Secure Conflict-free Replicated Data Types

Proceedings of the 22nd International Conference on Distributed Computing and Networking Pub Date : 2020-12-25 DOI:10.1145/3427796.3427831

M. Barbosa, Bernardo Ferreira, João Marques, Bernardo Portela, Nuno M. Preguiça

{"title":"Secure Conflict-free Replicated Data Types","authors":"M. Barbosa, Bernardo Ferreira, João Marques, Bernardo Portela, Nuno M. Preguiça","doi":"10.1145/3427796.3427831","DOIUrl":null,"url":null,"abstract":"Conflict-free Replicated Data Types (CRDTs) are abstract data types that support developers when designing and reasoning about distributed systems with eventual consistency guarantees. In their core they solve the problem of how to deal with concurrent operations, in a way that is transparent for developers. However in the real world, distributed systems also suffer from other relevant problems, including security and privacy issues and especially when participants can be untrusted. In this paper we present new privacy-preserving CRDT protocols that can be used to help secure distributed cloud-backed applications, including NoSQL geo-replicated databases. Our proposals are based on standard CRDTs, such as sets and counters, augmented with cryptographic mechanisms that allow their operations to be performed on encrypted data. We accompany our proposals with formal security proofs and implement and integrate them in AntidoteDB, a geo-replicated NoSQL database that leverages CRDTs for its operations. Experimental evaluations based on the Danish Shared Medication Record dataset (FMK) exhibit the tradeoffs that our different proposals make and show that they are ready to be used in practical applications.","PeriodicalId":335477,"journal":{"name":"Proceedings of the 22nd International Conference on Distributed Computing and Networking","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 22nd International Conference on Distributed Computing and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3427796.3427831","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Conflict-free Replicated Data Types (CRDTs) are abstract data types that support developers when designing and reasoning about distributed systems with eventual consistency guarantees. In their core they solve the problem of how to deal with concurrent operations, in a way that is transparent for developers. However in the real world, distributed systems also suffer from other relevant problems, including security and privacy issues and especially when participants can be untrusted. In this paper we present new privacy-preserving CRDT protocols that can be used to help secure distributed cloud-backed applications, including NoSQL geo-replicated databases. Our proposals are based on standard CRDTs, such as sets and counters, augmented with cryptographic mechanisms that allow their operations to be performed on encrypted data. We accompany our proposals with formal security proofs and implement and integrate them in AntidoteDB, a geo-replicated NoSQL database that leverages CRDTs for its operations. Experimental evaluations based on the Danish Shared Medication Record dataset (FMK) exhibit the tradeoffs that our different proposals make and show that they are ready to be used in practical applications.

查看原文本刊更多论文

安全无冲突复制数据类型

无冲突复制数据类型(crdt)是抽象数据类型，它支持开发人员在设计和推理分布式系统时提供最终一致性保证。它们的核心是解决如何处理并发操作的问题，以一种对开发人员透明的方式。然而，在现实世界中，分布式系统也存在其他相关问题，包括安全和隐私问题，特别是当参与者不可信时。在本文中，我们提出了新的保护隐私的CRDT协议，可用于帮助保护分布式云支持的应用程序，包括NoSQL地理复制数据库。我们的建议是基于标准的crdt，如集合和计数器，增强了加密机制，使其操作能够在加密数据上执行。我们为我们的建议提供正式的安全证明，并在AntidoteDB中实现和集成它们，AntidoteDB是一个利用crdt进行操作的地理复制NoSQL数据库。基于丹麦共享药物记录数据集(FMK)的实验评估显示了我们不同建议的权衡，并表明它们已准备好用于实际应用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 22nd International Conference on Distributed Computing and Networking

自引率

0.00%

发文量