{"id":"https://openalex.org/W4380433191","doi":"https://doi.org/10.1145/3588943","title":"RLS Side Channels: Investigating Leakage of Row-Level Security Protected Data Through Query Execution Time","display_name":"RLS Side Channels: Investigating Leakage of Row-Level Security Protected Data Through Query Execution Time","publication_year":2023,"publication_date":"2023-05-26","ids":{"openalex":"https://openalex.org/W4380433191","doi":"https://doi.org/10.1145/3588943"},"language":"en","primary_location":{"id":"doi:10.1145/3588943","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3588943","pdf_url":null,"source":{"id":"https://openalex.org/S4387289859","display_name":"Proceedings of the ACM on Management of Data","issn_l":"2836-6573","issn":["2836-6573"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Management of Data","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092150591","display_name":"Chen Dar","orcid":"https://orcid.org/0009-0007-2781-9883"},"institutions":[{"id":"https://openalex.org/I16391192","display_name":"Tel Aviv University","ror":"https://ror.org/04mhzgx49","country_code":"IL","type":"education","lineage":["https://openalex.org/I16391192"]}],"countries":["IL"],"is_corresponding":true,"raw_author_name":"Chen Dar","raw_affiliation_strings":["Tel Aviv University, Tel Aviv, Israel"],"raw_orcid":"https://orcid.org/0009-0007-2781-9883","affiliations":[{"raw_affiliation_string":"Tel Aviv University, Tel Aviv, Israel","institution_ids":["https://openalex.org/I16391192"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001422326","display_name":"Moshik Hershcovitch","orcid":"https://orcid.org/0000-0002-4826-4174"},"institutions":[{"id":"https://openalex.org/I16391192","display_name":"Tel Aviv University","ror":"https://ror.org/04mhzgx49","country_code":"IL","type":"education","lineage":["https://openalex.org/I16391192"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Moshik Hershcovitch","raw_affiliation_strings":["Tel Aviv University, Tel Aviv, Israel"],"raw_orcid":"https://orcid.org/0000-0002-4826-4174","affiliations":[{"raw_affiliation_string":"Tel Aviv University, Tel Aviv, Israel","institution_ids":["https://openalex.org/I16391192"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101431627","display_name":"Adam Morrison","orcid":"https://orcid.org/0000-0002-5586-2615"},"institutions":[{"id":"https://openalex.org/I16391192","display_name":"Tel Aviv University","ror":"https://ror.org/04mhzgx49","country_code":"IL","type":"education","lineage":["https://openalex.org/I16391192"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Adam Morrison","raw_affiliation_strings":["Tel Aviv University, Tel Aviv, Israel"],"raw_orcid":"https://orcid.org/0000-0002-5586-2615","affiliations":[{"raw_affiliation_string":"Tel Aviv University, Tel Aviv, Israel","institution_ids":["https://openalex.org/I16391192"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5092150591"],"corresponding_institution_ids":["https://openalex.org/I16391192"],"apc_list":null,"apc_paid":null,"fwci":0.6751,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.74658681,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"1","issue":"1","first_page":"1","last_page":"25"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.879387378692627},{"id":"https://openalex.org/keywords/sql","display_name":"SQL","score":0.5935894846916199},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.4739121198654175},{"id":"https://openalex.org/keywords/relational-database-management-system","display_name":"Relational database management system","score":0.45945459604263306},{"id":"https://openalex.org/keywords/relational-database","display_name":"Relational database","score":0.43817493319511414},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.34041857719421387},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.33816206455230713}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.879387378692627},{"id":"https://openalex.org/C510870499","wikidata":"https://www.wikidata.org/wiki/Q47607","display_name":"SQL","level":2,"score":0.5935894846916199},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.4739121198654175},{"id":"https://openalex.org/C24394798","wikidata":"https://www.wikidata.org/wiki/Q192588","display_name":"Relational database management