HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

On the Trade-Offs of Combining Multiple Secure Processing Primitives for Data Analytics

Abstract : Cloud Computing services for data analytics are increasingly being sought by companies to extract value from large quantities of information. However, processing data from individuals and companies in third-party infrastructures raises several privacy concerns. To this end, different secure analytics techniques and systems have recently emerged. These initial proposals leverage specific cryptographic primitives lacking generality and thus having their application restricted to particular application scenarios. In this work, we contribute to this thriving body of knowledge by combining two complementary approaches to process sensitive data.We present SafeSpark, a secure data analytics framework that enables the combination of different cryptographic processing techniques with hardware-based protected environments for privacy-preserving data storage and processing. SafeSpark is modular and extensible therefore adapting to data analytics applications with different performance, security and functionality requirements.We have implemented a SafeSpark’s prototype based on Spark SQL and Intel SGX hardware. It has been evaluated with the TPC-DS Benchmark under three scenarios using different cryptographic primitives and secure hardware configurations. These scenarios provide a particular set of security guarantees and yield distinct performance impact, with overheads ranging from as low as 10% to an acceptable 300% when compared to an insecure vanilla deployment of Apache Spark.
Complete list of metadata

Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, May 10, 2021 - 5:41:13 PM
Last modification on : Tuesday, May 3, 2022 - 5:52:02 PM
Long-term archiving on: : Wednesday, August 11, 2021 - 8:07:22 PM


 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document


Distributed under a Creative Commons Attribution 4.0 International License



Hugo Carvalho, Daniel Cruz, Rogério Pontes, João Paulo, Rui Oliveira. On the Trade-Offs of Combining Multiple Secure Processing Primitives for Data Analytics. 20th IFIP International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2020, Valletta, Malta. pp.3-20, ⟨10.1007/978-3-030-50323-9_1⟩. ⟨hal-03223252⟩



Record views