Portal de Periódicos da CAPES

CryptSQLite: SQLite With High Data Security

2019; Institute of Electrical and Electronics Engineers; Volume: 69; Issue: 5 Linguagem: Inglês

10.1109/tc.2019.2963303

2326-3814

Yongzhi Wang, Yulong Shen, Cuicui Su, Jiawen Ma, Lingtong Liu, Xuewen Dong,

Distributed systems and fault tolerance

SQLite, one of the most popular light-weighted database system, has been widely used in various systems. However, the compact design of SQLite did not make enough consideration on user data security. Specifically, anyone who has obtained the access to the database file will be able to read or tamper the data. Existing encryption-based solutions can only protect data on storage, while still exposing data when in computation. In this article, we combine the Trusted Execution Environment(TEE) technology and the authenticated encryption scheme, proposed and developed the CryptSQLite, a high security SQLite database system, which protects both the confidentiality and integrity of users' data. Our security analysis proves that CryptSQLite can protect data confidentiality and integrity. Our implementation and experiments indicate that CryptSQLite incurs an average of 21 percent of extra time for SQL statement executions, compared with traditional encryption-based solutions that failed to offer rigorous security guarantees.