system","level":3,"score":0.45945459604263306},{"id":"https://openalex.org/C5655090","wikidata":"https://www.wikidata.org/wiki/Q192588","display_name":"Relational database","level":2,"score":0.43817493319511414},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.34041857719421387},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.33816206455230713}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3588943","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3588943","pdf_url":null,"source":{"id":"https://openalex.org/S4387289859","display_name":"Proceedings of the ACM on Management of Data","issn_l":"2836-6573","issn":["2836-6573"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Management of Data","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6100000143051147}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":6,"referenced_works":["https://openalex.org/W2147694198","https://openalex.org/W2678698279","https://openalex.org/W2795256704","https://openalex.org/W2982401473","https://openalex.org/W2986992030","https://openalex.org/W3131094971"],"related_works":["https://openalex.org/W1982455124","https://openalex.org/W2505630977","https://openalex.org/W1497653608","https://openalex.org/W4385585331","https://openalex.org/W2383709723","https://openalex.org/W2015932315","https://openalex.org/W2573939812","https://openalex.org/W1567213510","https://openalex.org/W1575529579","https://openalex.org/W3022423983"],"abstract_inverted_index":{"Many":[0],"modern":[1],"use":[2],"cases":[3],"of":[4,67,191,211],"relational":[5,18],"databases":[6],"involve":[7],"multi-tenancy.":[8],"To":[9,176,207],"allow":[10],"a":[11,72,119,140,150,184,218],"tenant":[12,38,51,97],"to":[13,40,55,116,125],"only":[14],"access":[15,30],"its":[16],"data,":[17,65],"database":[19,34,162],"systems":[20],"(RDBMSs)":[21],"introduced":[22],"row-level":[23],"security":[24,246],"(RLS).":[25],"RLS":[26,43,59,85,179,212],"enables":[27],"specifying":[28],"per-row":[29],"controls,":[31],"which":[32,225],"the":[33,50,95,144,170,178,189,197,201,209],"enforces":[35],"by":[36,200,229],"rewriting":[37],"queries":[39,61,115],"add":[41],"an":[42,110,129],"policy":[44],"filter":[45],"that":[46,74,94,104,220,243],"filters":[47],"out":[48],"rows":[49,93],"is":[52,98],"not":[53,123,227],"allowed":[54],"view.":[56],"Unfortunately,":[57],"while":[58],"blocks":[60],"from":[62,100,166],"returning":[63],"unauthorized":[64],"side-effects":[66],"query":[68,86,186],"execution":[69,87],"can":[70,89,112],"form":[71],"side-channel":[73],"leaks":[75],"information":[76,91],"about":[77,92],"such":[78,139,232],"secret":[79],"data.":[80],"This":[81],"paper":[82],"investigates":[83],"how":[84,136],"time":[88,180],"leak":[90],"querying":[96],"restricted":[99],"viewing.":[101],"We":[102,194,235],"show":[103,242],"in":[105,128,133,143,149,169,239],"PostgreSQL":[106,158,240],"and":[107,132,159,172,214,223,241],"SQL":[108,160],"Server,":[109],"attacker":[111],"craft":[113],"index-using":[114],"learn":[117],"whether":[118],"value":[120,141],"they":[121],"are":[122,226],"authorized":[124],"view":[126],"exists":[127,142],"RLS-protected":[130],"table,":[131],"some":[134],"cases,":[135],"many":[137],"times":[138],"table.":[145],"Our":[146],"attack":[147,156],"succeeds":[148],"realistic":[151],"cloud":[152],"setting:":[153],"we":[154,182,216],"successfully":[155],"managed":[157],"Server":[161],"instances":[163],"on":[164],"AWS":[165],"virtual":[167],"machines":[168],"same":[171],"different":[173],"data":[174],"centers.":[175],"block":[177],"side-channel,":[181],"design":[183],"data-oblivious":[185,202],"scheme":[187],"for":[188,204],"case":[190],"unique":[192],"keys.":[193,206],"also":[195],"analyze":[196],"trade-offs":[198],"created":[199],"approach":[203],"non-unique":[205],"facilitate":[208],"evaluation":[210],"attacks":[213],"defenses,":[215],"introduce":[217],"benchmark":[219],"supports":[221],"multi-tenancy":[222],"RLS,":[224],"supported":[228],"established":[230],"benchmarks":[231],"as":[233],"YCSB.":[234],"implement":[236],"our":[237],"solution":[238],"it":[244],"achieves":[245],"with":[247],"minimal":[248],"performance":[249],"impact.":[250]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2024,"cited_by_count":2}],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2025-10-10T00:00:00"}