Opaque: Secure Apache Spark SQL

Wenting Zheng blog, Security, Systems

As enterprises move to cloud-based analytics, the risk of cloud security breaches poses a serious threat. Encrypting data at rest and in transit is a major first step. However, data must still be decrypted in memory for processing, exposing it to any attacker who can observe memory contents. This is a challenging problem because security usually implies a tradeoff between performance and functionality. Cryptographic approaches like fully homomorphic encryption provide full functionality to a system, but are extremely slow. Systems like CryptDB utilize lighter cryptographic primitives to provide a practical database, but are limited in functionality. Recent developments in trusted hardware enclaves (such as Intel SGX) provide a much needed alternative. These hardware enclaves provide hardware-enforced shielded execution that allows…

Wenting Zheng is Awarded the 2017-18 IBM PhD Fellowship

Joseph Gonzalez Crypto, News, Security

Wenting Zheng was awarded the prestigious IBM PhD Fellowship for her work on  security and distributed systems. Wenting is actively studying new methods for scalable secure analytics, multi-party computation for machine learning, and distributed zero knowledge proofs.  The IBM Ph.D. fellowship is an “intensely competitive worldwide program that honors exceptional Ph.D. students who have an interest in solving problems that are important to IBM and fundamental to innovation in many academic disciplines and areas of study.” Only 50 fellowships are awarded worldwide annually.