Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
OSDI 2000 Abstract

How to Build a Trusted Database System on Untrusted Storage

Umesh Maheshwari, Radek Vingralek, and Bill Shapiro, STAR Lab, InterTrust Technologies Corp.


Some emerging applications require programs to maintain sensitive state on untrusted hosts. This paper presents the architecture and implementation of a trusted database system, TDB, which leverages a small amount of trusted storage to protect a scalable amount of untrusted storage. The database is encrypted and validated against a collision-resistant hash kept in trusted storage, so untrusted programs cannot read the database or modify it undetectably. TDB integrates encryption and hashing with a low-level data model, which protects data and metadata uniformly, unlike systems built on top of a conventional database system. The implementation exploits synergies between hashing and log-structured storage. Preliminary performance results show that TDB outperforms an off-the-shelf embedded database system, thus supporting the suitability of the TDB architecture.
  • View the full text of this paper in HTML form, and PDF form.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.

  • To become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 16 Jan. 2002 ml
Technical Program
OSDI 2000 Home