Category: Research

Presentation at the Modellierung 2018 Conference

“Towards a run-time model for data protection in the cloud” – this was the title of the presentation given by Dr. Zoltan Mann from paluno (The Ruhr Institute for Software Technology) of the University of Duisburg-Essen at the Modellierung 2018 conference (https://modellierung2018.wordpress.com/) in Braunschweig.   Modellierung has been organized by the German Informatics Society (Gesellschaft […]

Implementation of the First Version of the Data Gatekeeper

The Data Life Cycle is the sequence of stages that a unit of data goes through from its creation to its deletion. The Data Life Cycle specifies 4 operations on data, namely Create, Read, Update and Delete. The Data Life Cycle management is a crucial requirement for businesses that handle personal data. When these businesses […]

RestAssured Project Collaboration with UC Berkeley RISELab

The RestAssured platform aims to create a secure environment for processing highly sensitive data, with strict consent-based rules governing access to personal data, and with pro-active risk analysis and adaptation.   As part of IBM’s work on RestAssured, we have identified the Opaque open source technology, being developed by the UC Berkeley RISELab team, as […]

Impressions of Intel® SGX performance

Intel® SGX enclaves provide hardware enforced confidentially and integrity guarantees for running computations. This is achieved mainly by encrypting all information as it leaves the CPU, effectively shielding data in the memory from external observers.   But what is the overhead of running computations inside an enclave? One would expect some overheads due to the […]

Test Driving Spark SQL with Intel SGX on Encrypted Data

Protecting sensitive business and personal information is a central requirement when enterprises move to the cloud. Many aspects of this requirement are already handled at various levels. Data-at-rest can be secured in cloud stores by encrypting it before storage, while data-in-flight is transmitted on protected channels such as TLS and HTTPS. Data-in-use, processed in cloud […]