Accession Number : AD1034658

Title :   PACE: Proactively Secure Accumulo with Cryptographic Enforcement

Descriptive Note : Technical Report

Corporate Author : MIT Lincoln Laboratory Lexington United States

Personal Author(s) : Ruoti,Scott I ; Hamlin,Ariel T ; Shen,Emily H ; Cunningham,Robert K

Full Text :

Report Date : 27 May 2017

Pagination or Media Count : 7

Abstract : Cloud-hosted databases have many compelling benefits, including high availability, flexible resource allocation, and resiliency to attack, but it requires that cloud tenants cede control of their data to the cloud provider. In this paper, we describe Proactively-secure Accumulo with Cryptographic Enforcement (PACE), a client-side library that cryptographically protects a tenants data, returning control of that data to the tenant. PACE is a drop-in replacement for Accumulos APIs and works with Accumulos row-level security model. We evaluate the performance of PACE, discussing the impact of encryption and signatures on operation throughput.

Descriptors :   computer access control , cryptography , algorithms , databases , cloud computing , availability , resilience , test and evaluation , performance(engineering) , infrastructure

Subject Categories : Computer Systems

Distribution Statement : APPROVED FOR PUBLIC RELEASE