Abstract: Deferred verification of the integrity of data operations over a set of data that is hosted at an untrusted module (UM) is controlled. The controlling includes generating a request for a data operation on the set of data. The request includes an authentication portion. The request is sent to the UM. A response to the request is received from the UM. The response includes cryptographic verification information attesting the integrity of the data operation with respect to prior data operations on the set of data. The response includes results from deferred verification at a trusted module (TM).

Abstract: Computer systems, devices, and associated methods of evaluating an expression comprising restricted data are disclosed herein. In one embodiment, a method includes receiving a database statement from a client application and verifying the authenticity of the database statement. If the database statement is authentic, an approved expression is identified in the database statement for creating an evaluation rule. The method further includes restricting evaluation of expressions in a protected computing environment according to the created evaluation rule.

Abstract: Computer systems, devices, and associated methods of optimizing the execution of instructions of a database statement by a database server are disclosed herein. In one embodiment, a method includes identifying a potential execution plan for executing instructions of the database statement and estimating a cost for executing the execution plan. The cost can comprise an encrypted data processing cost associated with a operation in the execution plan of executing an operation on encrypted data in a protected computing environment. The method can include estimating the encrypted data processing cost in the protected computing environment based on statistics generated in the protected computing environment about a database table. In response to estimating the cost for executing the execution plan, comparing the cost to estimated costs of alternative execution plans, selecting the lowest-cost plan for execution, and executing the lowest-cost execution plan.

Abstract: A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.

Abstract: Deferred verification of the integrity of data operations over a set of data that is hosted at an untrusted module (UM) is controlled. The controlling includes generating a request for a data operation on the set of data. The request includes an authentication portion. The request is sent to the UM. A response to the request is received from the UM. The response includes cryptographic verification information attesting the integrity of the data operation with respect to prior data operations on the set of data. The response includes results from deferred verification at a trusted module (TM).

Abstract: Deferred verification of the integrity of data operations over a set of data that is hosted at an untrusted module (UM) is controlled. The controlling includes generating a request for a data operation on the set of data. The request includes an authentication portion. The request is sent to the UM. A response to the request is received from the UM. The response includes cryptographic verification information attesting the integrity of the data operation with respect to prior data operations on the set of data. The response includes results from deferred verification at a trusted module (TM).

Abstract: A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.

Abstract: Computer systems, devices, and associated methods of optimizing the execution of instructions of a database statement by a database server are disclosed herein. In one embodiment, a method includes identifying a potential execution plan for executing instructions of the database statement and estimating a cost for executing the execution plan. The cost can comprise an encrypted data processing cost associated with a operation in the execution plan of executing an operation on encrypted data in a protected computing environment. The method can include estimating the encrypted data processing cost in the protected computing environment based on statistics generated in the protected computing environment about a database table. In response to estimating the cost for executing the execution plan, comparing the cost to estimated costs of alternative execution plans, selecting the lowest-cost plan for execution, and executing the lowest-cost execution plan.

Abstract: Computer systems, devices, and associated methods of evaluating an expression comprising restricted data are disclosed herein. In one embodiment, a method includes receiving a database statement from a client application and verifying the authenticity of the database statement. If the database statement is authentic, an approved expression is identified in the database statement for creating an evaluation rule. The method further includes restricting evaluation of expressions in a protected computing environment according to the created evaluation rule.

Abstract: A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.

Abstract: Deferred verification of the integrity of data operations over a set of data that is hosted at an untrusted module (UM) is controlled. The controlling includes generating a request for a data operation on the set of data. The request includes an authentication portion. The request is sent to the UM. A response to the request is received from the UM. The response includes cryptographic verification information attesting the integrity of the data operation with respect to prior data operations on the set of data. The response includes results from deferred verification at a trusted module (TM).

Abstract: To protect customer data and provide increased workflow security for processing requested by a customer, a secure communicational channel can be established between a customer and one or more hardware accelerators such that even processes executing on a host computing device hosting such hardware accelerators are excluded from the secure communicational channel. An encrypted bitstream is provided to hardware accelerators and the hardware accelerators obtain therefrom cryptographic information supporting the secure communicational channel with the customer. Such cryptographic information is stored and used exclusively from within the hardware accelerator, rendering it inaccessible to processes executing on a host computing device. The cryptographic information can be a shared secret, an appropriate one of a pair of cryptographic keys, or other like cryptographic information.

Abstract: A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.

Abstract: To protect customer data and provide increased workflow security for processing requested by a customer, a secure communicational channel can be established between a customer and one or more hardware accelerators such that even processes executing on a host computing device hosting such hardware accelerators are excluded from the secure communicational channel. An encrypted bitstream is provided to hardware accelerators and the hardware accelerators obtain therefrom cryptographic information supporting the secure communicational channel with the customer. Such cryptographic information is stored and used exclusively from within the hardware accelerator, rendering it inaccessible to processes executing on a host computing device. The cryptographic information can be a shared secret, an appropriate one of a pair of cryptographic keys, or other like cryptographic information.

Abstract: An intrusion detection system disclosed herein includes a detector circuit that measures a change in value of impedance of an interconnection circuitry. A decoder coupled to the detector decodes the measured value of the change in the impedance of the interconnection circuitry to determine existence of an abnormal condition. In an example implementation of the intrusion detection system, the change in the value of the impedance of the interconnection circuitry is represented by a change in the phase delay on the interconnection circuitry. An implementation of the intrusion detection circuit terminates communication using the interconnection circuitry upon detection of the abnormal condition. The intrusion detection system is further configured to interpret the abnormal condition as a communication signal to the interconnection circuitry.

Abstract: The subject disclosure is directed towards using trusted hardware to achieve secure data processing over a network. For a given set of data store operations, some operations are directed to sensitive data (e.g., encrypted data fields). These operations are compiled into a set of expressions invoking trusted hardware code configured to evaluate these expressions using corresponding data centric primitive programs. Because the trusted hardware is configured to maintain key data for encrypting/decrypting the sensitive data, the sensitive data is not accessible by an untrusted component while the sensitive data is decrypted.

Abstract: A side channel communications system disclosed herein includes a receiver device with an internal circuitry where the operational speed of the internal circuitry changes in response to an external signal. When the receiver device receives an external signal, the operational speed of the internal circuitry changes. A detector detects the change in the operational speed of the internal circuitry to generate an output value, which is decoded to determine the information communicated by the external signal. In one implementation of the side channel communications system, the external transmitter communicates the external signal in the form of a temperature signal. Alternatively, the external transmitter communicates the external signal in the form of a change in the supply voltage.

Abstract: An intrusion detection system disclosed herein includes a detector circuit that measures a change in value of impedance of an interconnection circuitry. A decoder coupled to the detector decodes the measured value of the change in the impedance of the interconnection circuitry to determine existence of an abnormal condition. In an example implementation of the intrusion detection system, the change in the value of the impedance of the interconnection circuitry is represented by a change in the phase delay on the interconnection circuitry. An implementation of the intrusion detection circuit terminates communication using the interconnection circuitry upon detection of the abnormal condition. The intrusion detection system is further configured to interpret the abnormal condition as a communication signal to the interconnection circuitry.