skip to main content
10.1145/3140368.3140377acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
invited-talk
Public Access

Secure IoT Stream Data Management and Analytics with Intel SGX

Published: 03 November 2017 Publication History

Abstract

Data streams from numerous Internet of Things (IoT) devices, such as medical, home and personal systems, may contain sensitive and confidential information that may need protection against attacks from external adversaries. Beyond addressing challenges in accuracy, space and time, an algorithm designer needs to be aware of perils posed by naive algorithmic implementations under an adversarial setting. Data privacy is threatened mainly due to data sharing.
IoT devices may communicate with each other for enhanced services. An adversary observing data communication can infer secret information. (E.g., man-in-the-middle attack on data transferred within a compromised home system).
Since many devices (e.g., personal health monitoring systems) have low hardware resources, data stream analytics may be processed on a third-party server (e.g., a cloud service). An adversary controlling the server may obtain sensitive information.
Though data encryption can conceal sensitive data from an adversary observing data communication, it is challenging to protect data privacy from a more powerful adversary who may have control over the third-party server used for analytics.
Adaptation of generic ORAM (Oblivious RAM) techniques to perform analytics over encrypted data could be computationally expensive, and would annihilate efforts to reduce training and prediction time. Moreover, privacy-preserving techniques may negatively affect performance (e.g., accuracy). Instead, recent developments in hardware-based trusted computing platforms, such as Intel SGX, can be leveraged for data stream mining when data containing sensitive information is involved. These platforms enable a Trusted Execution Environment (TEE) where code and data are encrypted and can be decrypted within the environment by the CPU. By performing IoT stream analytics within such a trusted computing environment, data privacy and security can be assured to its users. In this talk, we will introduce methods to secure systems that perform data analysis on IoT data streams within a TEE.
Recent studies have shown that a powerful adversary may still be able to infer private information from side channels such as memory access, cache access, CPU usage and other timing channels, thereby threatening data and user privacy. Since a TEE uses shared resources, sensitive information from standard algorithmic design patterns can be inferred by the adversary. The main challenge is to reduce information leak through side-channels and effectively utilize the secure computational environment for IoT data stream analytics. In this talk we will describe a set of techniques that can reduce side-channel information leak while minimizing the computational overhead when performing query processing over IoT data streams.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SafeConfig '17: Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense
November 2017
46 pages
ISBN:9781450352031
DOI:10.1145/3140368
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2017

Check for updates

Author Tags

  1. privacy
  2. security
  3. sgx
  4. trusted computing

Qualifiers

  • Invited-talk

Funding Sources

Conference

CCS '17
Sponsor:

Acceptance Rates

SafeConfig '17 Paper Acceptance Rate 5 of 10 submissions, 50%;
Overall Acceptance Rate 22 of 61 submissions, 36%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 346
    Total Downloads
  • Downloads (Last 12 months)67
  • Downloads (Last 6 weeks)10
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media