CryptSQLite: SQLite With High Data Security

CryptSQLite: SQLite With High Data Security

SQLite, one of the most popular light-weighted database system, has been widely used in various systems. However, the compact design of SQLite did not make enough consideration on user data security. Specifically, anyone who has obtained the access to the database file will be able to read or tamper...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on computers 2020-05, Vol.69 (5), p.666-678
Hauptverfasser: Wang, Yongzhi, Shen, Yulong, Su, Cuicui, Ma, Jiawen, Liu, Lingtong, Dong, Xuewen
Format: Artikel
Sprache:eng
Schlagworte:
authenticated encryption
Computer Science
Computer Science, Hardware & Architecture
Data integrity
Database security
Encryption
Engineering
Engineering, Electrical & Electronic
Engines
Integrity
intel SGX
Query languages
Science & Technology
Security
SQLite
Technology
trusted execution environment
Vegetation
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:SQLite, one of the most popular light-weighted database system, has been widely used in various systems. However, the compact design of SQLite did not make enough consideration on user data security. Specifically, anyone who has obtained the access to the database file will be able to read or tamper the data. Existing encryption-based solutions can only protect data on storage, while still exposing data when in computation. In this article, we combine the Trusted Execution Environment ( TEE ) technology and the authenticated encryption scheme, proposed and developed the CryptSQLite , a high security SQLite database system, which protects both the confidentiality and integrity of users' data. Our security analysis proves that CryptSQLite can protect data confidentiality and integrity. Our implementation and experiments indicate that CryptSQLite incurs an average of 21 percent of extra time for SQL statement executions, compared with traditional encryption-based solutions that failed to offer rigorous security guarantees.
ISSN:0018-9340
1557-9956
DOI:10.1109/TC.2019.2963303