TY - GEN
T1 - Secure Conflict-free Replicated Data Types
AU - Barbosa, Manuel
AU - Ferreira, Bernardo
AU - Marques, João
AU - Portela, Bernardo
AU - Preguiça, Nuno
N1 - Funding Information:
This work was supported by FCT/MCTES through project HADES (PTDC/CCI-INF/31698/2017) and the NOVA LINCS (UIDB/04516/2020) and LASIGE Research Units (UIDB/00408/2020 & UIDP/00408/2020).
Publisher Copyright:
© 2021 ACM.
PY - 2021/1/5
Y1 - 2021/1/5
N2 - Conflict-free Replicated Data Types (CRDTs) are abstract data types that support developers when designing and reasoning about distributed systems with eventual consistency guarantees. In their core they solve the problem of how to deal with concurrent operations, in a way that is transparent for developers. However in the real world, distributed systems also suffer from other relevant problems, including security and privacy issues and especially when participants can be untrusted. In this paper we present new privacy-preserving CRDT protocols that can be used to help secure distributed cloud-backed applications, including NoSQL geo-replicated databases. Our proposals are based on standard CRDTs, such as sets and counters, augmented with cryptographic mechanisms that allow their operations to be performed on encrypted data. We accompany our proposals with formal security proofs and implement and integrate them in AntidoteDB, a geo-replicated NoSQL database that leverages CRDTs for its operations. Experimental evaluations based on the Danish Shared Medication Record dataset (FMK) exhibit the tradeoffs that our different proposals make and show that they are ready to be used in practical applications.
AB - Conflict-free Replicated Data Types (CRDTs) are abstract data types that support developers when designing and reasoning about distributed systems with eventual consistency guarantees. In their core they solve the problem of how to deal with concurrent operations, in a way that is transparent for developers. However in the real world, distributed systems also suffer from other relevant problems, including security and privacy issues and especially when participants can be untrusted. In this paper we present new privacy-preserving CRDT protocols that can be used to help secure distributed cloud-backed applications, including NoSQL geo-replicated databases. Our proposals are based on standard CRDTs, such as sets and counters, augmented with cryptographic mechanisms that allow their operations to be performed on encrypted data. We accompany our proposals with formal security proofs and implement and integrate them in AntidoteDB, a geo-replicated NoSQL database that leverages CRDTs for its operations. Experimental evaluations based on the Danish Shared Medication Record dataset (FMK) exhibit the tradeoffs that our different proposals make and show that they are ready to be used in practical applications.
KW - Cloud Computing
KW - Distributed Systems
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85098724779&partnerID=8YFLogxK
U2 - 10.1145/3427796.3427831
DO - 10.1145/3427796.3427831
M3 - Conference contribution
AN - SCOPUS:85098724779
T3 - ACM International Conference Proceeding Series
SP - 146
EP - 155
BT - ICDCN 2021 - Proceedings of the 2021 International Conference on Distributed Computing and Networking
PB - ACM - Association for Computing Machinery
T2 - 22nd International Conference on Distributed Computing and Networking, ICDCN 2021
Y2 - 5 January 2021 through 8 January 2021
ER -