Ensuring Private Access to Large-Scale Data in the Data Center

Jay Lorch


Recent events have shown online service providers the perils of possessing private information about users. Encrypting data mitigates but does not eliminate this threat: the pattern of data accesses still reveals information. Thus, this talk will present Shroud, a general storage system that hides data access patterns from the servers running it, protecting user privacy. Shroud functions as a virtual disk with a new privacy guarantee: the user can look up a block without revealing the block's address. Such a virtual disk can be used for many purposes, including map lookup, microblog search, and social networking. Shroud aggressively targets hiding accesses among hundreds of terabytes of data. We achieve our goals by adapting oblivious RAM algorithms to enable large-scale parallelization. Specifically, we show, via new techniques such as oblivious aggregation, how to securely use many inexpensive secure coprocessors acting in parallel to improve request latency. Our evaluation combines large-scale emulation with an implementation on secure coprocessors and suggests that these adaptations bring private data access closer to practicality.


Jacob R. Lorch has been a Researcher at Microsoft Research in Redmond, WA for the last eleven years. Before that, he received his Ph.D. in Computer Science from UC Berkeley in 2001 under the supervision of Alan Jay Smith. Jacob's research focuses broadly on computer systems, with particular emphasis on distributed systems, web security, cloud computing, and energy management. In recent work, he has developed TrInc (NSDI 2009), a simple piece of trusted hardware useful in securing a variety of distributed systems; Memoir (IEEE S&P 2011), a framework for building stateful, crash-resilient trusted modules; and GreenUp (NSDI 2012), a decentralized system for maintaining the availability of machines while letting them save energy by sleeping. His current work includes protecting user privacy when using online services and simplifying the construction and deployment of fault-tolerant systems.

Time and Place

Tuesday, February 12, 2013, 4:30pm
Gates 463A