Saved in:
Bibliographic Details
Main Authors: Messaoud, Aghiles Ait, Mokhtar, Sonia Ben, Simonet-Boulogne, Anthony
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2501.03118
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909448890482688
author Messaoud, Aghiles Ait
Mokhtar, Sonia Ben
Simonet-Boulogne, Anthony
author_facet Messaoud, Aghiles Ait
Mokhtar, Sonia Ben
Simonet-Boulogne, Anthony
contents Key-Value Stores (KVSs) are No-SQL databases that store data as key-value pairs and have gained popularity due to their simplicity, scalability, and fast retrieval capabilities. However, storing sensitive data in KVSs requires strong security properties to prevent data leakage and unauthorized tampering. While software (SW)-based encryption techniques are commonly used to maintain data confidentiality and integrity, they suffer from several drawbacks. They strongly assume trust in the hosting system stack and do not secure data during processing unless using performance-heavy techniques (e.g., homomorphic encryption). Alternatively, Trusted Execution Environments (TEEs) provide a solution that enforces the confidentiality and integrity of code and data at the CPU level, allowing users to build trusted applications in an untrusted environment. They also secure data in use by providing an encapsulated processing environment called enclave. Nevertheless, TEEs come with their own set of drawbacks, including performance issues due to memory size limitations and CPU context switching. This paper examines the state of the art in TEE-based confidential KVSs and highlights common design strategies used in KVSs to leverage TEE security features while overcoming their inherent limitations. This work aims to provide a comprehensive understanding of the use of TEEs in KVSs and to identify research directions for future work.
format Preprint
id arxiv_https___arxiv_org_abs_2501_03118
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle TEE-based Key-Value Stores: a Survey
Messaoud, Aghiles Ait
Mokhtar, Sonia Ben
Simonet-Boulogne, Anthony
Cryptography and Security
Databases
Key-Value Stores (KVSs) are No-SQL databases that store data as key-value pairs and have gained popularity due to their simplicity, scalability, and fast retrieval capabilities. However, storing sensitive data in KVSs requires strong security properties to prevent data leakage and unauthorized tampering. While software (SW)-based encryption techniques are commonly used to maintain data confidentiality and integrity, they suffer from several drawbacks. They strongly assume trust in the hosting system stack and do not secure data during processing unless using performance-heavy techniques (e.g., homomorphic encryption). Alternatively, Trusted Execution Environments (TEEs) provide a solution that enforces the confidentiality and integrity of code and data at the CPU level, allowing users to build trusted applications in an untrusted environment. They also secure data in use by providing an encapsulated processing environment called enclave. Nevertheless, TEEs come with their own set of drawbacks, including performance issues due to memory size limitations and CPU context switching. This paper examines the state of the art in TEE-based confidential KVSs and highlights common design strategies used in KVSs to leverage TEE security features while overcoming their inherent limitations. This work aims to provide a comprehensive understanding of the use of TEEs in KVSs and to identify research directions for future work.
title TEE-based Key-Value Stores: a Survey
topic Cryptography and Security
Databases
url https://arxiv.org/abs/2501.03118