BigSecret: A Secure Data Management Framework for Key-Value Stores

Data storage is one of the most popular cloud services, and is therefore offered by most service providers. Among the various cloud based data storage services, key-value stores has emerged as a popular option for storing and retrieving billions of key-value pairs. Although using such cloud based key-value store services could generate many benefits, companies are reluctant to utilize such services due to security concerns. For example, if keys are used to represent social security numbers of health insurance customers, and values are their medical claim details, then outsourcing such key-value pairs to a public cloud could create significant privacy and security risks. To mitigate such risks, we propose BigSecret, a framework that enables secure outsourcing and processing of encrypted data over public key-value stores. Furthermore, our proposed framework could automatically make use of multiple cloud providers, including existing private clouds, to securely distribute data and workloads for improving efficiency and performance. Our experiments show that efficient and secure processing over outsourced encrypted data residing in key-value stores is possible with a minor overhead in most cases. In addition, we show that BigSecret's data and workload distribution algorithm can lead to major performance gains in a multi-cloud setting.