{"title":"一个实用的基于TEE和客户端网关的遗忘云存储系统","authors":"Wensheng Zhang","doi":"10.1109/PST52912.2021.9647827","DOIUrl":null,"url":null,"abstract":"In this paper, we propose a new oblivious cloud storage system, which is more efficient and scalable than existing schemes due to the combined leverage of SGX-based trusted execution environment (TEE) at the cloud server side and the moderate storage space at the client side. The TEE is employed to securely implement functionalities of ORAM model in the server without tightly involving the clients. Meanwhile, the storage at the client side is utilized to store metadata and recently/frequently accessed data, which facilitates the client to remotely determine the strategies for data query/eviction and to reduce the frequency of directly accessing data from the server. The evaluation results show that, when the size of outsourced data is 1-20 GB and the block size is 1-8KB, the data access throughput between 320 KB/s and 640 KB/s can be attained, and the average query latency for each block is only 2.26–12.80 ms.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Practical Oblivious Cloud Storage System based on TEE and Client Gateway\",\"authors\":\"Wensheng Zhang\",\"doi\":\"10.1109/PST52912.2021.9647827\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we propose a new oblivious cloud storage system, which is more efficient and scalable than existing schemes due to the combined leverage of SGX-based trusted execution environment (TEE) at the cloud server side and the moderate storage space at the client side. The TEE is employed to securely implement functionalities of ORAM model in the server without tightly involving the clients. Meanwhile, the storage at the client side is utilized to store metadata and recently/frequently accessed data, which facilitates the client to remotely determine the strategies for data query/eviction and to reduce the frequency of directly accessing data from the server. The evaluation results show that, when the size of outsourced data is 1-20 GB and the block size is 1-8KB, the data access throughput between 320 KB/s and 640 KB/s can be attained, and the average query latency for each block is only 2.26–12.80 ms.\",\"PeriodicalId\":144610,\"journal\":{\"name\":\"2021 18th International Conference on Privacy, Security and Trust (PST)\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 18th International Conference on Privacy, Security and Trust (PST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PST52912.2021.9647827\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 18th International Conference on Privacy, Security and Trust (PST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PST52912.2021.9647827","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Practical Oblivious Cloud Storage System based on TEE and Client Gateway
In this paper, we propose a new oblivious cloud storage system, which is more efficient and scalable than existing schemes due to the combined leverage of SGX-based trusted execution environment (TEE) at the cloud server side and the moderate storage space at the client side. The TEE is employed to securely implement functionalities of ORAM model in the server without tightly involving the clients. Meanwhile, the storage at the client side is utilized to store metadata and recently/frequently accessed data, which facilitates the client to remotely determine the strategies for data query/eviction and to reduce the frequency of directly accessing data from the server. The evaluation results show that, when the size of outsourced data is 1-20 GB and the block size is 1-8KB, the data access throughput between 320 KB/s and 640 KB/s can be attained, and the average query latency for each block is only 2.26–12.80 ms.