SPEICHER - Securing LSM-based Key-Value Stores Using Shielded Execution
Offered By: USENIX via YouTube
Course Description
Overview
Explore a cutting-edge secure storage system called Speicher in this 21-minute conference talk from FAST '19. Dive into the innovative approach of using shielded execution and Intel SGX to provide strong confidentiality, integrity, and data freshness guarantees for LSM-based Key-Value stores. Learn how Speicher extends trust beyond secure SGX enclave memory to protect data on untrusted storage media, even during system crashes, reboots, or migrations. Discover the design of an authenticated and confidentiality-preserving LSM data structure, the implementation of asynchronous trusted counters for data freshness, and the development of a direct I/O library to overcome SGX enclave I/O bottlenecks. Gain insights into Speicher's performance evaluation using the RocksDB benchmark and understand how it achieves a balance between strong security guarantees and maintaining a small trusted computing base.
Syllabus
FAST '19 - SPEICHER: Securing LSM-based Key-Value Stores using Shielded Execution
Taught by
USENIX
Related Courses
Systems & Networks Seminar - Andrew Bauman - Komodo: Using Verification to Disentangle Secure-Enclave Hardware from SoftwarePaul G. Allen School via YouTube Plundervolt - Flipping Bits from Software without Rowhammer
Black Hat via YouTube When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Black Hat via YouTube CLKscrew - Exposing the Perils of Security-Oblivious Energy Management
Black Hat via YouTube Port Contention for Fun and Profit
IEEE via YouTube