM


  • HAL Id : tel-01253759, version 1



Cuong Quoc To. Privacy-Preserving Query Execution using Tamper Resistant Hardware. Design and Performance Considerations. Databases [cs.DB]. Université de Versailles Saint-Quentin-en-Yvelines, 2015. English. ⟨tel-01253759⟩



Record views


Files downloads