A “Database Confidentiality System” provides various techniques for using server-side trusted computing in combination with configurable type metadata and user- or system-definable rules associated with individual database fields to implement database confidentiality. In various implementations, type metadata and one or more rules are added to each database field. Metadata includes a domain, method of encryption, and a pointer to an encryption key used to encrypt the data in the corresponding field. The rules define one or more operations allowed on the corresponding data types. The type metadata and rules are optionally integrity protected and/or encrypted to avoid unauthorized changes or access. Various encryption techniques (e.g., probabilistic, Paillier, etc.) allow some computations to be performed in an untrusted environment without access to the encryption key. This enables the Database Confidentiality System to maintain database confidentiality while performing distributed computation and communications between the untrusted machine and the trusted machine.