University of Twente Student Theses
Protecting against internal attackers with hardware-aided proxy re-encryption
Brattinga, M. (2023) Protecting against internal attackers with hardware-aided proxy re-encryption.
|
PDF
1MB |
| Abstract: | This research proposes an architecture that eliminates sensitive plaintext data at a trusted service provider. This architecture reduces the impact of data breaches, as they do not involve plaintext data. A typical use-case for the proposed architecture is a service provider which allows authorized third parties to request data from and insert data into a database via an API. The service provider is in control of the data and can use regular SQL functionality on encrypted data, while no plaintext is present on both the API application server and the database server. An Intel SGX trusted execution environment extends the Microsoft Always Encrypted cryptography by re-encrypting sensitive data towards third parties. Results shows that the additional security eliminates plaintext leakage at the price of an acceptable performance impact, demonstrating the feasibility and potential of the proposed architecture in practice. |
| Item Type: | Essay (Master) |
| Clients: | RDW |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/96282 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page