EnclaveCache: A Secure and Scalable Key-value Cache in Multi-tenant Clouds using Intel SGX

Lixia Chen, Jian Li, Ruhui Ma, Haibing Guan, Hans Arno Jacobsen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Scopus citations

Abstract

With in-memory key-value caches such as Redis and Memcached being a key component for many systems to improve throughput and reduce latency, cloud caches have been widely adopted for small companies to deploy their own cache systems. However, data security is still a major concern, which affects the adoption of cloud caches. Tenant’s data stored in a multi-tenant cloud environment faces threats from both co-located other tenants, as well as the untrusted cloud provider. We proposed EnclaveCache, which is a multi-tenant key-value cache that provides data confidentiality and privacy leveraging Intel Software Guard Extensions (SGX). EnclaveCache utilizes multiple SGX enclaves to enforce data isolation among co-located tenants. With a carefully designed key distribution procedure, EnclaveCache ensures that a tenant-specific encryption key is securely guarded by an enclave to perform cryptography operations towards tenant’s data. Experimental results show that EnclaveCache achieves comparable performance to traditional key-value caches (with secure communication) with a performance overhead of 13% while ensuring security guarantees and better scalability.

Original languageEnglish
Title of host publicationMiddleware 2019 - Proceedings of the 2019 20th International Middleware Conference
PublisherAssociation for Computing Machinery, Inc
Pages14-27
Number of pages14
ISBN (Electronic)9781450370097
DOIs
StatePublished - 9 Dec 2019
Externally publishedYes
Event20th ACM/IFIP/USENIX Middleware Conference, Middleware 2019 - Davis, United States
Duration: 9 Dec 201913 Dec 2019

Publication series

NameMiddleware 2019 - Proceedings of the 2019 20th International Middleware Conference

Conference

Conference20th ACM/IFIP/USENIX Middleware Conference, Middleware 2019
Country/TerritoryUnited States
CityDavis
Period9/12/1913/12/19

Keywords

  • Key-value Cache
  • Multi-tenant
  • SGX
  • Security

Fingerprint

Dive into the research topics of 'EnclaveCache: A Secure and Scalable Key-value Cache in Multi-tenant Clouds using Intel SGX'. Together they form a unique fingerprint.

Cite this