Last modified: 08/27/03 11:56:54 AM
S.W. Smith, D. Safford.
``Practical Server Privacy Using Secure Coprocessors.''
IBM Systems Journal
40: 683-695. 2001.
What does it take to implement a server that provides access to
records in a large database, in a way that ensures that this access is
completely private---even to the operator of this server? In this paper,
we examine the question: Using current commercially available
technology, is it practical to build such a server, for real databases
of realistic size, that offers reasonable performance---scaling well,
parallelizing well, working with the current client infrastructure,
and enabling server operators of otherwise unknown credibility to
prove their service has these privacy properties? We consider this
problem in the light of commercially available secure
coprocessors---whose internal memory is still much, much smaller than
the typical database size---and construct an algorithm that both
provides asymptotically optimal performance and also promises
reasonable performance in real implementations. Preliminary prototypes
support this analysis, but leave many areas for further work.
Iliev Smith 2003