Reading List: Confidential Computing in DBMS

How to use this reading list?

This list is designed to help to start with confidential computing in database systems.  The topics are meant to take you from the general concepts to deep technical knowledge and state-of-the-art research.

The list is not exhaustive; it is only meant to help you to take off. There are many more interesting works to read.

It will, hopefully, evolve over time. 

Confidential Computing

• Confidetial Computing: Hardware-Based Trusted Execution for Applications and Data
• A Technical Analysis of Confidential Computing v1.1
• Toward Confidential Cloud Computing: Extending hardware-enforced cryptographic protection to data while in use
• Enclaves in the Clouds: Legal considerations and broader implications

Encrypted Databases

• Encrypted Databases: From Theory to Systems
• Integrity-based Attacks for Encrypted Databases and Implications

CPU Basics

• What Every Programmer Should Know About Memory
• What You Must Know about Memory, Caches, and Shared Memory

Understanding TEEs (Intel SGX)

• Overview of Intel SGX - Part 1, SGX Internals
• Intel SGX Explained
• A Memory Encryption Engine Suitable for General Purpose Processors
• VAULT: Reducing Paging Overheads in SGX with Efficient Integrity Verification Structures
• How to measure enclave’s memory consumption on Intel SGX
• Intel SGX Developer Guide

Systems Papers using TEEs

• Building Enclave-Native Storage Engines for Practical Encrypted Databases
• Azure SQL Database Always Encrypted
• ObliDB: oblivious query processing for secure databases
• Opaque: An Oblivious and Encrypted Distributed Analytics Platform
• Aria: Tolerating Skewed Workloads in Secure In-memory Key-value Stores